www.allsgpromo.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kfcdelivery.com.sg/
Effective URL:
https://www.allsgpromo.com/kfc-promo-menu-delivery/
Submission: On April 08 via automatic, source certstream-suspicious (April 8th 2022, 10:24:45 am UTC) — Scanned from DE

Summary HTTP 490 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 78 IPs in 13 countries across 76 domains to perform 490 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.allsgpromo.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 11th 2021. Valid for: a year.

This is the only time www.allsgpromo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.213.176.211 35.213.176.211	15169 (GOOGLE) (GOOGLE)
121	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.77.9.191 52.77.9.191	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2016	15169 (GOOGLE) (GOOGLE)
1	143.204.98.73 143.204.98.73	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:215... 2600:9000:2156:7e00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.127.31.227 3.127.31.227	16509 (AMAZON-02) (AMAZON-02)
16	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	81.17.55.99 81.17.55.99	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	54.155.81.83 54.155.81.83	16509 (AMAZON-02) (AMAZON-02)
1	23.32.59.34 23.32.59.34	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 12	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	143.204.98.52 143.204.98.52	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:203... 2600:9000:2038:7c00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
20	143.204.98.115 143.204.98.115	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	3.123.205.63 3.123.205.63	16509 (AMAZON-02) (AMAZON-02)
4 50	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
5	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
5	213.227.153.223 213.227.153.223	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
2	2a00:1450:401... 2a00:1450:4017:80b::2003	15169 (GOOGLE) (GOOGLE)
1	66.102.1.154 66.102.1.154	15169 (GOOGLE) (GOOGLE)
5 6	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
5 39	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 2	2600:9000:215... 2600:9000:2156:8400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1 3	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 3	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
3 3	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 5	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
4	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:a::9	15169 (GOOGLE) (GOOGLE)
4 4	3.122.208.3 3.122.208.3	16509 (AMAZON-02) (AMAZON-02)
2 5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
4 5	3.121.30.106 3.121.30.106	16509 (AMAZON-02) (AMAZON-02)
2 4	2a05:d018:d29... 2a05:d018:d29:3601:4405:fc16:ad1d:f00e	16509 (AMAZON-02) (AMAZON-02)
3 4	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
4 4	54.216.37.155 54.216.37.155	16509 (AMAZON-02) (AMAZON-02)
5 6	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
4 4	3.126.87.72 3.126.87.72	16509 (AMAZON-02) (AMAZON-02)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
5 5	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	52.29.167.104 52.29.167.104	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:8701:aae2:1118:ca9	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 2	52.94.223.167 52.94.223.167	16509 (AMAZON-02) (AMAZON-02)
1 2	54.206.226.14 54.206.226.14	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	34.246.234.200 34.246.234.200	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.88.75.186 23.88.75.186	24940 (HETZNER-AS) (HETZNER-AS)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
2 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
2 2	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1 6	69.192.160.245 69.192.160.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
2	69.192.160.199 69.192.160.199	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.33.223.38 185.33.223.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
5	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
1 2	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	193.232.150.43 193.232.150.43	48061 (UMA-TECH-AS) (UMA-TECH-AS)
490	78

1 35.213.176.211 (Singapore, Singapore) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.176.213.35.bc.googleusercontent.com

kfcdelivery.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

121 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.allsgpromo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.77.9.191 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-9-191.ap-southeast-1.compute.amazonaws.com

www.kfc.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-73.fra50.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:7e00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.31.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-31-227.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 81.17.55.99 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.155.81.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-81-83.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adasia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.33.220.244 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-52.fra50.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2038:7c00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 143.204.98.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-115.fra50.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.123.205.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-205-63.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 13.248.245.213 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

widgets.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4017:80b::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 5 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 142.250.185.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:8400:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:16::1400 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
triplelift-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.50.137.184 (United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.118 (Rheinfelden, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.242 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:a::9 (Ireland)

ASN15169 (GOOGLE, US)

r4---sn-5hnekn7l.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.122.208.3 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-208-3.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.121.30.106 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-30-106.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:d29:3601:4405:fc16:ad1d:f00e (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 3 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (Leesburg, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.216.37.155 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-37-155.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.66.49 (United States) 5 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.87.72 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-87-72.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.29.132.245 (United Kingdom) 5 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.167.104 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-167-104.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:8701:aae2:1118:ca9 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.223.167 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.206.226.14 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-206-226-14.ap-southeast-2.compute.amazonaws.com

sasinator.realestate.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.10.30 (Poland) 2 redirects

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.234.200 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-234-200.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.186 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.75.88.23.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (United States) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (Utrecht, Netherlands) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.192.160.245 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-245.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.199 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-199.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.38 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.112.63 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.43 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
121	allsgpromo.com www.allsgpromo.com	2 MB
75	3lift.com 4 redirects ib.3lift.com — Cisco Umbrella Rank: 1160 tlx.3lift.com — Cisco Umbrella Rank: 569 eb2.3lift.com — Cisco Umbrella Rank: 400	471 KB
62	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 bid.g.doubleclick.net — Cisco Umbrella Rank: 500 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	313 KB
60	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128	555 KB
21	pubmatic.com 3 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 457 image6.pubmatic.com — Cisco Umbrella Rank: 622 ads.pubmatic.com — Cisco Umbrella Rank: 461 image2.pubmatic.com — Cisco Umbrella Rank: 898 simage2.pubmatic.com — Cisco Umbrella Rank: 620 image4.pubmatic.com — Cisco Umbrella Rank: 880 simage4.pubmatic.com — Cisco Umbrella Rank: 1174	31 KB
14	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 248 acdn.adnxs.com — Cisco Umbrella Rank: 597 secure.adnxs.com — Cisco Umbrella Rank: 438	24 KB
13	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	2 KB
12	gstatic.com fonts.gstatic.com csi.gstatic.com	246 KB
11	zemanta.com 1 redirects widgets.zemanta.com — Cisco Umbrella Rank: 9916 b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 23693 b1sync.zemanta.com — Cisco Umbrella Rank: 593	14 KB
9	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5091 buttons-config.sharethis.com — Cisco Umbrella Rank: 6017 l.sharethis.com — Cisco Umbrella Rank: 4704 count-server.sharethis.com — Cisco Umbrella Rank: 11694 platform-cdn.sharethis.com — Cisco Umbrella Rank: 12062	48 KB
7	everesttech.net 6 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 576 pixel.everesttech.net — Cisco Umbrella Rank: 3287	2 KB
6	quantserve.com 5 redirects cms.quantserve.com — Cisco Umbrella Rank: 1127 pixel.quantserve.com — Cisco Umbrella Rank: 423	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	217 KB
6	openx.net adasia-d.openx.net — Cisco Umbrella Rank: 43290 rtb.openx.net — Cisco Umbrella Rank: 1537 u.openx.net — Cisco Umbrella Rank: 709	1015 B
6	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1356	3 KB
5	mathtag.com 5 redirects sync.mathtag.com — Cisco Umbrella Rank: 445	3 KB
5	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 300	5 KB
5	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 289	3 KB
5	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 355	2 KB
5	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 577	2 KB
5	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 262 gcdn.2mdn.net — Cisco Umbrella Rank: 1008 r4---sn-5hnekn7l.c.2mdn.net — Cisco Umbrella Rank: 428850	2 MB
5	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 4162	87 KB
5	casalemedia.com 1 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 463 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 556 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575 dsum.casalemedia.com — Cisco Umbrella Rank: 1317	5 KB
5	smaato.net 2 redirects prebid.ad.smaato.net — Cisco Umbrella Rank: 3329 s.ad.smaato.net — Cisco Umbrella Rank: 746	2 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 383 mug.criteo.com — Cisco Umbrella Rank: 2668 dis.criteo.com — Cisco Umbrella Rank: 706	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 imasdk.googleapis.com — Cisco Umbrella Rank: 417	126 KB
4	mfadsrvr.com 4 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 866	3 KB
4	bidr.io 4 redirects match.prod.bidr.io — Cisco Umbrella Rank: 503	2 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 884	3 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 7579	1 KB
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1548	2 KB
3	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 825	1 KB
3	dotomi.com 1 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 2951 triplelift-match.dotomi.com — Cisco Umbrella Rank: 3548 casale-match.dotomi.com — Cisco Umbrella Rank: 3130	393 B
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 350	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	134 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	137 KB
3	kfc.com.sg www.kfc.com.sg	529 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 10466	872 B
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1718 mwzeom.zeotap.com — Cisco Umbrella Rank: 1566	921 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5130	637 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 723	2 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 542	691 B
2	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 578	797 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 824 s.tribalfusion.com — Cisco Umbrella Rank: 2497	1 KB
2	creativecdn.com 2 redirects us.creativecdn.com — Cisco Umbrella Rank: 2699	761 B
2	realestate.com.au 1 redirects sasinator.realestate.com.au — Cisco Umbrella Rank: 3832	1 KB
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 769	824 B
2	amazon-adsystem.com s.amazon-adsystem.com Failed aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1212	713 B
2	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 602	382 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1879	24 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	314 B
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	46 KB
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2962	398 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1005	99 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1157	654 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 868	513 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 919	44 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 985	211 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 831	380 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 21283	523 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1591	297 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 550	759 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 234	594 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 482	706 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 3276	173 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	247 B
1	anymind360.com anymind360.com — Cisco Umbrella Rank: 21111	133 KB
1	kfcdelivery.com.sg 1 redirects kfcdelivery.com.sg	262 B
0	storygize.net Failed www.storygize.net Failed
0	adentifi.com Failed rtb.adentifi.com Failed
0	getpublica.com Failed usersync.getpublica.com Failed
0	hgrtb.com Failed sync.hgrtb.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	ipredictive.com Failed sync.ipredictive.com Failed
0	netmng.com Failed google2waycm.netmng.com Failed
490	76

	Domain	Requested by
121	www.allsgpromo.com	www.allsgpromo.com
50	eb2.3lift.com	4 redirects 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com ib.3lift.com eb2.3lift.com
39	cm.g.doubleclick.net	5 redirects 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com eb2.3lift.com googleads.g.doubleclick.net ssum-sec.casalemedia.com
33	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com imasdk.googleapis.com www.allsgpromo.com googleads.g.doubleclick.net
20	ib.3lift.com	3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com ib.3lift.com
20	pagead2.googlesyndication.com	www.allsgpromo.com securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	securepubads.g.doubleclick.net	www.allsgpromo.com securepubads.g.doubleclick.net 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
12	ib.adnxs.com	5 redirects anymind360.com eb2.3lift.com acdn.adnxs.com
10	fonts.gstatic.com	fonts.googleapis.com
9	www.google.com	1 redirects tpc.googlesyndication.com 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com googleads.g.doubleclick.net
7	3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	simage2.pubmatic.com	ads.pubmatic.com
6	sync-tm.everesttech.net	5 redirects eb2.3lift.com
6	www.googletagservices.com	3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.allsgpromo.com googleads.g.doubleclick.net
6	prg.smartadserver.com	anymind360.com
5	image2.pubmatic.com	ads.pubmatic.com
5	sync.mathtag.com	5 redirects
5	x.bidswitch.net	4 redirects eb2.3lift.com
5	match.adsrvr.org	2 redirects 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com eb2.3lift.com ssum-sec.casalemedia.com
5	c1.adform.net	3 redirects eb2.3lift.com ads.pubmatic.com
5	cms.quantserve.com	4 redirects 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
5	zem.outbrainimg.com	3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com widgets.zemanta.com
5	b1t-eudc1.zemanta.com	3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
5	widgets.zemanta.com	ib.3lift.com
5	tlx.3lift.com	3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
5	platform-cdn.sharethis.com
4	rtb.mfadsrvr.com	4 redirects
4	match.prod.bidr.io	4 redirects
4	image6.pubmatic.com	3 redirects ads.pubmatic.com
4	pr-bh.ybp.yahoo.com	2 redirects ssum-sec.casalemedia.com ads.pubmatic.com
4	pm.w55c.net	4 redirects
4	rtb.openx.net	3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	dsp.adfarm1.adition.com	3 redirects
3	um.simpli.fi	2 redirects ads.pubmatic.com
3	pixel.rubiconproject.com	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	prebid.ad.smaato.net	anymind360.com
3	connect.facebook.net	www.allsgpromo.com connect.facebook.net
3	fonts.googleapis.com	www.allsgpromo.com 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
3	www.googletagmanager.com	www.allsgpromo.com www.googletagmanager.com
3	www.kfc.com.sg	www.allsgpromo.com
2	px.adhigh.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
2	ads.pubmatic.com	anymind360.com ads.pubmatic.com
2	js-sec.indexww.com	anymind360.com ssum-sec.casalemedia.com
2	sync.1rx.io	2 redirects
2	bh.contextweb.com	2 redirects
2	us.creativecdn.com	2 redirects
2	sasinator.realestate.com.au	1 redirects eb2.3lift.com
2	aax-eu.amazon-adsystem.com	1 redirects eb2.3lift.com
2	ad.turn.com	2 redirects
2	pixel-sync.sitescout.com	3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com eb2.3lift.com
2	r4---sn-5hnekn7l.c.2mdn.net
2	s0.2mdn.net	3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
2	s.ad.smaato.net	2 redirects
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
2	mug.criteo.com
2	script.4dex.io	anymind360.com script.4dex.io
2	gum.criteo.com	1 redirects
2	www.facebook.com
2	i.ytimg.com	www.allsgpromo.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.taboola.com	ssum-sec.casalemedia.com
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	ssum-sec.casalemedia.com	js-sec.indexww.com
1	acdn.adnxs.com	anymind360.com
1	u.openx.net	anymind360.com
1	ums.acuityplatform.com	1 redirects
1	sync.go.sonobi.com	eb2.3lift.com
1	match.deepintent.com	eb2.3lift.com
1	csync.loopme.me	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	bttrack.com	eb2.3lift.com
1	triplelift-match.dotomi.com	eb2.3lift.com
1	ads.travelaudience.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	px.ads.linkedin.com	eb2.3lift.com
1	gcdn.2mdn.net	1 redirects
1	dclk-match.dotomi.com	3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
1	tr.blismedia.com	3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	hbopenbid.pubmatic.com	anymind360.com
1	adasia-d.openx.net	anymind360.com
1	htlb.casalemedia.com	anymind360.com
1	anymind360.com	www.allsgpromo.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	www.allsgpromo.com
1	kfcdelivery.com.sg	1 redirects
0	www.storygize.net Failed	eb2.3lift.com
0	rtb.adentifi.com Failed	eb2.3lift.com
0	usersync.getpublica.com Failed	eb2.3lift.com
0	sync.hgrtb.com Failed	eb2.3lift.com
0	sync.srv.stackadapt.com Failed	eb2.3lift.com
0	sync.ipredictive.com Failed	eb2.3lift.com
0	s.amazon-adsystem.com Failed	eb2.3lift.com ssum-sec.casalemedia.com
0	google2waycm.netmng.com Failed	3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
490	119

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
t.me
twitter.com
api.whatsapp.com
telegram.me
www.kfc.com.sg
instagram.com
c.lazada.sg
www.guardian.com.sg
allsgpromo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-11` - `2022-11-10`	a year	crt.sh
*.kfc.com.sg Amazon	`2021-05-28` - `2022-06-26`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-15` - `2022-04-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
anymind360.com R3	`2022-03-04` - `2022-06-02`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
smaato.net Sectigo ECC Organization Validation Secure Server CA	`2020-07-28` - `2022-10-04`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.zemanta.com R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
*.outbrainimg.com R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-02-20` - `2022-05-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2022-03-28` - `2022-09-28`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-03-29` - `2022-06-07`	2 months	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh

This page contains 49 frames:

Primary Page: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Frame ID: 4DD9235CB6D2D390A87FA0D852156DD2
Requests: 202 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3A7993076C66C278AD6372AD775541B0
Requests: 1 HTTP requests in this frame

Frame: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 386CAA9AAC02113DD6C3CF27CDE39D95
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 56F755A81BC02ACC45BEF18EFCE99896
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A8574EF01D4742DC8E0FD0CFB19B5B29
Requests: 2 HTTP requests in this frame

Frame: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B86870087E214E1C9E930A3A51D43F69
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html
Frame ID: 1581156D7576F9693DE09EBD7FFCF70D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7357824870962864&output=html&adk=1812271804&adf=3025194257&lmt=1649388641&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649413477283&bpp=3&bdt=4038&idt=224&shv=r20220406&mjsv=m202204040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64cda19ba189039-22e5d77872cd0074%3AT%3D1649413476%3AS%3DALNI_MYmGCoQW8WVXe_ViHbrnwFGa2z84A&nras=1&correlator=6292785507096&frm=20&pv=2&ga_vid=423034769.1649413477&ga_sid=1649413477&ga_hid=1569133847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065342%2C31066989%2C31060047&oid=2&pvsid=2274504248295943&pem=68&tmod=1443696229&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=238
Frame ID: 1D0DA6DE2D7308CDEDE6D80F935EEF0F
Requests: 1 HTTP requests in this frame

Frame: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5B1DD40EE5F61ABCBD26EB6E51779A38
Requests: 19 HTTP requests in this frame

Frame: data://truncated
Frame ID: EFA121F865631A1D21AC77221DDD3849
Requests: 1 HTTP requests in this frame

Frame: https://widgets.zemanta.com/1646288090/widget-728x90.js
Frame ID: E8FE7B82CBCD730DB4B6DDEB4E5A6D03
Requests: 3 HTTP requests in this frame

Frame: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 943066230925B9E9E01F9D7B961E91BD
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F69299FDBDA9A8366B6BE0331D73DC93
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7D2DCA8DD5288CF4C68DC84908911976
Requests: 1 HTTP requests in this frame

Frame: https://widgets.zemanta.com/1646288090/widget-336x280.js
Frame ID: DA155858D7871801786F2736005B98EA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 64B8ED1FADDAC2103A3E8B53216B0D89
Requests: 9 HTTP requests in this frame

Frame: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CFB5BB6241E70C3E75984410D11665D1
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C70F72DEB9BDAAEABC9E988D17677E63
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1
Frame ID: 740108BBF37E0E1EF44ABB4115748453
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: A78CF68305108D2A4A8B8FE4FB1D5C64
Requests: 1 HTTP requests in this frame

Frame: https://widgets.zemanta.com/1646288090/widget-336x280.js
Frame ID: 61139EB1B3833CD688DB8A44A75A4EE4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/index.html
Frame ID: 38C357B65DC82470B85041CB848AA0BC
Requests: 8 HTTP requests in this frame

Frame: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 48799F48A61891BEC5421EA859339690
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A97472981B78C7D4FA70DF3DBFCD6C22
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=34523
Frame ID: 7F83C84CFEB9123F636AFD91E43CEE69
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=11926
Frame ID: 6AB09FF1DC4F128AA08CF68BD7136555
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=10115
Frame ID: 7B6FBF367C14016FB4C777AA4ACEFCE6
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CC200F56F13DD45814FD9F0F1A7B5E87
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7DB011226212EEDD0A6F8AF2F9D82B92
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9274E206927A9A64FB787D3EFFB7DD9D
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: B37DFB1A7136DB77A21019B36BB0503B
Requests: 1 HTTP requests in this frame

Frame: https://widgets.zemanta.com/1646288090/widget-300x250.js
Frame ID: D8A5FE142EA8182B43035409A639F0A0
Requests: 3 HTTP requests in this frame

Frame: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5470D976D471B14ADA4AECB444439190
Requests: 17 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=42135
Frame ID: 49D9A47BD12344546D80F89778DA6E70
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CDE427FBBE755DAF17A49338A27F1297
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: D39FFC844D096497D9374495C45821A5
Requests: 1 HTTP requests in this frame

Frame: https://widgets.zemanta.com/1646288090/widget-336x280.js
Frame ID: 9BC6AC97CC9D8E0E35C8B43F20ABE0DB
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=62132
Frame ID: 3A8B19F0D6CB6680D6930685B0850D30
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 06F36971B7855929123DEBB5DE89FD09
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 3F4A768097C4F7D685F5439D262450B4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9807B90C8B00B27464329C6216AD9D13
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: 78C327E21581E58AAD7BA52DED37D09B
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.allsgpromo.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C7E898D05B772E5DF2FCD682A1308F98
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B1141A52-9440-4D0D-8302-A5253DDF5731
Frame ID: 18625488BF0A26601A5D8C5EE0A037E7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2752972302389155323
Frame ID: 2BF8962A78154309F9AC746FB2F2C1F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2f806250-0d66-4400-93ec-4559660112c1&gdpr=0&gdpr_consent=
Frame ID: 6A53E2F2CB0B62B0C2ED6DE192C15B65
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2FE177D97E9B367C4893B099943B1440
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7084176945600657557
Frame ID: 0EC18442CAC4A587CA234EBE58E02FA8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlANZgAG4zwtmQA-&gdpr=0&gdpr_consent=
Frame ID: BFAF1E2FE27C7E0538D35485046AE3A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

KFC Promotion: Zinger Box for only $7.95 (U.P $17.85) from 6 to 19 April - AllSGPromo

Page URL History Show full URLs

https://kfcdelivery.com.sg/ HTTP 301
https://www.allsgpromo.com/kfc-promo-menu-delivery/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

jQuery Mobile (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]mobile(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

490
Requests

83 %
HTTPS

37 %
IPv6

76
Domains

119
Subdomains

78
IPs

13
Countries

7136 kB
Transfer

14304 kB
Size

90
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Allsgpromo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/allsgpromo/

Search URL Search Domain Scan URL

URL: https://t.me/allsgpromo

Search URL Search Domain Scan URL

URL: https://twitter.com/allsgpromo

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=KFC+Promotion%3A+Zinger+Box+for+only+%247.95+%28U.P+%2417.85%29+from+6+to+19+April+%C2%A0%20%0A%0A%20https://www.allsgpromo.com/kfc-promo-menu-delivery/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://www.allsgpromo.com/kfc-promo-menu-delivery/&text=KFC+Promotion%3A+Zinger+Box+for+only+%247.95+%28U.P+%2417.85%29+from+6+to+19+April+%C2%A0
Title: Telegram

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=KFC+Promotion%3A+Zinger+Box+for+only+%247.95+%28U.P+%2417.85%29+from+6+to+19+April+%C2%A0&url=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&via=allsgpromo
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.kfc.com.sg/
Title: ongoing KFC Promotions and KFC Promo Code

Search URL Search Domain Scan URL

URL: https://www.kfc.com.sg/Coupon/Promotion
Title: KFC website

Search URL Search Domain Scan URL

URL: https://www.kfc.com.sg/
Title: www.kfc.com.sg

Search URL Search Domain Scan URL

URL: https://www.kfc.com.sg/spinnwin
Title: here

Search URL Search Domain Scan URL

URL: https://instagram.com/allsgpromo
Title: Instagram

Search URL Search Domain Scan URL

URL: https://c.lazada.sg/t/c.bIAz1H
Title: KFC on Lazada

Search URL Search Domain Scan URL

URL: https://www.instagram.com/allsgpromo
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.guardian.com.sg/garnier-skin-naturals-micellar-cleansing-water-for-sensitive-skin-400ml/p/176968?utm_source=social&utm_medium=facebook&utm_campaign=dailydeal_24jul&utm_content=link&fbclid=IwAR3O8uACRTXkKdlqU1RdrA8KeHXDib1GJx_YcyDcpyYNlHAnO_qm7nDUIbo
Title: National Day promotion

Search URL Search Domain Scan URL

URL: http://allsgpromo.com/
Title: AllSGPromo.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Allsgpromo/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.facebook.com/allsgpromo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kfcdelivery.com.sg/ HTTP 301
https://www.allsgpromo.com/kfc-promo-menu-delivery/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 111

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.allsgpromo.com%2F&domain=www.allsgpromo.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=BPTUXnw0Nlc4ZUxYRUxzQ3JoankvY0JYTDhVQWdkdzJwWllyQU1WNU9EVGo2QUdKNlFISUZRMTU0S3R0bHVxYTd1bkdXdmVzdUxYNE1ZS2NTTU94eTJyeUtrQS9JYVdsK1BicTE1a3pScVR4RlVZaUlVSjBEemF3QUpNb2t5Umt6SllqSW5OZWhhQk1ERFFNUXNPbWlnL0VCaWR0eXUxYjk0UUhXdFR1MTc0R3M5L3FrS200ZlF0NE9hZW1MaEo5ZG5JNkZNTDR6Y3VhSEVNTTRXS2orSk1oRlFNYk5Cd1lsTUNIZVU1b0FLMElSQW9rPXw&cppv=2

Request Chain 236

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC_nIirBDpBLvQFLTZb0_5I&google_cver=1&google_push=AYg5qPLVwyhfL4SDB9sPSniUmSn1xAVevnxQcup-rdzF2JhPYJwAQBzx_U9tKv9gSSgYjouE5h_iI8nXfVKr2rMBMl1jniq7TZo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFRQTc1M1gtQi1FTDhD&google_push=AYg5qPLVwyhfL4SDB9sPSniUmSn1xAVevnxQcup-rdzF2JhPYJwAQBzx_U9tKv9gSSgYjouE5h_iI8nXfVKr2rMBMl1jniq7TZo

Request Chain 237

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_cver=1&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1

Request Chain 238

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO_iHlKtGp0Dy-wehAU4liI&google_cver=1&google_push=AYg5qPI4P-4CqRwR8SfJZa0BIN-ptKsgq4PIdxt0KdRCWpeehlvy1gdRJ9wSOJxv17ftruDuwrDdY3CftoIHFUKDM2JuX0T85Oc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI4P-4CqRwR8SfJZa0BIN-ptKsgq4PIdxt0KdRCWpeehlvy1gdRJ9wSOJxv17ftruDuwrDdY3CftoIHFUKDM2JuX0T85Oc

Request Chain 239

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELMEx82ExejMlWtFpexdNeA&google_cver=1&google_push=AYg5qPLwXF5KW90YKAtaggU_2d672AVZk8Cdoi_qqMAkOqIEVJ1OaxbdVWBV9mEJMA8kGjDAR_jJUFGMuG_9p9Ye62zJ8HzNBMY HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLwXF5KW90YKAtaggU_2d672AVZk8Cdoi_qqMAkOqIEVJ1OaxbdVWBV9mEJMA8kGjDAR_jJUFGMuG_9p9Ye62zJ8HzNBMY&google_gid=CAESELMEx82ExejMlWtFpexdNeA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxOTQ3NDQ5MjQzNTA2OTg3MTc4MQ%3D%3D&google_push=AYg5qPLwXF5KW90YKAtaggU_2d672AVZk8Cdoi_qqMAkOqIEVJ1OaxbdVWBV9mEJMA8kGjDAR_jJUFGMuG_9p9Ye62zJ8HzNBMY

Request Chain 246

https://um.simpli.fi/gp_match?google_gid=CAESEMNhNGqrRjstXWbEeQeD_WA&google_cver=1&google_push=AYg5qPJ2tGYcFSQKsVpUZEMLGt0kOkYLzQYrakEHvwtLyevz0E_sHxvLNjR_8E4hPV-A5QKHXYLfAvGG-RO_9vLMnhPi96p3_SI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C3BBD50E7BAA4CC084B3C22342CD6624&google_push=AYg5qPJ2tGYcFSQKsVpUZEMLGt0kOkYLzQYrakEHvwtLyevz0E_sHxvLNjR_8E4hPV-A5QKHXYLfAvGG-RO_9vLMnhPi96p3_SI

Request Chain 247

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBXAjOowozRcontBwMz0I28&google_cver=1&google_push=AYg5qPLKaRyYdPJhmMjUzp0FFz3Bcj2V1fGdN2Au4OkumWZucaLKvsP-4MXLCbrpz-cGbxwdovF0eY1d3OqVZph-KQ5Igqm3hT8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4NDE3Njk0NTYwMDY1NzU1Nw%3D%3D&google_push=AYg5qPLKaRyYdPJhmMjUzp0FFz3Bcj2V1fGdN2Au4OkumWZucaLKvsP-4MXLCbrpz-cGbxwdovF0eY1d3OqVZph-KQ5Igqm3hT8

Request Chain 248

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENVs0I7vPIiqNEnKi0qFQRI&google_cver=1&google_push=AYg5qPI5zPVCZDzob29HOTJBc1ffGg1Q8MjBlvWFv_S6GZQQX_vHWr-uTav-qoimg54VmyO2jEm4uuBZUFrI2nTN2hC0u9M5TWI HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENVs0I7vPIiqNEnKi0qFQRI&google_cver=1&google_push=AYg5qPI5zPVCZDzob29HOTJBc1ffGg1Q8MjBlvWFv_S6GZQQX_vHWr-uTav-qoimg54VmyO2jEm4uuBZUFrI2nTN2hC0u9M5TWI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU2NjA5OTQzOTEwMTIwMjM5OQ&google_push=AYg5qPI5zPVCZDzob29HOTJBc1ffGg1Q8MjBlvWFv_S6GZQQX_vHWr-uTav-qoimg54VmyO2jEm4uuBZUFrI2nTN2hC0u9M5TWI

Request Chain 250

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFJVab4a3qchvV4AWzz44fc&google_cver=1&google_push=AYg5qPIPM28LdNpB-Ax2baAjOX0IAiQiADGOarTSt2j8-PtPuwbJ1shccSsr--2WHMRaNvEgxxPEpT985-e8Fd0axtVRznv5j4I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIPM28LdNpB-Ax2baAjOX0IAiQiADGOarTSt2j8-PtPuwbJ1shccSsr--2WHMRaNvEgxxPEpT985-e8Fd0axtVRznv5j4I

Request Chain 267

https://gcdn.2mdn.net/videoplayback/id/2db05676d91974a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3792054679/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/70EA075BA17F4D2695C9660B9B29DE1197D6274D.953499F2C3DED5589437544F9C206C0A5124F7B9/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-5hnekn7l.c.2mdn.net/videoplayback/id/2db05676d91974a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3792054679/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/058EE23D487A20F6C448E9830D8E5B4DE29FE48C.29873639555CA284B5BAB562926A5DE1B6912048/key/cms1/cms_redirect/yes/mh/4-/mip/2a03:1b20:6:f011::7e/mm/42/mn/sn-5hnekn7l/ms/onc/mt/1649412765/mv/u/mvi/4/pl/48/file/file.mp4

Request Chain 278

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEND1LJ9_jQoxCHEUt4UoG2E&google_cver=1&google_push=AYg5qPJT8PAwrzqF3slVv-7dHjt9ZPo8FbAH8RI-ufQR_BdCfQotq2J8liCc76zN9FLrM_WCQ6lCz6QqxKYrpoBWvVDgb5oeuY_N HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEND1LJ9_jQoxCHEUt4UoG2E&google_cver=1&google_push=AYg5qPJT8PAwrzqF3slVv-7dHjt9ZPo8FbAH8RI-ufQR_BdCfQotq2J8liCc76zN9FLrM_WCQ6lCz6QqxKYrpoBWvVDgb5oeuY_N HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2RFVDRHWjQxTkNMTmM1&google_gid=CAESEND1LJ9_jQoxCHEUt4UoG2E&google_cver=1&google_push=AYg5qPJT8PAwrzqF3slVv-7dHjt9ZPo8FbAH8RI-ufQR_BdCfQotq2J8liCc76zN9FLrM_WCQ6lCz6QqxKYrpoBWvVDgb5oeuY_N

Request Chain 281

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENEzqmlbunw9ZDk4TTNqtCU&google_cver=1&google_push=AYg5qPKAqscy65gosVLwByCDw99xm1EXMtzIxxvVoAtbjsq78r-_f9vqTCOG6lIzrrQ_rfUCK9pIevTsmrXb1s5TVoV-7VvykH9F HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENEzqmlbunw9ZDk4TTNqtCU&google_cver=1&google_push=AYg5qPKAqscy65gosVLwByCDw99xm1EXMtzIxxvVoAtbjsq78r-_f9vqTCOG6lIzrrQ_rfUCK9pIevTsmrXb1s5TVoV-7VvykH9F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKAqscy65gosVLwByCDw99xm1EXMtzIxxvVoAtbjsq78r-_f9vqTCOG6lIzrrQ_rfUCK9pIevTsmrXb1s5TVoV-7VvykH9F&google_hm=OTPznqIHR82khPM6ZhvGlw==

Request Chain 282

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRTPmY3a9mkFeNYLxzDqZI&google_cver=1&google_push=AYg5qPL3siCaE8R8qjO12xhm_SucS-vZ_LondNy59FNVenmrE10v7cntJu7ioAEJiKHmJi2xofz8BSMFc_X4LE3aRtAEc4fpXNas HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL3siCaE8R8qjO12xhm_SucS-vZ_LondNy59FNVenmrE10v7cntJu7ioAEJiKHmJi2xofz8BSMFc_X4LE3aRtAEc4fpXNas&google_hm=NTQwMjk0MDUyNzg4MDQxNTgyNw%3D%3D

Request Chain 283

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPHp0-sLC2E2uBM8A6Fv9EE&google_cver=1&google_push=AYg5qPK4t3PUDfVE0kbUXLIAO8ROfzThcfb18mD4z9bf2i4z4MC-0UgQWfCbsUO642gWHmrvT5hCyhcAw5vPch3J0QcVmY3BA1hd HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPHp0-sLC2E2uBM8A6Fv9EE&google_cver=1&google_push=AYg5qPK4t3PUDfVE0kbUXLIAO8ROfzThcfb18mD4z9bf2i4z4MC-0UgQWfCbsUO642gWHmrvT5hCyhcAw5vPch3J0QcVmY3BA1hd&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRQaUpRATQ2DAqUlPd9XMQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK4t3PUDfVE0kbUXLIAO8ROfzThcfb18mD4z9bf2i4z4MC-0UgQWfCbsUO642gWHmrvT5hCyhcAw5vPch3J0QcVmY3BA1hd

Request Chain 314

https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxOTQ3NDQ5MjQzNTA2OTg3MTc4MQ%3D%3D

Request Chain 316

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxOTQ3NDQ5MjQzNTA2OTg3MTc4MQ%3D%3D

Request Chain 318

https://pr-bh.ybp.yahoo.com/sync/triplelift/4219474492435069871781?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-BXMjl6RE2oT5GZ.nk0g3LaVNXwjtee88Y4q_uZw0Lg--~A&dongle=0883

Request Chain 322

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 325

https://match.prod.bidr.io/cookie-sync/trl HTTP 303
https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1 HTTP 303
https://eb2.3lift.com/xuid?mid=7255&xuid=AABpgE7EoBsAADWG_-LNRg&dongle=bzwx

Request Chain 328

https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=&_test=YlANZgAG4E4tigA-

Request Chain 329

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=8967287953539117079&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 330

https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4945&xuid=02dc9b05-8f6a-45c2-bc9a-90660d99cd5c&dongle=31ac

Request Chain 331

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=2313027768381429768&dongle=d407

Request Chain 332

https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3690&xuid=2f806250-0d66-4400-93ec-4559660112c1&dongle=3995&gdpr=1&gdpr_consent=

Request Chain 336

https://match.prod.bidr.io/cookie-sync/trl HTTP 303
https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1 HTTP 303
https://eb2.3lift.com/xuid?mid=7255&xuid=AADqek7EoBsAADYlyn1lSg&dongle=bzwx

Request Chain 339

https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=&_test=YlANZgAG4zwtmQA- HTTP 302
https://eb2.3lift.com/xuid?mid=3657&xuid=YlANZgAG4zwtmQA-&dongle=3c0a&gdpr=1&gdpr_consent=&_test=YlANZgAG4zwtmQA-

Request Chain 340

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=8967287953539117079&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 341

https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4945&xuid=02dc9b05-8f6a-45c2-bc9a-90660d99cd5c&dongle=31ac

Request Chain 342

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=2817430926646925320&dongle=d407

Request Chain 343

https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3690&xuid=d08a6250-0d66-4500-8972-770b1a81856d&dongle=3995&gdpr=1&gdpr_consent=

Request Chain 356

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGoFPAW7ZGk8EHK-3N5EGXw&google_cver=1&google_push=AYg5qPLcpq1RbJnoTkGZVX472CQgjFR_y1vyfFW16JsSL1bBmPC0UXlcDGPPmH6lkZbHMFOnPzw59fXJ9m7OFyQXMDrypQhKA0gn HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLcpq1RbJnoTkGZVX472CQgjFR_y1vyfFW16JsSL1bBmPC0UXlcDGPPmH6lkZbHMFOnPzw59fXJ9m7OFyQXMDrypQhKA0gn&google_hm=a3YW6EnBXYw53zAWaQjAKQ

Request Chain 357

https://d.agkn.com/pixel/2175/?google_gid=CAESEKnae_5O-igdd9AZMCFFKDw&google_cver=1&google_push=AYg5qPLnZitubzoSHe3xWwp9wtezBhm3ZmfPI_6TBMD9Y-pGszmx0n-_1rFbhS76dGfva4SpScvgeP207b0iQYt5RC2TuG6xIYsT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLnZitubzoSHe3xWwp9wtezBhm3ZmfPI_6TBMD9Y-pGszmx0n-_1rFbhS76dGfva4SpScvgeP207b0iQYt5RC2TuG6xIYsT&google_hm=Q0FFU0VLbmFlXzVPLWlnZGQ5QVpNQ0ZGS0R3

Request Chain 359

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECFy_nMuQvjR-sGEdJeaDOk&google_cver=1&google_push=AYg5qPJB7n6HTONQD31XOiJxRyvp7SK_IE5RYgqH7pgA84NF5jL_dufDAWpuo0ZcZ9HpI9A6P3oc8T0hReTLGPzCdCWd5BJ96S8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRQaUpRATQ2DAqUlPd9XMQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJB7n6HTONQD31XOiJxRyvp7SK_IE5RYgqH7pgA84NF5jL_dufDAWpuo0ZcZ9HpI9A6P3oc8T0hReTLGPzCdCWd5BJ96S8

Request Chain 360

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENINiuKjmzarxWvxXknDHXg&google_cver=1&google_push=AYg5qPJsTuAVnpSVqrDJNEdeFlxDhMnSroxpY3TaqyIYpQr69TzLU1w_3kRsXd2sp8DtOwkWZI4iXO0cV6mhtOwCLS5c7hrq0N52 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFRQTc1SFMtVi1JTUhS&google_push=AYg5qPJsTuAVnpSVqrDJNEdeFlxDhMnSroxpY3TaqyIYpQr69TzLU1w_3kRsXd2sp8DtOwkWZI4iXO0cV6mhtOwCLS5c7hrq0N52

Request Chain 361

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_cver=1&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1

Request Chain 364

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 377

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIIX7ubkCPTEVTI58fxUe_o&google_cver=1&google_push=AYg5qPKGzoW6Q4C_POBj3js1Rl9HN1NZkCAZ8uKfD8B8mxUO2KmWJTiupR8eDK0i5QAE9p6EEv2GNZsBLeCqAPrP2B1rssIq6QVR HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKGzoW6Q4C_POBj3js1Rl9HN1NZkCAZ8uKfD8B8mxUO2KmWJTiupR8eDK0i5QAE9p6EEv2GNZsBLeCqAPrP2B1rssIq6QVR&google_hm=a3YW6EnBXYw53zAWaQjAKQ

Request Chain 378

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFheF4ptU3TA9yz4L0Mnj7E&google_cver=1&google_push=AYg5qPLIm2hZQmOdIg3B5Gc5fMwTBYgtbKxtKUjGJ8tO1PTAvz2iYL526CRLiRm_KSKnY-_SICQxZzAMo9ju5jbVfnfo26ty1TBT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2RFVDRHWjQxTkNMTmM1&google_gid=CAESEFheF4ptU3TA9yz4L0Mnj7E&google_cver=1&google_push=AYg5qPLIm2hZQmOdIg3B5Gc5fMwTBYgtbKxtKUjGJ8tO1PTAvz2iYL526CRLiRm_KSKnY-_SICQxZzAMo9ju5jbVfnfo26ty1TBT

Request Chain 379

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAH5QXaIFjNcIdtfO2qkwvM&google_cver=1&google_push=AYg5qPIVwks2vSj1xupXipRU_H0lp5ywknarEqbJq6xjbTHR7XwKlQasp0OwdaU5eOayxIX_wI2Lb87L2TKIVtQhbtP79VsFpvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4NDE3Njk0NTYwMDY1NzU1Nw%3D%3D&google_push=AYg5qPIVwks2vSj1xupXipRU_H0lp5ywknarEqbJq6xjbTHR7XwKlQasp0OwdaU5eOayxIX_wI2Lb87L2TKIVtQhbtP79VsFpvI

Request Chain 380

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHV2MhuxgoRY8hCYx108Enc&google_cver=1&google_push=AYg5qPLQZCyCXl4RIF0YyJ-l5uZ-8T-X_tmFH_oru5GV7BFs9bacCEww1p4JbSukLy1EA9mZC6_sc-tdEcUK4N4IiHSwHvYrySLn HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=E6Juy2i2RTmojXDbNZIq3Q2&google_push=AYg5qPLQZCyCXl4RIF0YyJ-l5uZ-8T-X_tmFH_oru5GV7BFs9bacCEww1p4JbSukLy1EA9mZC6_sc-tdEcUK4N4IiHSwHvYrySLn

Request Chain 382

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHBzw80qBBdT5Gi_O-o4t28&google_cver=1&google_push=AYg5qPIBguHCqDhZUW-UYPfHE23CZvM9CbSSnkp8-qDspas3QDvXPsI4DSornSHDWalpeZH_asr542Yyh6x95hKzMxqCEBLJAneP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFRQTc1TEstQi1DTUlX&google_push=AYg5qPIBguHCqDhZUW-UYPfHE23CZvM9CbSSnkp8-qDspas3QDvXPsI4DSornSHDWalpeZH_asr542Yyh6x95hKzMxqCEBLJAneP

Request Chain 383

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_cver=1&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1

Request Chain 401

https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=VPYcSlKgH0xP8BBIVqYEGFD1HUJPpxtMUPyiTnmx

Request Chain 402

https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4219474492435069871781 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4219474492435069871781&dcc=t

Request Chain 403

https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=4219474492435069871781 HTTP 302
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=4219474492435069871781

Request Chain 405

https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=6019&xuid=odET4GZ41NCLNc5&dongle=465e&gdpr=1&gdpr_consent=

Request Chain 406

https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent= HTTP 302
https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent=&tc=1 HTTP 302
https://eb2.3lift.com/xuid?mid=6547&xuid=EBpP5WFsaY1LqQ1Tyhpy&dongle=45fg&pi=triplelift&gdpr=1&gdpr_consent=&tc=1

Request Chain 423

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELO80mtHlogHPhejN9glO6k&google_cver=1&google_push=AYg5qPLoTd-sQalz4O-_SioS9v2JqA9Wh9v_AZNd-wbV1dVJPsigtE5ODTRj8t31YnBrUem_pkfe2xEWixPNJRMyZz_r_1t2NrLl HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLoTd-sQalz4O-_SioS9v2JqA9Wh9v_AZNd-wbV1dVJPsigtE5ODTRj8t31YnBrUem_pkfe2xEWixPNJRMyZz_r_1t2NrLl&google_hm=a3YW6EnBXYw53zAWaQjAKQ

Request Chain 424

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIsB9nfKFBUqE6GYDpYDdE3xU2zL-dY9s7cUj2v0igV4NUwLdA98kN0ixLnLVGh4FFHoAF4Kbpqs2Q6L_i0UYi2O522bSw2&google_gid=CAESEG0Cyw8X-KXVQ9bStll-5Q4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxBTlpnQUc0end0bVFBLQ&google_push=AYg5qPIsB9nfKFBUqE6GYDpYDdE3xU2zL-dY9s7cUj2v0igV4NUwLdA98kN0ixLnLVGh4FFHoAF4Kbpqs2Q6L_i0UYi2O522bSw2

Request Chain 425

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECoxFDM1adRTsuO2JDNebSc&google_cver=1&google_push=AYg5qPJX3ahOPUu9hjO8LUkN6iL0xmgWBehzXrr4V00eli00in5hfhcPSf90JOCP50lh8UUtNEJx-hUI4x5CrCPrkCp8_9p2yfEn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=L4BiUA1mRACT7EVZZgESwQ&google_push=AYg5qPJX3ahOPUu9hjO8LUkN6iL0xmgWBehzXrr4V00eli00in5hfhcPSf90JOCP50lh8UUtNEJx-hUI4x5CrCPrkCp8_9p2yfEn

Request Chain 426

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMjgKTHvBBDz9MpTqMjrxNc&google_cver=1&google_push=AYg5qPLzb4Cagaf9QbnCasBhTTqZJcvLSaDge6aiedwljk4h4COZ6LLiaO_37sTeC0PA--oTmZw7naJ40ednbSzrymchV-2YPGNJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLzb4Cagaf9QbnCasBhTTqZJcvLSaDge6aiedwljk4h4COZ6LLiaO_37sTeC0PA--oTmZw7naJ40ednbSzrymchV-2YPGNJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMjgKTHvBBDz9MpTqMjrxNc&google_cver=1&google_push=AYg5qPLzb4Cagaf9QbnCasBhTTqZJcvLSaDge6aiedwljk4h4COZ6LLiaO_37sTeC0PA--oTmZw7naJ40ednbSzrymchV-2YPGNJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLzb4Cagaf9QbnCasBhTTqZJcvLSaDge6aiedwljk4h4COZ6LLiaO_37sTeC0PA--oTmZw7naJ40ednbSzrymchV-2YPGNJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 427

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEevLM5_1bLEyuN-awRisoI&google_cver=1&google_push=AYg5qPLkFB2iG6XqokPOiL6Lp_MTEJI8D-6nu6xsWbXM0YR6HfAn5ykOe95jHpNbaGsVx9cvT21ksQHvsWwoDdoEsRX3onvF-EVg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWxBTlpnQUc0end0bVFBLQ==&google_gid=CAESEEevLM5_1bLEyuN-awRisoI&google_cver=1&google_push=AYg5qPLkFB2iG6XqokPOiL6Lp_MTEJI8D-6nu6xsWbXM0YR6HfAn5ykOe95jHpNbaGsVx9cvT21ksQHvsWwoDdoEsRX3onvF-EVg

Request Chain 429

https://onetag-sys.com/sync/i,19/?google_gid=CAESEKpm5K3BvUOgBALYG_LVB7A&google_cver=1&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD

Request Chain 435

https://csync.loopme.me/?redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=1%26gdpr_consent= HTTP 307
https://eb2.3lift.com/xuid?mid=6126&xuid=86894863-ee3b-4fcb-af53-dfe227f80e40&dongle=9e4f&gdpr

Request Chain 439

https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=1%26gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3DQwQpdwph96ba%26dongle%3D8bee%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=2636&xuid=QwQpdwph96ba&dongle=8bee&gdpr=1&gdpr_consent=

Request Chain 442

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=C3BBD50E7BAA4CC084B3C22342CD6624&dongle=yf3

Request Chain 443

https://ums.acuityplatform.com/tum?umid=23&uid=4219474492435069871781&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3391&xuid=661867446894&dongle=6f30

Request Chain 444

https://sync.1rx.io/usersync2/triplelift HTTP 302
https://sync.1rx.io/usersync2/triplelift?zcc=1&cb=1649413479979 HTTP 302
https://eb2.3lift.com/xuid?mid=4070&xuid=OPTOUT&dongle=2dcc

Request Chain 477

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YlANZtc5ecG1qqRyJTqAGwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHx9toTi79lDR0eXmZoDuAQ&google_cver=1&gdpr=1

Request Chain 478

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1649499879&gdpr=1

Request Chain 484

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2752972302389155323

Request Chain 485

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2f806250-0d66-4400-93ec-4559660112c1&gdpr=0&gdpr_consent=

Request Chain 487

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7084176945600657557

Request Chain 488

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlANZgAG4zwtmQA-&gdpr=0&gdpr_consent=

Request Chain 489

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRQaUpRATQ2DAqUlPd9XMQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 490

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2f806250-0d66-4400-93ec-4559660112c1

Request Chain 491

https://pixel.onaudience.com/?partner=214&mapped=B1141A52-9440-4D0D-8302-A5253DDF5731 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=05ab061a5d6b969b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e73d1edd-ef90-45d0-5ae4-764d8167d07b&reqId=6a34747e-f886-4d36-6ee1-384647c16cee&zcluid=05ab061a5d6b969b&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESELheIIb5PqtuscadEYGs60I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e73d1edd-ef90-45d0-5ae4-764d8167d07b&reqId=6a34747e-f886-4d36-6ee1-384647c16cee&zcluid=05ab061a5d6b969b&zdid=1332

Request Chain 492

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjExNDFBNTItOTQ0MC00RDBELTgzMDItQTUyNTNEREY1NzMx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 493

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDdU2iAezYSf0yYC2BHzleU&google_cver=1

Request Chain 495

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1566099439101202399

Request Chain 496

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=83a2d2c7-4b8b-40d5-801c-1e95dd3105ce

Request Chain 497

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8967287953539117079&gdpr=0&gdpr_consent=

Request Chain 498

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=lCxQspJ6U7SPKlywlnxI4JAvUbqPfVe0kCauesAi

Request Chain 500

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B1141A52-9440-4D0D-8302-A5253DDF5731&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1U1wFe9E2uUfjCs_Unp.RnNS5xk2YPY-~A&gdpr=0&gdpr_consent=

Request Chain 501

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://px.adhigh.net/p/cm/bsw?u=3933f39e-a207-47cd-a484-f33a661bc697&bidswitch_ssp_id=pubmatic HTTP 302
https://px.adhigh.net/p/cm/bsw?u=3933f39e-a207-47cd-a484-f33a661bc697&bidswitch_ssp_id=pubmatic&bounced=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=6W86yAEpDHh.AikABlGACLReEQ&expires=30&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3933f39e-a207-47cd-a484-f33a661bc697&gdpr=&gdpr_consent=&gdpr_pd=

490 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.allsgpromo.com/kfc-promo-menu-delivery/
Redirect Chain

https://kfcdelivery.com.sg/
https://www.allsgpromo.com/kfc-promo-menu-delivery/

525 KB
88 KB

1061ms
859ms

Document
text/html

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 740ea8dbc2d30e8c268b9728a6e4dbe9a8f6283da8e129f8decc28a2cb707341

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 6f8a4b3a6ed79c12-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Apr 2022 10:24:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 08 Apr 2022 10:24:32 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
last-modified: Fri, 08 Apr 2022 03:30:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mj7xJaWXN1rwvLqe%2BqPH9UNOGeL2CD3Pn%2FatRoM12gfHLQwOgBcsnHGumZIeDp%2B7kWU6mHM88MSe2oqx9bEVrXKa%2FZhY0lrOCT%2BrsrV8%2BnNNhEHzASSmfJ6bVdlz9R4JfxGLN92JfwsVskaoqTkhasw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-httpd: 1
x-proxy-cache: MISS
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_ALREADY_EXPIRED

Redirect headers

cache-control: max-age=0
content-length: 259
content-type: text/html; charset=iso-8859-1
date: Fri, 08 Apr 2022 10:24:32 GMT
expires: Fri, 08 Apr 2022 10:24:32 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
location: https://www.allsgpromo.com/kfc-promo-menu-delivery/
server: nginx
x-proxy-cache: MISS
x-proxy-cache-info: d301 NC:000000 UP:SKIP_CACHE_MAX_AGE_ZERO

GET
H2 200 6faad0fd24dcccd73c21fd9d22f8fe5b.css
www.allsgpromo.com/wp-content/cache/min/1/ 1 MB
194 KB 47ms
47ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/6faad0fd24dcccd73c21fd9d22f8fe5b.css
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2220d9b068b7b80b7f4be1e1f9c6fd70792ab4f3ee0df6034cafe7071f0c263e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95061
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BXtFvSORfcY4QWWaB8e0tOt3I5ySSUeYjHgAsIfWGHkCBHKZFph02riz4GZtJe18fuwmt3uIpwGpTlcO9RullKU%2BdDpArNObAPk%2BlQfaaQh6Kf7sdaE4ywIu%2F47rVo80QqxVVOcs%2Bb49GPlpzkYKpY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4019f79c12-FRA
x-proxy-cache: MISS
expires: Fri, 07 Apr 2023 08:00:12 GMT

GET
H3 200 newspaper.woff
www.allsgpromo.com/wp-content/themes/Newspaper/images/icons/ 28 KB
29 KB 24ms
23ms Font
font/woff 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a

Request headers

Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Origin: https://www.allsgpromo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1593812
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28732
last-modified: Mon, 14 Mar 2022 05:17:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DANFusIKc2lLnyUk67Rw8gaC3MX1PnIb8qvjhaQaYlapzdkoendIgGkJtgruHME%2FEYybyyUJsEKqLf32rafPw%2BOfG4nHiiNg7zUVAG%2FE0IEd25FXcA9AhgS%2BviocEiMBkJHDa6h37OCtmtamIkd5Oww%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
x-httpd: 1
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f8a4b410fa191ff-FRA
x-proxy-cache: MISS
expires: Mon, 18 Jul 2022 23:41:01 GMT

GET
H3 200 headerlogo2.png
www.allsgpromo.com/wp-content/uploads/ 9 KB
9 KB 719ms
718ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/headerlogo2.png
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c445fe3ef86a23e2c2c3b7843dd782b26bc7e98f8dc72ba18f1c24611cc743b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8860
last-modified: Mon, 01 Mar 2021 06:18:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHq4%2FpDjWxReiaTKOH2cHims0aqZkSe5Tp51waL5d63CVgOKVFqOQeSqYfCBo%2BVnkn60rNu0%2BE187%2BUgxk5HIAuwgiYxu9kZeYuv1R0TLXvhwlI%2FSDbj%2F0%2FTjhoYsHK%2FeWAR1O%2BXz95xY9VZX2ZvqyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b414fdc91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:34 GMT

GET
H3 200 headerlogo4.png
www.allsgpromo.com/wp-content/uploads/ 8 KB
9 KB 733ms
732ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/headerlogo4.png
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fd84359cf364d24241132c68c1129ccee8214f2352c916e5f8fab6bbd7795bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8019
last-modified: Mon, 01 Mar 2021 16:45:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrnOtVjJBDD4Sz4nAVs2h9xfPsVQrGLyjaAJTBTrY8ikXglE97DZc8SolIfRAS4MGtjQXTrGN7TqwI3NCxXO3NLpefYQHt9zfMKu%2F%2BPI%2FvKjo1wHSU0o0297Ea7aag%2BC%2B%2BEzkZVfhB34ziHZwBBXOdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b414fde91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:34 GMT

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 kfc5april-696x696.jpg
www.allsgpromo.com/wp-content/uploads/ 101 KB
102 KB 1150ms
1150ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/kfc5april-696x696.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3aa51c451dbade6e3969f96817616aeb5642327b44a1b779d60b7fec4e2aa0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 103886
last-modified: Tue, 05 Apr 2022 12:52:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRFgQvL93bgH3M%2BzxescDFa1X%2FG6RRKTYFzQ91C9eSPctyKCAU57IZFVvFZGbYiOgEzTdq6YVvuoDKd2bPI%2BsozH9PNoRm51XbQPYwH%2FX4XdJ%2Fno7HhtSTOGLmDE8pflSG9gNomqDJT4G%2FyctpPVptk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b41781b91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:34 GMT

GET
H3 200 KFC-Spore-Zinger-2-5-Apr-2022-1.jpg
www.allsgpromo.com/wp-content/uploads/ 67 KB
67 KB 1034ms
1034ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/KFC-Spore-Zinger-2-5-Apr-2022-1.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 902e46e0abe58f5a9fec9f42c37b4426a907361062125af3e82a54ada10607df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68173
last-modified: Tue, 05 Apr 2022 13:04:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfDwqw5U1RLdjGex4lLbuS8Vc7utCU%2BqdUJhnHPN4JXcjUCBrz0PsFHLGxJkLry14Pmjb2mgjlHm7WV1d1DhunVFPCQ2UOKPS%2BmR9FQHngj87oHV2IHxiF3eam0hpS5bUlTxgm9cKJYYENMcdBparpU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b41781e91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:34 GMT

GET
H2 200 2_Hash_Brown_and_1_Coffee.png
www.kfc.com.sg/Content/OnlineOrderingStaticPages/images/ 156 KB
157 KB 1453ms
649ms Image
image/png 52.77.9.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kfc.com.sg/Content/OnlineOrderingStaticPages/images/2_Hash_Brown_and_1_Coffee.png

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.77.9.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-77-9-191.ap-southeast-1.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

15f5cf87217c09015273a80344bb19564689373d94af3e4e83700710420a5d84

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
last-modified: Thu, 10 Mar 2022 21:40:51 GMT
server: Microsoft-IIS/8.5
etag: "f7243083c734d81:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 159853

GET
H2 200 4_Hash_Brown_and_2_Coffees.png
www.kfc.com.sg/Content/OnlineOrderingStaticPages/images/ 178 KB
178 KB 1128ms
325ms Image
image/png 52.77.9.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kfc.com.sg/Content/OnlineOrderingStaticPages/images/4_Hash_Brown_and_2_Coffees.png

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.77.9.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-77-9-191.ap-southeast-1.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

1130932ff6d124e7c198d0d38828babe0acc71dc581fc7eb8ac6928e0a98e833

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
last-modified: Thu, 10 Mar 2022 21:41:24 GMT
server: Microsoft-IIS/8.5
etag: "6b42e296c734d81:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 181773

GET
H2 200 2_Coffees_at_just_$11.95.png
www.kfc.com.sg/Content/OnlineOrderingStaticPages/images/ 193 KB
194 KB 1452ms
649ms Image
image/png 52.77.9.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kfc.com.sg/Content/OnlineOrderingStaticPages/images/2_Coffees_at_just_$11.95.png

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.77.9.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-77-9-191.ap-southeast-1.compute.amazonaws.com

Software

Microsoft-IIS/8.5 /

Resource Hash

12c3578c27da2c762273ea03ff88dcf3c87b6203a543273a72e99a43dfb33b79

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
last-modified: Thu, 10 Mar 2022 21:42:21 GMT
server: Microsoft-IIS/8.5
etag: "2f8dab9c734d81:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 197394

GET
H3 200 7_kfc-promo-menu-delivery.jpg
www.allsgpromo.com/wp-content/uploads/ 327 KB
327 KB 1131ms
1130ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/7_kfc-promo-menu-delivery.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0e5db0b9fa7b6efeb6150a93b3392913452a0ce99faf8ad5c781d5778626dc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 334551
last-modified: Mon, 21 Feb 2022 17:13:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enhnFZnQTWVXkab3f1IZKiTtX0BAT8Ym%2FJ%2B%2B94D8MFLkLqMLFbpHiW%2B75b6Orwa%2FwaReXs7n31KDtSrjIEQEH%2Bkl0tbmGG5XhoQ72nfwkFZWpBQ%2BAkgGcLyCXRuv%2FbvUxwzh6JeT22nWGslXd0q57K4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b41782091ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:34 GMT

GET
H3 200 228_national-day-promotion.jpg
www.allsgpromo.com/wp-content/uploads/ 43 KB
44 KB 1043ms
1043ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/228_national-day-promotion.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b268380c7810c5baa3f7e153c7f8153101f965ae8e2ae0d7c67cfa04feedaa43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44530
last-modified: Thu, 22 Jul 2021 01:40:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riLBstm4SFprZPoCBDcKiSN6mY2tWPJXUVKWvEv1GW46OyoBxtNTaF1%2BVdEpbDiawiYtO9APDQSEbkdO6hNHblnYPcaWA4qw%2Fkds2B2MDrZylVqx0X1DVoDAdZud2UaHIDGMIckiVa6lTIMFVnQe6Tw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b41782191ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:34 GMT

GET
H3 200 kfc-promo-menu-delivery.jpg
www.allsgpromo.com/wp-content/uploads/ 121 KB
122 KB 1042ms
1041ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/kfc-promo-menu-delivery.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e981afb38958cbf08f946f4824e8ccf35b39cad3db4c572bda8e36016ebb1f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 123862
last-modified: Fri, 10 Jul 2020 04:52:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlnbI97%2BcfjvolPZQSXQOIB6ykaQfEEq8OBGf7avQ0lEfMMn9EpL%2FNounIKzDbUL43LG1YARVDKef%2BWJ7h18%2F5rrJu%2FFFnqRgh9GvtMXE2p%2BrSlGNRNIrtSLqpTRLq31CrAiUVuSfr7LjdvVHUltYa8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b42290491ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:34 GMT

GET
H3 200 2_kfc-promo-menu-delivery.jpg
www.allsgpromo.com/wp-content/uploads/ 42 KB
43 KB 1127ms
1127ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/2_kfc-promo-menu-delivery.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d0c4c0e977da398ee0bacdf66095b167cce4540db78fa4b482a1d7322d25add

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43260
last-modified: Fri, 10 Jul 2020 05:04:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvCCmruXbptSUvlpTz8PnwaS%2FUM07buS25QkcpspXu6oCsuQP8m9iUkyFUbByLL3klOqJ9uhJx5ndrF5f75EfKHpjom1i3cRoQJtFyHkxb6dSiogJC%2FWJwDQ25oJxPz6F1KgbcHod%2Fuux1qnW1cQIrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b42290891ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:34 GMT

GET
H3 200 AllSGPromo-Logo-footer-transparent-e1591641638129.png
www.allsgpromo.com/wp-content/uploads/2020/05/ 33 KB
33 KB 869ms
868ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/2020/05/AllSGPromo-Logo-footer-transparent-e1591641638129.png
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5fe386bd2a4a1010a690c8eeb03051b34ddeb014e7c550d10cdc3e67ed3e5c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33532
last-modified: Mon, 08 Jun 2020 18:40:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kTYAqyE%2BVf4EAiYa0obsg6peVNnR0YUzKKME9DPQesz1L0O5IXcGd00%2FsB3xLjdklYgtN5oy3sWRyUvo07u%2FkAFzl9MPG251d4ubhWZaciIHFMv%2BeyL8ikDwO%2BmhJPcQXPRtVf5VSvl8EvSG9PYEaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b42290991ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:34 GMT

GET
H3 200 telegram-logo2-150x150.jpg
www.allsgpromo.com/wp-content/uploads/ 4 KB
5 KB 813ms
813ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/telegram-logo2-150x150.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a42cf1b6ad4a91f0e87cee1b2a1ded7aedf6078711908425e238dc2bb2929764

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4315
last-modified: Wed, 13 Oct 2021 19:26:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZZIXHdShsiBKckCeCr9RFQwAKIPVS%2B8jSNQN%2FNfJZHd9diNZKSWePEzSoPJz1J09KACEQdW4Q%2BfXU%2BFA6REv0Bh%2BUkzMJmXjo2vFAj9Mk1z6sB0UhJx7mJnqia69Vj3NGWourwPNIpdOHnc222UW%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b42290c91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:34 GMT

GET
H3 200 instagram-logo.jpg
www.allsgpromo.com/wp-content/uploads/ 10 KB
11 KB 958ms
958ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/instagram-logo.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 645109c82e27a1e5b9fb571dc308b0a3c8d652e2208fa55b7a3ecb48997c2f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10391
last-modified: Sat, 25 Sep 2021 02:36:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FA7cqMQ1nHJGHAmcDP6Y0U2Aa0tjP9WDSck4N5pxwcNn0PAvorBFiG3NmpfTDfdDEgTCim32hhrDmrkB3PrlzstPsi1d1CxkPPht4dPxF%2FQIlDVp1gpjiOHisyXwxNcPvZ8Bd7M8OReGDvMvRxVo6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b42290e91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:34 GMT

GET
H3 200 facebook-logo.jpg
www.allsgpromo.com/wp-content/uploads/ 6 KB
7 KB 813ms
812ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/facebook-logo.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d4778cb2a14b67e556546e2c08d1fade3afc1e4a5a5847a5d815002298e201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6532
last-modified: Sat, 25 Sep 2021 02:36:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2F0%2ByN%2BSBFGm7wALk6ZTjIZVYhLojBUABZT6LNxlBZzBookSckQTUQlMyOnzWgVqzHVhba%2BadqE6xIU%2FQ5Qh%2FcOZ2JfiNdwMkUkbl4rmzyxpbPoLL0fNXYKdsXkt5VqTezyxZ%2FOhtmVDAmWSHp6Glko%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b42291091ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:34 GMT

GET
DATA 200
OK truncated Show response
/ 521 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35a5cb2b1cac98c6c1b0f5fd601f48d4511533f383310a84c90da166a080bd6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 896 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d57ce93904c06952349358d4c27cab9027d7483d47460e3116ab6229b4050e1f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/GNBSo4vxTvo/ 25 KB
26 KB 143ms
55ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/GNBSo4vxTvo/hqdefault.jpg

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd383de2396c56e58e7ca6886438f66b07201f680485783b5794180bafc9e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:33 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25915
x-xss-protection: 0
server: sffe
etag: "1625036002"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Apr 2022 12:24:33 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/AwHhgETTcB4/ 20 KB
20 KB 222ms
135ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/AwHhgETTcB4/hqdefault.jpg

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe6bd74cf04e22f62c5a56c7a0929b1c6ae1a85d43e5437114980fc5ae97d3ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:33 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20646
x-xss-protection: 0
server: sffe
etag: "1594019209"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 08 Apr 2022 12:24:33 GMT

GET
H3 200 youtube.png
www.allsgpromo.com/wp-content/plugins/wp-rocket/assets/img/ 662 B
1 KB 807ms
807ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/plugins/wp-rocket/assets/img/youtube.png
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5fc28a845d8b8a279c9c867cb86cee52b6ddf9df67f91b0c6a15513848fdb29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:34 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 662
last-modified: Wed, 06 Apr 2022 00:25:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FqZwW01YbCbUFT%2BV8U6XOqS%2BWA%2F2UR9eH7HZYtfaueK33BF9TJQ5%2BN%2BXaxFCJolxhIpfTJbxnA7BmG44LQEK%2BQzKt7%2FmedMx5GXe1omGC4pUgqXPxdaLyX7fW72vj%2FQMPjZddEsbwXQsyDRqQowcr4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b42291691ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:34 GMT

GET
H3 200 jquery.min.js Show response
www.allsgpromo.com/wp-includes/js/jquery/ 87 KB
32 KB 37ms
37ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33209
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Jul 2021 22:15:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaQCec2Ur5eEWzf1qjp9x6coBE7xn7cm0JV%2FrZ07uoZFv6UWiHKe25EEQBhuXxIKApvf3Dlwnp99ZD3y3r3Sma1o%2FCOx%2B3%2BVf1N%2FA9Bn1YxSZqKhxuovKV%2FXuoVQjFys0%2FFykogrJZorTt5KB0pQFBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9f9691ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:11:06 GMT

GET
H3 200 jquery-migrate.min.js Show response
www.allsgpromo.com/wp-includes/js/jquery/ 11 KB
5 KB 40ms
40ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33209
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 10 Dec 2020 05:05:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lH6S88r8lPAsrGmUlQpXGDc7YTI1CiuJDyCCk%2FT1zHLg0EZKBnWpbi7T9hpOADeZSUqftzE2WObp1L58kTJ%2BK2a%2FJGqdJtUxx8nflpxhh3Mce1bz35XECOn4gf0KLOwGnmSNKaIKUqZFdXnf9QigaDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9f9891ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:11:06 GMT

GET
H3 200 wp-polyfill.min.js Show response
www.allsgpromo.com/wp-includes/js/dist/vendor/ 19 KB
8 KB 59ms
58ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33145
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 Jan 2022 13:27:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOy091dTnvrw63yfTHuhffW9PjRSptENDV0iyq2TXl6P2Ixr6qgH4%2BhmroxOdZTapoplm7KVTGVuSPxz9K9YkBkDOvaDpoNvaw%2F6d7Ar2mIKT6%2BZs%2Fq01mVf%2F4frr9zU6YjDd9BxVzJhCWOGJZOnVuE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9f9b91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:12:10 GMT

GET
H3 200 hooks.min.js Show response
www.allsgpromo.com/wp-includes/js/dist/ 6 KB
3 KB 59ms
58ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33200
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 Jan 2022 13:27:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIN7VQgqq1YZOFpCYArpHPtB6wGcb2HuQ%2BskIsy4HoHPwKDEfGxfEAwVcPBu9gxUE1PC%2FViaKZaEyqKn1jmLZqZOyMCbcoF5Vmy1NqPFtBGNKRdN3wdROZVSkFeMdMHxjV%2BdjPswSOHKwI5CYOk%2BAcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9f9c91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:11:15 GMT

GET
H3 200 i18n.min.js Show response
www.allsgpromo.com/wp-includes/js/dist/ 10 KB
5 KB 59ms
58ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38191
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 Jan 2022 13:27:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcLNg%2FExlU6T8NemoAj%2B%2BoUfy7zK8cBV2dBPNxOocVPCyZTzHkKwQRcoBVk9B4EuZGtOB2HbEfy1ztpBXf74Rqdk8oxbn5tS0b21NT30xIP4k7Os%2FoNMaZ0lGds2F%2FoDt%2BgYejeZZLJ%2FrN41xb%2Bs0R8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9f9d91ff-FRA
x-proxy-cache: MISS
expires: Fri, 07 Apr 2023 23:48:04 GMT

GET
H3 200 jquery.lazy.min.js Show response
www.allsgpromo.com/wp-content/plugins/photo-gallery/js/ 5 KB
3 KB 40ms
39ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/photo-gallery/js/jquery.lazy.min.js?ver=1.6.2
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351c770059b67522894025a987727eb0b98ed9f8b58f2757dd68086f5e82abbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 204608
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 00:25:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJxcZGPMpktraU%2FR%2BQYaYsdvdTzsmxKfr6CBIjA3m%2B%2FDOw76ng3YjJJG6Ij%2BIybZFkO3%2FPMhdzLlFaDD4X0tF7rxzIDcOIHZteVYyTc4w2iF35YDhBJmGyOcy%2BMAjl7MEin2SxSdi0Ttwez1RZN1No0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9f9e91ff-FRA
x-proxy-cache: MISS
expires: Thu, 06 Apr 2023 01:34:27 GMT

GET
H3 200 jquery.sumoselect.min.js Show response
www.allsgpromo.com/wp-content/plugins/photo-gallery/js/ 21 KB
8 KB 59ms
58ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.3.24
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bddafba43cb3625fa505fe970604fcd060b279975397426db98d091b4db2997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 00:25:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oscGlzrTVQifRpDswJ8R0dwVlQHw%2B6de4RyVRFGsAjpgx3iqvV1ZcbhuRiFYiz9f7kwgObNMX994JmLw5k1owVpFUfCL3TkEMsr60my7eOMEX%2Fu3QtHzj9kFQaDD3xvcMW5SrxNKTk0VXy0E5JWh0ws%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9f9f91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 jquery.mobile.min.js Show response
www.allsgpromo.com/wp-content/plugins/photo-gallery/js/ 25 KB
10 KB 60ms
58ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfa956b9f39aec424ed6f9411c71da1f9fbd0c77e4cdccd9089d394a1877d866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33150
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 00:25:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8dlslixNHexP9bxtLQNeSqv3eE72SANb9C7nd5uZpCzqtjyJbinYpE1zP5JSUOG2KvpHLZXCko6hkrVBxB%2BJQQAi2h0a5oFTvLDwlWCR%2BdX6Zal7aSO%2FUYcXztkWfAqCaCthjVb6MvBPVZZXegNS3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fa091ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:12:05 GMT

GET
H3 200 jquery.mCustomScrollbar.concat.min.js Show response
www.allsgpromo.com/wp-content/plugins/photo-gallery/js/ 44 KB
14 KB 61ms
59ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d281c3057af206c0a210770246ef115057cd21081778be6229fd85f4a99d18bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1590987
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 11 Mar 2022 07:59:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv9kobGpmzwJm00ov9eIYv6iIm6kIJRD040PaCc7duPK5Bjk78%2BBf%2B%2BwrGOVfYxX0tKsOR2ckC2RCFmPOsdWXBvPHgaL3vdvTAs%2FYiD5yz66V%2BA%2F7K2g2SaBYcaAoLdX6MJeBAdx8WRAWRONEKViRGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fa191ff-FRA
x-proxy-cache: MISS
expires: Tue, 21 Mar 2023 00:28:08 GMT

GET
H3 200 jquery.fullscreen.min.js Show response
www.allsgpromo.com/wp-content/plugins/photo-gallery/js/ 6 KB
3 KB 62ms
60ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e959dd8ec932148a2df2bc3f2d63d9fe02104910a31ed6dab421e96c03692088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33150
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 00:25:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzhIvyTDP8ctms%2BV%2F6%2BhsXsxExdDxbHwqwoZnopljbCTBpZezbmcnUP%2Ff%2FnOwsijAn5%2F5WUEXFMN3qCFlx3OTswrTbJm5cUCPDej%2F9PxerRUyIWw1YqTp05qa0SJ%2BIU5XxxrTWSJMy4dqnXHUk%2FCiYU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fa291ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:12:05 GMT

GET
H3 200 scripts.min.js Show response
www.allsgpromo.com/wp-content/plugins/photo-gallery/js/ 182 KB
33 KB 62ms
60ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.6.2
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cef8b381fff72ad59cd4dbb5752a71f9e4b600a5e84d1788416e1bcdbc695b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32152
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 00:25:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfF6%2FBh7SqeSj%2FSFk1ceyAwILLLpp%2BpvCeMSsvVnI3DJdxPbz1Td95NIHdTQ2cn8v%2FyYcwfQVG8D3yWWYpU%2FRfiC87vpg9s%2FBkUO9OSgLx29UWT3OyEXY6o2AHRY9atuMILCl2Y5WwzTFpebV%2B4EgTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fa391ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 Popup.js Show response
www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/popup-builder/public/js/ 38 KB
9 KB 963ms
961ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/popup-builder/public/js/Popup.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48de5b82cafd0efcd96c16f18c6d69d090cc163192f4f8130b2cd97c35e2445

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5812AMgtRMuwm2VpgYTvJDlt6yzsI0Vac8Q20EQIpdoJpPumPxoVgE%2B94w9pKYEhUiTe570X3A%2FMBx%2FR47rtL0oqwsUBIhiY6zkZNZ3BEf9mbZmHfa5qVhW%2FyX4x5LnFeXe1%2FKFOdwncrpqTOH3H6Zc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fa491ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 10:24:35 GMT

GET
H3 200 PopupConfig.js Show response
www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/popup-builder/public/js/ 6 KB
2 KB 803ms
800ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d0c242e40e62548f73ad41c48c1e8cb77a89e594c22a20496a66827584d468b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7a6qMNPnSaehLZF9mlHlX27IXkVGoJiTMxxB5AdGigQc5aAO7wcmoVEO7H%2F94S0jTccL9MM1IyLgSVSCTFRS7L5Xx9wrN%2FlUhw1Yo%2FnpUp1ortjgzk2%2FTKFglyFN5sjg66baGxDZ0tbkzXgsEI1aDY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fa591ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 10:24:35 GMT

GET
H3 200 PopupBuilder.js Show response
www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/popup-builder/public/js/ 63 KB
14 KB 885ms
883ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c120a2893e28999493141f3aadaae814833818ac498a09cd6de874763d70d49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhBu2cbgaovB2bmjDLVp4uFrk8Y1ulb7NFEWG4hJ%2BUwBFi1uXTeAeYAR1TiTvnRmsP2g0HKMgTnOGZQR7c9IdKHkBvcJILPNylnAcgSuJziPd1okeAYpaoAGU4PA8GmU%2F3T8SPCILwQX4ZO9rkyHUu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fa691ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 10:24:35 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 184 KB
41 KB 31ms
9ms Script
text/javascript 143.204.98.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-73.fra50.r.cloudfront.net

Software

Resource Hash

414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:22:41 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 131
etag: W/"2e0e3-tEY0wJEY/wwExgi0NrFi684gQTw"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: 1rgw0MwgBKRukn6R_958gtk1HzMfbsh0UpgR1vboE5S7K5C59FHDAg==

GET
H3 200 main-front.js Show response
www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/wp-automatic/js/ 926 B
973 B 39ms
36ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/wp-automatic/js/main-front.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6534b0c6765263da1df9c4a4935e353e6e58943768766f9ea2742258f1034613

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQJODbWnxsyQjs3AQdmncW96HfA85Y5xaB7UTZGiJOk2%2F0ZGNSV2ztSoeePlpieVMBNkUHHEHrY4nn9yBQ3es%2BsUlIBJ%2BhHnA2H0gUh8M3690CzxNC37osrZP9s5BQh9XTF2eqksa7asxxueluCfMW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fa791ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 main.js Show response
www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/wp-coupons-and-deals-premium/assets/js/ 21 KB
6 KB 39ms
36ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/wp-coupons-and-deals-premium/assets/js/main.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68ce15c2549626507c8bf48d33e32b24a74a22739520ac696c61e8321e27bded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 643637
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxmkR8p%2F7BxOBrfOrZQKexQV6pYp%2FwRTruiNVcudyQ4EecMtW10orWZIOVUN7r2eKteOc4ydSG9WXe2lVxJdxM2yTU5HXxvnE0yfOegcdK7Ttigq0GOXM06uFddBFmYyFsyj%2Bnh%2F0cOoUSCesbTKpcc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fa891ff-FRA
x-proxy-cache: MISS
expires: Fri, 31 Mar 2023 23:37:18 GMT

GET
H3 200 jquery.countdown.min.js Show response
www.allsgpromo.com/wp-content/plugins/wp-coupons-and-deals-premium/assets/js/ 5 KB
3 KB 40ms
38ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/wp-coupons-and-deals-premium/assets/js/jquery.countdown.min.js?ver=3.1.13
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 11 Mar 2022 07:59:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnAIParQeUjLHl5IooPV7TDzSSlHzwJyO5IgAWcpGAOHSud3isjz9pQGNwNnKaiNtW2SyIa75MpNC9SfXJBzRK1EHnxl9UVzWqBS18Y8KQS5UJ%2BUrYtqH4Ile3ZdolbsBIOpr1nrk8m2JJae5Wawt%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fa991ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 um-gdpr.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/ 293 B
849 B 41ms
38ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.3.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4007f2f1679d321eb40023d03d99d30899145bfd402fc7be5abdd50ad41f4035

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 116273
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dND1yO8NQUfxLqRGcqrBsE2Zk0CCeIiSHzgvCWKJdY1MDRdzVP%2FBiexEkGVM5SZg473oTo7TR%2FJQB7lzdMnFq3ZDg8eQzcz1IUf%2FEeVr6q80Qs7FwlKK9YpNA8rmTsmxKJvS83ybmP72bbHMBPoOMds%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9faa91ff-FRA
x-proxy-cache: MISS
expires: Fri, 07 Apr 2023 02:06:42 GMT

GET
H3 200 ats.js Show response
www.allsgpromo.com/wp-content/cache/min/1/js/6588/ 120 KB
28 KB 41ms
38ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/js/6588/ats.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1a321dcc98ee1a0c7a7d260d62d09ea99a618c8f5cfee90fcfc005633980e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32152
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHF8Z94zcHkXjepUBhv6YQ%2FKqfWTZ6E%2BvrjrVA0TZQPjftuX5FzGHq2DsPRY3Jlui3PDeehnV5pGjWatIarLzHvLS5YTXuUUySKo1mYeHYRk4q4G3zUH7vyHxnYY%2Fu3mxq1V%2BVQD%2FLFzfYN9mVE3ix0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fac91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 effect.min.js Show response
www.allsgpromo.com/wp-includes/js/jquery/ui/ 17 KB
7 KB 41ms
39ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c953f80cf0bb98945638528f71bafd7e837aac873b241533013b5170535e78fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38195
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:51:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgAMpQsZ2SAg0BNvRhmLZCQwdS3C0DrVkt6uHa%2BUs3DQs8aHQUfn%2FsnFc76JXv7bph%2FA19uy2iUqVqBwAsfzmBxWevRBKBBSFP%2FgkG2C71RD4OSprgdvKrmGgWDu6CO23Fa6M3lkiNIvXuqY1sl6fg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fad91ff-FRA
x-proxy-cache: MISS
expires: Fri, 07 Apr 2023 23:48:00 GMT

GET
H3 200 comparisons.js Show response
www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/comparisons/ 17 KB
6 KB 43ms
40ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/comparisons/comparisons.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f8bfec79bef0a7e60cea9a19a496e8c6be6f83ab1433f20a46c7248f48d7860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6cxlchteAT012OUSI40bBsJxIqnHtYdp%2FCX6ULIiJ7d5xPUVhy1jaNP3oYfIqF7mr%2FIIXXImgUAuunVhydzuzBGLnB8qtoX57MUtpH4KF5Fc6Oc8cpjLXtUc7XkFhAa95f83Nnh6juKL8vHSIiJkQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9faf91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 page-scroll-to-id.min.js Show response
www.allsgpromo.com/wp-content/plugins/page-scroll-to-id/js/ 25 KB
7 KB 44ms
41ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.5
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37569d024102d3b4fe238db257d1df719764726a86692aca7168bd92c9393d6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1843421
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 Jan 2022 13:30:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUszkJoHwnMzFJMuKZbl7aovVCUHAc9xAOcfne88Bj4iSZEpiW1mmmT3YH8NBTDe9x5gp2s5jt5Efj0gK8NnVwGT9La7U7mDKHSjZ7bByxgZQ6vpcIwt9Lrv%2FVvW1DvHvYQ8bG7%2BvZuuHtf6MuDFZPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fb191ff-FRA
x-proxy-cache: MISS
expires: Sat, 18 Mar 2023 02:20:54 GMT

GET
H3 200 ta.js Show response
www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/thirstyaffiliates/js/app/ 4 KB
2 KB 61ms
58ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/thirstyaffiliates/js/app/ta.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2ae7618c82d691f1be5f93fed7fcb3260796a844220ecbd230f6787e823a635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 643637
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gb89TJKzR38IzIprB8jwQa8qiaIjLS6pHiCKBGLJGgBxTXoagw2UqoCf%2FVFFeL7%2BF70CNBThB524ZRhaqr5FYjIRmKXi0L5qTBGYp4wK8ji%2BwQjKiVAuCivJlaF4vGriqn4y0WZQjEXLhoMja4VF3Z8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fb291ff-FRA
x-proxy-cache: MISS
expires: Fri, 31 Mar 2023 23:37:18 GMT

GET
H3 200 main.js Show response
www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/affiliate-coupons/assets/dist/js/ 11 KB
4 KB 44ms
41ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/affiliate-coupons/assets/dist/js/main.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 586bf973746401af1109df3611b0b831395b7277f2ba8ee6994e7a33f9bcab4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcTJMec8zuyplUw1QNdfGpeF%2Fafas%2Fs9m5uEnjsE04%2Bal95K%2FtdXN%2BObQ9uXwfCLcuwYopCukhty5jUgOW%2B3yqtQponFMxJhS935Z5UN8ESyfd85zyqjYcY7g%2B5%2F4hUds4bLOxfmzUk%2BOfWMJ%2FKX7Wo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fb391ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 main.js Show response
www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/affiliate-coupons-pro/assets/dist/js/ 33 KB
12 KB 44ms
41ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/affiliate-coupons-pro/assets/dist/js/main.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6128f352d7f2a159a7907f65da647c78bb3fdd190cdb7b15cae1c571631201af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCP0oLtG2bYYe5sh%2BWy6pXH%2FqntbXGBKnLC%2FFMw0s29DMKwGE7eNokIi1QF1eoRgx2vqBDqChw%2FAdew%2F34YwRAQwJlpJuHobZ%2FLNSP25oDC%2FisQaI2iPRAc03QzEGB3hA9tjdYBdv30OaN%2BCvFXupZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fb491ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 404 my-script.js
www.allsgpromo.com/wp-content/themes/Newspaper-child/js/ 0
0 978ms
976ms Script
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/themes/Newspaper-child/js/my-script.js?ver=1.0
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bpf03GcGXqKd%2BOEbyFBtML8u%2FuXTEIGXxA7If3%2BqSjoFf%2BleU1N5ZEiNqHZGyLGEFfQAPetAdeo7M5J78CUOI%2B6MKky%2Bz5WxzhipWcIfrTnoEEWhaZBOyIdH2EgDAM%2BQG9bwzLOR2y18%2BgnBeeD4bgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
x-httpd: 1
cache-control: max-age=31536000
cf-ray: 6f8a4b4c9fb791ff-FRA
x-proxy-cache: MISS

GET
H3 200 underscore.min.js Show response
www.allsgpromo.com/wp-includes/js/ 19 KB
8 KB 44ms
41ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33204
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 Jan 2022 13:27:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSrxYwiLSz4EOPLneSh0W9lhcYZVIVHIh%2Bz1DvjsOBLJ15Nbw7gbARCbt2k96i8CtBnzftDjMOqErqOGTcMhvLUxkQR6cyyhphpo8HmZtV3ABg33VRC7bJTE6b39R8lW2cQlUyycwtMkbX7%2BieLQFpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fb891ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:11:11 GMT

GET
H3 200 js_posts_autoload.min.js Show response
www.allsgpromo.com/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
3 KB 61ms
58ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=173ee1f64e1c2648598d8860d0189118
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 116273
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Mar 2022 05:17:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D74dvQHZgZbnMWpFtX%2Fogyr6J6%2FU7NiqOZmTMotYleH5SknhMglWTrvf8KQr1mOQxH8uBv1KQA5t3txmulwB8QAw4HUB%2F%2Fac2pOZxtbG26uUUaXjaom2WxC0LQ9IJJe0oUcO6oF4gf6GEDdWdBOBy5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fb991ff-FRA
x-proxy-cache: MISS
expires: Fri, 07 Apr 2023 02:06:41 GMT

GET
H3 200 tagdiv_theme.min.js Show response
www.allsgpromo.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 270 KB
63 KB 61ms
59ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.4.2
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e828a7232d1ec5c6399eb7f6f4beb5e9210d4468a60ee34a16e7f06278c87caf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1843155
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Mar 2022 05:17:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8klyS4of%2BhSp3fqqCkpBiGX%2Bxvb4VqYBsN7VdJy35Lndk2vvrYucJlp6OjPcg%2BS1N6rDVjIx%2Blyplqem4WrVbywjaJ2mvKtGqQoXzFtirJHcqaZth4AZXQeYBR%2BhfvXuPEyYlWTvaYC0yxGRyRuumfI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fba91ff-FRA
x-proxy-cache: MISS
expires: Sat, 18 Mar 2023 02:25:19 GMT

GET
H3 200 comment-reply.min.js Show response
www.allsgpromo.com/wp-includes/js/ 3 KB
2 KB 67ms
65ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/comment-reply.min.js?ver=5.9.3
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32152
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 Jan 2022 13:27:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jraRWewgiakBLoECLlj7gFfB9o3E2h2%2BfNLo3S53hPfc2d7pn%2FiIJvvsau5VfLa05QVT9bHhH7mwCXsAHhf%2F4tYmEO8x75bQXxgOvLkX9%2FzFvITwIZqxilF0Xm19cMbKpaWrgOpN%2FZYVobcsi4aGwx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fbb91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 clipboard.min.js Show response
www.allsgpromo.com/wp-includes/js/ 10 KB
4 KB 67ms
65ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/clipboard.min.js?ver=5.9.3
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a4934fe889bc2f975cd69f0c35adc72107079ef0d36a139fa141b5219e0e6b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Jul 2021 22:15:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uhNFxPKw1B%2F4BPhEelWN%2FDLdsS52j4C3d0QrpORLY%2F4S9bPdF67ti85sLDqxHje2hKf1Lte0jUZ1GHGPOFRo2uBCT0tUN%2FpPYlIj%2BaEDmSI8Z9u4HQwRjsl8QBN3Qx1C5riXxmR0CMUxpuiYjpBj7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fbc91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 select2.full.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/select2/ 77 KB
22 KB 67ms
65ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/select2/select2.full.min.js?ver=4.0.13
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c6fdab80cb86a279695dccc226a1fac50e2c922bea70242edaa28f52b7bad2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33203
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHkqL5AVS5v9tY97XkW0UjcChasdTTaPNmIs2D0KXug1qj8cs2CHaqD13Pn6IUFQrVzLZoLFRSIlx9VvudfxshQNCobpJVNK9xjRyaBYBIH5%2BFf0Sy8PP2leVYGvXZnVvEBwGGcZDDd8bdxhy5v9%2BTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fbd91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:11:12 GMT

GET
H3 200 wp-util.min.js Show response
www.allsgpromo.com/wp-includes/js/ 1 KB
1 KB 67ms
65ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/wp-util.min.js?ver=5.9.3
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Jul 2021 22:15:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2PpCY0RpULvTOojjFbHxDT5jmiAbLOmMrbsU%2F0y0bsk8eiAlej%2BMxbdUk4OUveSMjh%2BVnv6aSyY0KVvr%2FvhGrZFbpU6uKKzxN2ACv1DvFfGRU2Xux7MhH1WpcpN3Grheexa70ZvDYlnVx6TgIXDZAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fc091ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 um-crop.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/ 17 KB
6 KB 68ms
67ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/um-crop.min.js?ver=2.3.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f6190530649973d19d29d4949a6e56f25df9aefe200708f21f9072b32eceb07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33202
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NM61SdvrtSsh0v%2F%2FQYIsubynilfNb%2F90RRmRU0pHhPw2sYtX%2BkKmSe9MLZsl%2Bi5hWA2iqPjXdns2UH5UZZwdnADbSVaOuDP%2FMY2OQcZnDNqP%2BaF%2Brpx71KydjWK2qiK0qJCR%2Ba7%2FC3%2BhxehFC75CdBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fc191ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:11:12 GMT

GET
H3 200 um-modal.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/ 5 KB
2 KB 70ms
68ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/um-modal.min.js?ver=2.3.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9332b9320be6c80c3b29a66781aebe0fd6638f661a5502b06056658c5c84180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38192
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUD4vt9jlsGLhz4mv5CYD1i4Y96W%2BQXb4aM5HAjTKOj8XDK05JKdutDjHviSwLWhL9%2BbTiwUyx9tY02fRoSsf5afp8KlaGzSrNIhaF5wBqrfps09FT7corP1cicCq62tcrjVD3qmo60pBGeoptcjnow%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fc291ff-FRA
x-proxy-cache: MISS
expires: Fri, 07 Apr 2023 23:48:03 GMT

GET
H3 200 um-jquery-form.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/ 14 KB
6 KB 70ms
68ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/um-jquery-form.min.js?ver=2.3.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e07ac69c769c8e081772b87b5f88a134ff6239c33fd4d9e230da69d87375665

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38192
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rx5Q2brDMFJwCPJgM%2FUhKdMm2eWgkXvCMRV5P1KNqjScM7gMDkfGFQtSwiirmIM938oZ8EFHwb8nyxU90wGCAB3dM%2B80ilZGh4961WwMjgfkZpzZTY9gjL29NlwzCKl5LC7Tm9o7nXuS7OW%2FPB7m7qw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fc391ff-FRA
x-proxy-cache: MISS
expires: Fri, 07 Apr 2023 23:48:03 GMT

GET
H3 200 um-fileupload.js Show response
www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/ultimate-member/assets/js/ 9 KB
4 KB 70ms
68ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/ultimate-member/assets/js/um-fileupload.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e1f46ab25e5766c609ee647af355f0ef58027337739daaa9b3f28ac160b1114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2R1BIWD1KOhfeOrb265Qb9AGxSepVmBhu%2BhrnEkWPvKAibQqTDiHArNS5mUBbQ7JvVPLspltCjlLMW3dJBMY56%2BhtBbhrImsPMJkiAXd5HKYN2zy5YvrUXKlU1ABnjQBJNOKpP1vtGv04cgjvHCo2OY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fc491ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 picker.js Show response
www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/ultimate-member/assets/js/pickadate/ 13 KB
5 KB 70ms
68ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58df9f91ae65959c67532063ed408e763cf53cb5d8c71ab8398526b0511aa319

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32152
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8lONKr8rL%2B%2FinXKfDEoH6o40w5Axm6mZhB5aEvucY8AvKFXXfC7SDhcVzF%2BzaLGGZCxgzFrGk9Z8uJwQQvWLANR6a2F2bKVvQDzRbXn7HWHjkC7hG2Nc6EwAjYSUvP%2Fn5AX1eYbZME%2BtVW5l4%2Bak3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fc691ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 picker.date.js Show response
www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/ultimate-member/assets/js/pickadate/ 21 KB
6 KB 70ms
69ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.date.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 401ae8992f4231d8b0c3d056aa8f1a8f4fbf9e500845c2676a95ced2f963d9b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32152
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ui58hGe6AzxIRbeQ3S6xx%2Bs6XcDVdoSIJtgLPGYvd1HDACAG4mgRSHj0GNrd4oze058eyC8R5uCAyD59jTB2EGCmFGNpMhXKATCuQ6Dgv%2BREs7vVphkjF3JE6HqhprVwEQ6nlcUghOx1kKRi96lzOeI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fc891ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 picker.time.js Show response
www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/ultimate-member/assets/js/pickadate/ 15 KB
5 KB 70ms
69ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/cache/min/1/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.time.js?ver=1648354358
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8082bbe9151c82282f64f54885639d4887287345a1fd790e7a6be7ed3d205ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32152
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Mar 2022 04:12:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPARNaYq9yHfCuBpz4qtUcWkiE9ikuPtpn57PqXEZzhIEmChw4%2BMjwkTtyq7lzRuN10Hb%2F%2F58fOQZ3U%2FaG8xq6rpMg0%2BKaSKD8GqwqfYSqz4gV8blQYeMmmw%2FYrrVlJLf6X0mQFdiV0thbsGAtnR59g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fca91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 regenerator-runtime.min.js Show response
www.allsgpromo.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 70ms
69ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5477800
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 31 Jan 2022 13:27:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LizK4Cy3yfDWjryVAZ9RIYZkNu9g74lYIKTSuXpCGl5KOJ2lUHS9vXqOhgmwoLg4yw11sM3%2FNxEriB0r9I8FLPsDX96PWNnkMNqiknHlxTXSFVgi3lnCtQzFKJyNFc9J46tISpQ8LslC88b1g2KgPwA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fcc91ff-FRA
x-proxy-cache: MISS
expires: Sat, 04 Feb 2023 00:47:55 GMT

GET
H3 200 um-raty.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/ 9 KB
4 KB 71ms
69ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/um-raty.min.js?ver=2.3.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edea5d3d3bcb85769aba86162ba0cba0c1b704613663745c4ecd6408f7a46dce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiu2qTZq54AMgvLTXptbdo5rT9Cg4E%2Bkas%2Fz27gK7rbnudKKMjTtz9eGJbRJTA8YjkCYQ32muLiKlgPB3WihnGxlvPaKWEovWY3xjwI5reRwYK7ME7M8jIy6A6Nm4mKXRQtAP86bjuwLXpK1oAaNICo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fce91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 um-tipsy.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/ 4 KB
2 KB 72ms
71ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/um-tipsy.min.js?ver=2.3.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a724edf426a0474a486cbe90b5c61562fc56252b00ec524681fab68e17c92800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 116273
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJ31TogADP5xa9lGW3DAjlAWr4hEo6iEIC%2FVFGu1eD5hae71KADTrSn1M%2FpdsihdwLC8GXJY%2FbKwgTlNX0Nz4v1qCa2KfJuMpThl4FcTU8d6rVZSC%2BbkF3%2BEVGd%2BCj2rSAMLhLIn0f2IVEpZEN3K0y8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fd091ff-FRA
x-proxy-cache: MISS
expires: Fri, 07 Apr 2023 02:06:42 GMT

GET
H3 200 imagesloaded.min.js Show response
www.allsgpromo.com/wp-includes/js/ 5 KB
2 KB 71ms
69ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 13 Aug 2020 01:44:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZgvg8OB99OemxJpHbmIsomgImVPhMYVIvN0%2BSrN%2BfUMHcp%2Fo%2BZ7uEJRtPNIyLz%2FFuHzfgmern24cl%2F7J91LH6Jh5n2tHa9ayoC1pAzhB0T%2FEPiAHYrlZRlFDW1koG1eJnV9uOh9vynkO51JMSKkvDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fd191ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 masonry.min.js Show response
www.allsgpromo.com/wp-includes/js/ 24 KB
8 KB 71ms
68ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32152
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 13 Aug 2020 01:44:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8seQvplFJLivLyEA%2B6aUgs4AC0VLSlkMcwycq9oBJ0WeGES7QL4E%2FV8u%2BECPwoFk6hBhRtLIho19K9DGLQxfavIyIF3lbDqVsmOF%2B1ytMV9PSmQmiAd%2Bj9TNNxL%2Bw2R1ETd%2FnMC1w6syPf3E5jHMKcA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fd391ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 jquery.masonry.min.js Show response
www.allsgpromo.com/wp-includes/js/jquery/ 2 KB
1 KB 71ms
69ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6246112
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Aug 2016 16:25:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PE5ZDmUVE1gP0w2xGEYfnbDyC5XkaY61cEaQtbre0vB9mV7SDrUZrhc%2BQwm7xT8hio%2BVFLcEP5wbB2ONB1XX%2BNwnRJumykA4%2FtF8IkZ8JnSeQyArTBWqpXlhFQD1nnGt4UanBrs6hPar1uuv2KmQWQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fd591ff-FRA
x-proxy-cache: MISS
expires: Thu, 26 Jan 2023 03:22:42 GMT

GET
H3 200 simplebar.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/ 44 KB
14 KB 72ms
69ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/simplebar.min.js?ver=2.3.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92c2a28ee3c5aa3e01481f2db83ec156421bf9f729fd8803c12b5c6f2d275e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32152
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtHoq2LI%2FEW6JXHi8nW7J%2BEBqt7H4ma7FnaQsAJirzMlZ7xv0cZ%2F7myj3OzlTsEbwuiE%2B5aMW1b26ZoOg990mgSNgIzUUz7%2Fz%2BZGFFcAjtLAvj%2B%2BTvir98hK3M3P7FYqxIWlI2s7icayqQCBDQT%2BwP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fd691ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 um-functions.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/ 15 KB
4 KB 72ms
70ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/um-functions.min.js?ver=2.3.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0788c325fb064269e221a854cd4278e54a36a8cdca7df0813089af92a2438b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezuMReMEVRHkelUN%2Frf3dezuRRYorTanQ2pVfvlf0W3wAnfFLXfS1L%2Fz47MPyuZSLG%2BNwN1B%2BCq%2BKtMYiJosSst5Vr19rCDxPAzmGYEvqQt6jlz3XcxduTVfSoJ09Va8E1xt1ESzSduhqlPzN1EK0wA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fd791ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 um-responsive.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/ 221 B
805 B 74ms
71ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/um-responsive.min.js?ver=2.3.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcd487d7308145c275b6d459f8a3f5daa0271d1d4a71a23bf1401411fafd44d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bkdAAA%2BUi%2BfozlsMd%2BHb7uGe92jv1P%2B1mFbJZr2cWIW%2Bt26Oj1DFD%2B789RDJViGgd4T8rgFo%2B%2BXlfeuhQpvTd36e0l6uAgkpogDTu6WrobgAiG6VnybKBhANKBP66Kv2QvzF1nbq6eYvtXBzT8kacbM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fd991ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 um-conditional.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/ 10 KB
3 KB 74ms
72ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/um-conditional.min.js?ver=2.3.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9304ce5a99f364804781837f5cf100e52467b63de15323b805707ad4c55b2468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33144
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtkqcNGcu6nSWdx0uep4HxWhadz9HUvmWeA3XAu2zQjfeJSo2khKUbm%2FjTN2IAYZharvyncG%2Bp3k4AR4scLvuD0UDdLeRdtWVSQ%2BqC7amCbu7qishXtq3kIQ12tCQma7uJc4Vb%2Bql58VK3AmVe0fOs0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fdb91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:12:11 GMT

GET
H3 200 um-scripts.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/ 12 KB
4 KB 74ms
72ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/um-scripts.min.js?ver=2.3.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7489db91d3309740ceec2578f7c0e50e1d86c984929dfdff479ac972b602d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32152
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPenvxBzf6BQ4ffuUxaKh%2B1fiOXJgG8xgZjGvni%2BBsEZ5C2g68SRhh5%2BpEg%2FmR%2FF0RRoFuN9G3jp30tSXzdyvvTfKsTI0uJVWJZ%2FXX2aZkwUCaN4d3w4aOi%2F%2FHHSZSDE9djnQ8colXHHpRjzf2o9bZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fdc91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 um-profile.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/ 3 KB
2 KB 75ms
72ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/um-profile.min.js?ver=2.3.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a87059d0aabe17ea975569e0c2f1c02918a3ab8e9aa6e2b1c7045b3cddf7d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dm7cICrfNqdtkzEQn8VUEsehzkBTTrNLCc3tAK8iXHO9QEwB9rpHYmvdCd8WjJzawTQYUVjHRErx8Sz%2BiqaEe8NQMl6lrJweYtzlxDiP5djif8HnZj8LrCj3guH5EwH9MZNGibgzOelmKIK%2BUm%2F7vs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fde91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 um-account.min.js Show response
www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/ 3 KB
1 KB 75ms
73ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/ultimate-member/assets/js/um-account.min.js?ver=2.3.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 784140381e8ee53723ce52eb600797f90adbbd5ce54b2ac80b91bf3c73f49856

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38190
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Feb 2022 21:53:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gRIxn1%2FpKK6FJyL5ky6BcempQb0SeBGH0Gd0zj5Fv02qnB7mKaoTvefXEFmcbReQkKXYbD8taP4tYRO%2F56UhS0YAznLp%2BGbZ2Rk2Ip8T3V1s7Dhw6vSG4IEzBca0OHwkSxsGJWhGGwlUQFdAQ5yv20%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fe091ff-FRA
x-proxy-cache: MISS
expires: Fri, 07 Apr 2023 23:48:05 GMT

GET
H3 200 js_files_for_front.min.js Show response
www.allsgpromo.com/wp-content/plugins/td-cloud-library/assets/js/ 39 KB
10 KB 75ms
73ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=173ee1f64e1c2648598d8860d0189118
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dc864af587c997738a2ce74710ba4276cd281b1b9a3724140b90aee7a2f969b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33199
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Mar 2022 05:17:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEtoWrQql4HYK0JituDi97KVqm%2BJJMRBe8inzCsQ0e33VugDpY31urehY32rWNJMnl5%2Bf%2FRl2FJPflI07iaSSZAuMpeP1VRFg6B0397zgHIJUv9BHmKbZdyPCDCyf%2ByY%2Fgo%2FdOjfJRxMXhJdibMYRig%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fe191ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:11:16 GMT

GET
H3 200 jquery.smooth-scroll.min.js Show response
www.allsgpromo.com/wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/ 5 KB
2 KB 792ms
789ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/jquery.smooth-scroll.min.js?ver=2.2.0
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6554b04a2e5178a3e18dde21b1bb72e0aa5f87aac9cb567844a4fda5990847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 00:26:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98nlQeV6BDEhayxCpmTY9KmKrokehX9c0H9Co4A%2B8oalcCEXmbvp2Sko5ZQMQqlO%2BzdzlHrDy%2FkORh3GtvbZ49ubVaY0qxAgeaNaBXVgC3sbfRrZyc%2BtFzYDWme9A9pcgJwqzZqtlSw2K64P5AD2uyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fe391ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 10:24:35 GMT

GET
H3 200 js.cookie.min.js Show response
www.allsgpromo.com/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/ 2 KB
2 KB 780ms
778ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 073351c657bbb62703d3e79b437eb5b7c7a647b2293edd2caab7e7016f3d91fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 00:26:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvWUigBBRzIWpBDcXQkGiGzexwJCl%2FWxd42T8Zgg%2FalBdusi0yJBsucftn1IAbyC20eXZmc%2BqgM3yCzZEo7etQ0nhhSd%2BCYBpuRdVa6pEGUTQzaYhESBB1xLVAsN9nMsjs%2Bc7iGqlbNZvyUlW8DTSso%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fe491ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 10:24:35 GMT

GET
H3 200 jquery.sticky-kit.min.js Show response
www.allsgpromo.com/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/ 3 KB
2 KB 212ms
210ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b4ed13bfe6e05b6340281394abe265105b1eb916ab1e53e604352525305f7c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 00:26:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlLkLl75GL5rbaLEuyECNrqFLNCGd9F633bk6xj35x3OaLcor4eML%2BZh1MDQgrIMBsRSpZGuWHnYcXDwUI4HUhkfQrKW11Otj35KrdBICtuEBFyF5opf2cvbdHLDxMi6lP69rrNdnRKG9YX6SctB2xo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fe691ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 10:24:35 GMT

GET
H3 200 front.min.js Show response
www.allsgpromo.com/wp-content/plugins/easy-table-of-contents/assets/js/ 5 KB
2 KB 224ms
222ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.18-1649204764
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aad69cf5d08b51636277b46c0e2833cab2daf135684fccb873072b3c1176a3c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 00:26:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGBaNKDZWOkpg6QFpFcs2D1DN98XYZ4OCFUnr0W3Rswp7J7UXjvV%2F7gsteH%2F%2BGPIcghmRFiVgfQ%2FrEoiRxod1DIPVBSii5BjmU87wCEatObfRvFWXkG5pNqY027cD9I4ZiemBTO3nuFWJ9hSnJqyHZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fe891ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 10:24:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 145ms
54ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-167532065-1

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

584d26291be42d438b2e2cf8ea247e846c3510b34ab050a84483839d4524ebcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39139
x-xss-protection: 0
expires: Fri, 08 Apr 2022 10:24:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 152ms
60ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7357824870962864

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd1d9485b02fce5894bae0c857d2935dd022b2f6d49c9608332db95523b5b485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54094
x-xss-protection: 0
server: cafe
etag: 10554869096536720248
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Apr 2022 10:24:35 GMT

GET
H3 200 rbtools.min.js Show response
www.allsgpromo.com/wp-content/plugins/revslider/public/assets/js/ 121 KB
48 KB 75ms
73ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.9
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5f70e90e97e6ac1952a1a116dba485b468fa98dca2977853768a946227c7bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32153
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 07 Nov 2021 10:11:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6x%2FAzTSmNgZGToWQLglS6Llp3VBWKa%2FJpKtUDwsMp61NypBRvtVPGx2jbJg0N6G0YS4oKEF%2FOXD1w2gATQZNI4q2zJEJgZTVXRUGePgu0sDey2bPDoRa%2B3udklLRXllq54QUgQCcwjsM4UbhoQ930s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9fea91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 rs6.min.js Show response
www.allsgpromo.com/wp-content/plugins/revslider/public/assets/js/ 372 KB
98 KB 80ms
78ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.9
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ececa11daba0ee1c5bf9c56ec4d40be9e455e69ffe1b61a1e7d08108f4699418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33137
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 07 Nov 2021 10:11:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqa9wmchajv2VigBBz0mlekmz9juzPItWb2WomXbuSw%2FccghArxEHQ%2F9kLePRc3JXeFY%2FfhtPImCplQk7hCvD%2BGCi2stNJPiXra77a0zHzReffjzQq%2FZjB67yUdz2SxCAsOtvoGPTSJkSlB92TY782o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4c9feb91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:12:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 140ms
51ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu%7CFira%20Sans%3A400%7CLibre%20Franklin%3A400%7COpen%20Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&subset=greek%2Clatin%2Cgreek-ext%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic&display=swap

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6884c73e2220dd8fdef43d5e2456a3c5b563a17dede4026eab900536ae06a62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 10:24:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Apr 2022 10:24:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Apr 2022 10:24:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 86 KB
33 KB 84ms
84ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MBHJDHZ

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ac881f7d109972f86ca68dc4cfd626518a7ce22cc7ebb96603997a2eaede676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34073
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Apr 2022 10:24:35 GMT

GET
H3 200 css
fonts.googleapis.com/ 20 KB
1 KB 96ms
49ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6884c73e2220dd8fdef43d5e2456a3c5b563a17dede4026eab900536ae06a62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 10:24:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Apr 2022 10:24:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Apr 2022 10:24:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 30ms
10ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: mb9vqtyFPJWFzO6iHyjUeXhD0XqTKkqX83QNOxLlvVEyevCR80BUUMtSrAdn+8ibMPo7DIz9l+ClAXEOw8XdDA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 08 Apr 2022 10:24:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 lazyload.min.js Show response
www.allsgpromo.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
4 KB 22ms
22ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32152
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 06 Apr 2022 00:25:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3NBjCqWCqcburoVQPaNUiUf1GOKQPAvtUhLGnoizZCEmjlHUH3T4gfGeLwnyMm9j87eaPJpH3R7N%2BzlsAdFIzv0AumSSfbfGyeFBlx%2B%2B1Qr0fncgKVNjhPZKOjTI4VB9amlvEE2M7%2FcigWSCWDhwOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-httpd: 1
cache-control: public, max-age=31536000
cf-ray: 6f8a4b4de96f91ff-FRA
x-proxy-cache: MISS
expires: Sat, 08 Apr 2023 01:28:42 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.57

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20656
x-xss-protection: 0
pragma: public
x-fb-debug: Wwj9xRhurvtNh+Rq4wVLI9EqMX19TeOpVFPUCCDtHxEkLUHcOyoP/XUWV4Fc0fkKC4/WNC9+hqapRtAQFpvx+Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 08 Apr 2022 10:24:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 573970880245811 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 76ms
68ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/573970880245811?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b270053614364ea0bd75315fc1dae765cbcb054fb886298b187170f391ccec5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: A0+v70QLzH7hhsUl6E0bHsqOqJRkgPNvjbip/tY1RrcmvPC9/WRXHYzllL6cXLaW2HOtAmGzuQg2g4Icl09awA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 08 Apr 2022 10:24:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 128ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%7CFira%20Sans%3A400%7CLibre%20Franklin%3A400%7COpen%20Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&subset=greek%2Clatin%2Cgreek-ext%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allsgpromo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 214745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 22:45:30 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 210ms
123ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allsgpromo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 214745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 22:45:30 GMT

GET
H3 200 newspaper.woff
www.allsgpromo.com/wp-content/themes/Newspaper/images/icons/ 28 KB
29 KB 31ms
31ms Font
font/woff 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/wp-content/cache/min/1/6faad0fd24dcccd73c21fd9d22f8fe5b.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a

Request headers

Referer: https://www.allsgpromo.com/wp-content/cache/min/1/6faad0fd24dcccd73c21fd9d22f8fe5b.css
Origin: https://www.allsgpromo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1593814
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28732
last-modified: Mon, 14 Mar 2022 05:17:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BpfxLw43gW9HhrQT7zSP9X0YfL7oVumv7Hu6R2WqRVlmMK%2FdkIkO5rqrovUjog%2BBlOElhyvUxMlufJiqBsSGky5J5K74coLRLmwA8SJBpAtyUqu3yzTC3Zumbcdb6TFuW0n7WC%2BKVbfzOte7qi7S3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
x-httpd: 1
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f8a4b4e7a2e91ff-FRA
x-proxy-cache: MISS
expires: Mon, 18 Jul 2022 23:41:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 236ms
153ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allsgpromo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 190277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Apr 2023 05:33:18 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v15/ 22 KB
22 KB 240ms
159ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v15/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allsgpromo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:32:11 GMT
x-content-type-options: nosniff
age: 139944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22592
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:05:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 19:32:11 GMT

GET
H2 200 jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhLsWkANDJ.woff2
fonts.gstatic.com/s/librefranklin/v11/ 14 KB
14 KB 244ms
166ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v11/jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhLsWkANDJ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e9ff60e99eb7a8a449158073b0cb20b5227d53cd609d1488375ce41aed57649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allsgpromo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 21:05:20 GMT
x-content-type-options: nosniff
age: 220755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14060
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:34:04 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 21:05:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 193ms
141ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allsgpromo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 224200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 20:07:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 208ms
162ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allsgpromo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 228286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 18:59:49 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 112ms
83ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.allsgpromo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 214745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 22:45:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 22ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=573970880245811&ev=PageView&dl=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&rl=&if=false&ts=1649413475757&sw=1600&sh=1200&v=2.9.57&r=stable&a=wordpress-5.9.3-3.0.6&ec=0&o=30&fbp=fb.1.1649413475755.1800957598&it=1649413475527&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 08 Apr 2022 10:24:35 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 3A79 0
17 B 17ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.allsgpromo.com
Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.allsgpromo.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 10:24:36 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 607fcfa28b60b00018a3f391.js Show response
buttons-config.sharethis.com/js/ 1017 B
890 B 411ms
392ms Script
text/javascript 2600:9000:2156:7e00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/607fcfa28b60b00018a3f391.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7e00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

36dc02496a0b56bba80de68710f1a070f9e1b5e3bfa9884648c4a4ab22f5aa01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
content-encoding: gzip
etag: W/"8d5851138b28771e9f713152464c9412"
last-modified: Tue, 16 Nov 2021 12:49:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: LDDshAvFSGY_rAKBjOMGa7Cp2TSIJZNc6DyBh85e0qnUXXSnCc7KEg==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
405 B 33ms
8ms XHR
text/plain 3.127.31.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=www.allsgpromo.com&location=%2Fkfc-promo-menu-delivery%2F&product=unknown&url=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=KFC%20Promotion%3A%20Zinger%20Box%20for%20only%20%247.95%20(U.P%20%2417.85)%20from%206%20to%2019%20April%20%C2%A0%20-%20AllSGPromo&cms=unknown&publisher=607fcfa28b60b00018a3f391&sop=true&version=st_sop.js&lang=en&description=Check%20out%20the%20latest%20KFC%20Promo%20%26%20deals%20in%20Singapore%20this%20month!

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.127.31.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-31-227.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 10:24:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://www.allsgpromo.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 150ms
61ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/wp-content/cache/min/1/js/6588/ats.js?ver=1648354358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

8322cb64ca9df809767967bca15f86f0f4dce327cb843608db4fd0d8a2fbfb19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28285
x-xss-protection: 0
server: sffe
etag: "1181 / 367 of 1000 / last-modified: 1649369159"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Apr 2022 10:24:36 GMT

GET
H2 200 atsprebid.js Show response
anymind360.com/js/ 424 KB
133 KB 99ms
7ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/atsprebid.js

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/wp-content/cache/min/1/js/6588/ats.js?ver=1648354358

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5305e5358afc5f5129d897773d195b044ef43f74e72634fef9410ef3c8da1c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: gzip
age: 44324
x-guploader-uploadid: ADPycduQ4nnAplie3yBFQzygsYItALc-vcWRCQvoDaMlI03ClOxLplhzmY6WmiT4IOLMvkDL931kM5WfY8hwWZ5R1Z3RGeBdNI6a
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 135429
x-served-by: cache-tyo11976-TYO, cache-hhn4068-HHN
access-control-allow-origin: *
expires: Thu, 07 Apr 2022 22:05:52 GMT
last-modified: Thu, 13 Jan 2022 11:08:34 GMT
server: UploadServer
x-timer: S1649413477.517581,VS0,VE1
etag: "3dfb6bec0a9f873c3f15350204aaea44"
vary: Accept-Encoding
x-goog-hash: crc32c=wRYb1g==, md5=Pftr7Aqfhzw/FTUCBKrqRA==
x-goog-generation: 1642072114188471
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=43200
x-goog-stored-content-length: 135429
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 1

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 51ms
17ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.allsgpromo.com%2F&domain=www.allsgpromo.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.allsgpromo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 08 Apr 2022 10:24:36 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1373
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
943 B 66ms
27ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1472921
x-amz-request-id: tx936e37cd1550438eac0ae-00623993ca
x-amz-id-2: tx936e37cd1550438eac0ae-00623993ca
last-modified: Tue, 22 Mar 2022 09:15:21 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLkK%2BvRLn04KJgSAIX8IV1YL4kKKvuKXLVI58j3lUA4sKINoMM7dcw5z1oCfTBN6FTl1zazbfK1N%2F9Sf6P6ueH8uNKdtnJcPD%2FPBDd7IYTKpU1cMA%2BsqvPYu1p01lv%2FgTzYpdwydFEnCzPak"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1647940521027959
cf-ray: 6f8a4b54bcef9c0c-FRA

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.allsgpromo.com%2F&domain=www.allsgpromo.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=BPTUXnw0Nlc4ZUxYRUxzQ3JoankvY0JYTDhVQWdkdzJwWllyQU1WNU9EVGo2QUdKNlFISUZRMTU0S3R0bHVxYTd1bkdXdmVzdUxYNE1ZS2NTTU94eTJyeUtrQS9JYVdsK1BicTE1a3pScVR4RlVZaUlVSjBEemF3QUpNb2...

350 B
621 B

43ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=BPTUXnw0Nlc4ZUxYRUxzQ3JoankvY0JYTDhVQWdkdzJwWllyQU1WNU9EVGo2QUdKNlFISUZRMTU0S3R0bHVxYTd1bkdXdmVzdUxYNE1ZS2NTTU94eTJyeUtrQS9JYVdsK1BicTE1a3pScVR4RlVZaUlVSjBEemF3QUpNb2t5Umt6SllqSW5OZWhhQk1ERFFNUXNPbWlnL0VCaWR0eXUxYjk0UUhXdFR1MTc0R3M5L3FrS200ZlF0NE9hZW1MaEo5ZG5JNkZNTDR6Y3VhSEVNTTRXS2orSk1oRlFNYk5Cd1lsTUNIZVU1b0FLMElSQW9rPXw&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cfa1a73d576567d700fe962e1986080ae825a18a3fa0dc7b719f5b2aad1f760e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2710
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:36 GMT
location: https://mug.criteo.com/sid?cpp=BPTUXnw0Nlc4ZUxYRUxzQ3JoankvY0JYTDhVQWdkdzJwWllyQU1WNU9EVGo2QUdKNlFISUZRMTU0S3R0bHVxYTd1bkdXdmVzdUxYNE1ZS2NTTU94eTJyeUtrQS9JYVdsK1BicTE1a3pScVR4RlVZaUlVSjBEemF3QUpNb2t5Umt6SllqSW5OZWhhQk1ERFFNUXNPbWlnL0VCaWR0eXUxYjk0UUhXdFR1MTc0R3M5L3FrS200ZlF0NE9hZW1MaEo5ZG5JNkZNTDR6Y3VhSEVNTTRXS2orSk1oRlFNYk5Cd1lsTUNIZVU1b0FLMElSQW9rPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1948
content-length: 482
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 76ms
21ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 78ms
23ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 77ms
22ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 78ms
23ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 79ms
24ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 77ms
22ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:35 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
461 B 125ms
29ms XHR
text/plain 54.155.81.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.155.81.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-81-83.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Apr 2022 10:24:36 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://www.allsgpromo.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: 3e5d1c3b-6dd5-4931-916f-4de92a12a470

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
461 B 127ms
31ms XHR
text/plain 54.155.81.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.155.81.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-81-83.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Apr 2022 10:24:36 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://www.allsgpromo.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: 8774a708-31ee-43b7-abfb-0218553ba38d

POST
H/1.1 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
461 B 129ms
31ms XHR
text/plain 54.155.81.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.155.81.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-81-83.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Apr 2022 10:24:36 GMT
Server: SOMA
X-SMT-MESSAGE: GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin: https://www.allsgpromo.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-SMT-SessionId: 853155d9-1dad-4c84-81e9-e7efb6934527

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
335 B 86ms
58ms XHR
application/json 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=760453&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22120bf2faabfc608%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.3%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anymanager.io%22%2C%22sid%22%3A%226588%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22132314eb7681393%22%2C%22ext%22%3A%7B%22siteID%22%3A%22760453%22%2C%22sid%22%3A%2222660656018%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2214f7151dbfe6303%22%2C%22ext%22%3A%7B%22siteID%22%3A%22760453%22%2C%22sid%22%3A%2222660656018%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2215bb4206de87345%22%2C%22ext%22%3A%7B%22siteID%22%3A%22760453%22%2C%22sid%22%3A%2222660656279%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22160f95e68785b7c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22760453%22%2C%22sid%22%3A%2222660656279%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221707ce0b663362a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22760453%22%2C%22sid%22%3A%2222661267012%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2218b487b179b8b16%22%2C%22ext%22%3A%7B%22siteID%22%3A%22760453%22%2C%22sid%22%3A%2222661267012%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 98fd5b6db882e56e099d4ca1a9941b348fcb6e6cf7a32b913bb98b447c727918

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:36 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.176], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.allsgpromo.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Fri, 08 Apr 2022 10:24:36 GMT

GET
H2 200 arj Show response
adasia-d.openx.net/w/1.0/ 73 B
381 B 75ms
30ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=30310903-10f0-4884-b2b4-2c1934e2940b%2Cb1694b02-4ec6-40b8-8621-34471558d075%2Ca6d54404-fe3d-4fbd-b6d5-cbb9a1be2d11&nocache=1649413476567&schain=1.0%2C1!anymanager.io%2C6588%2C1%2C%2C%2C&aus=336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250&divids=ats-insert_ads-2%2Cats-insert_ads-3%2Cats-insert_ads-4&aucs=ats-insert_ads-2%2Cats-insert_ads-3%2Cats-insert_ads-4&auid=556412992%2C556412993%2C556412994
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 114b59212bd82e0ad5cd21a7c390c4c8a0c96eddbb64e1d98b232319a4580c5d

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.allsgpromo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 128ms
70ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.allsgpromo.com
date: Fri, 08 Apr 2022 10:24:36 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
738 B 49ms
16ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:36 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3f5febe7-51c6-4f36-89db-e775ce37d334
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.allsgpromo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pubads_impl_2022040401.js Show response
securepubads.g.doubleclick.net/gpt/ 369 KB
125 KB 74ms
34ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

49adad57c43159e3b07daf3f0ae19e1f31d973bc3859ec4dcb647784f0677736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128155
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 08:35:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 08 Apr 2023 10:00:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 104 B
117 B 82ms
42ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.allsgpromo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e803674adb4f7b8879ce8460300522bcd93a44aca78d979e416a145d45caf4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92
x-xss-protection: 0
expires: Fri, 08 Apr 2022 10:24:36 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 66ms
36ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30673
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txf68aac2c195d4d6c95e65-00624b8c92
x-amz-id-2: txf68aac2c195d4d6c95e65-00624b8c92
last-modified: Tue, 22 Mar 2022 09:15:19 GMT
server: cloudflare
etag: W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=479U6tXWb%2FOXhKnB3Wag0fbEjCOroMKc%2BXphBVHN7RfgKwUXBFSTsaeItdG8y4iodu4LuqNbaaAgkEnV6ptu2%2BfxB5U2xzYfdpd5vtEdmxTf%2B0QvkMY3RAhYmOHMdUgB%2F7xbLC5BpZbUKiRy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1647940519211847
cf-ray: 6f8a4b551af75b26-FRA
access-control-allow-headers: Authorization

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 56ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 08 Apr 2022 10:24:35 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1429
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 278 B
640 B 122ms
103ms Script
text/javascript 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-52.fra50.r.cloudfront.net

Software

Resource Hash

7c169a3333ef374ec234430a492559e559a22f88ec7c4f6253d84a57f7055ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:36 GMT
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
age: 816
etag: b357c7874f0e442c5eaf47fb08378c52
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
content-length: 278
apigw-requestid: QP08EixQoAMEP5g=
x-amz-cf-id: 1HBL0H9ziJS84W0Wr02ZJGBbxhjXySbb2FqvKSzr04VRLy0YXvxIqQ==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 106ms
34ms Image
image/svg+xml 2600:9000:2038:7c00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/whatsapp.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:7c00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 22 Mar 2022 15:09:29 GMT
via: 1.1 3f6ea9dc2daf7899e40c190c4d465fd0.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1451708
etag: "afe7fc60ed757db39a88d2950fce69c9"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 832
x-amz-cf-id: FpX520MJFE0fg0cOxiQYEQzXGIfslyp96S3XZuSZOwZHpd6bgpJe8Q==

GET
H2 200 telegram.svg
platform-cdn.sharethis.com/img/ 2 KB
1 KB 106ms
34ms Image
image/svg+xml 2600:9000:2038:7c00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/telegram.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:7c00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8bdf772d9fc521b1bac964b3e1287466cc5e6497f058ef97112f9a17b2591dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 04:03:34 GMT
content-encoding: gzip
etag: W/"1e5f8bd74d9f0b6fbbae7c0cce36469e"
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2182863
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 3f6ea9dc2daf7899e40c190c4d465fd0.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: HEL50-C2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: i0NL4AuVlLBI-2UpxhJuOc5EbG9LhukMTdySuuHlCQ4m6aksj5SDdw==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
725 B 107ms
35ms Image
image/svg+xml 2600:9000:2038:7c00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:7c00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 11 Mar 2022 05:56:32 GMT
via: 1.1 3f6ea9dc2daf7899e40c190c4d465fd0.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2435285
etag: "c6e9be45643e197ce1db1d7e24a99adc"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 301
x-amz-cf-id: IxKc-sBVfMAV1-IY5615mOXCFSqdJF5Az450XaWOoxPkrj6JcRMtOQ==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
990 B 107ms
35ms Image
image/svg+xml 2600:9000:2038:7c00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_left.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:7c00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 14 Mar 2022 06:31:44 GMT
via: 1.1 3f6ea9dc2daf7899e40c190c4d465fd0.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2173973
etag: "b55d8d2b9321e381a3c38a4bddb74037"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 565
x-amz-cf-id: ulFtt3XvwGkvbDd2HA6b_rkUR7E0FB-wPwEkJVbDgBdoMV1tcFrCFw==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
990 B 107ms
36ms Image
image/svg+xml 2600:9000:2038:7c00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_right.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2038:7c00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 11 Mar 2022 19:45:13 GMT
via: 1.1 3f6ea9dc2daf7899e40c190c4d465fd0.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2385564
etag: "9928d025bd5792b718ee0a185f62e67c"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: HEL50-C2
accept-ranges: bytes
content-length: 565
x-amz-cf-id: 9OGg6mxQ1irEqkxTTy98GnRUc-0Ju6il3kH3OhNGdeLi4SycSvHHtQ==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 139ms
51ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.allsgpromo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 141ms
50ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.allsgpromo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 361ms
360ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2274504248295943&correlator=2052122440979193&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fifs&iu_parts=21622890900%3A22378184385%2CSG_allsgpromo.com_res_article_top_728x90%2C320x100%2C320x50&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3&prev_iu_szs=728x90&ifi=1&adks=1567859958&sfv=1-0-38&ecs=20220408&fsapi=false&eri=1&cust_params=url%3D%252Fkfc-promo-menu-delivery%252F%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1649413476814&lmt=1649388641&dlt=1649413473246&idt=3547&biw=1600&bih=1200&adxs=266&adys=215&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1068x0&msz=728x0&fws=132&ohw=1600&ga_vid=423034769.1649413477&ga_sid=1649413477&ga_hid=1569133847&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e1fee231abf6a39eb4a85259dddecdc27fa7b96f5b876757bd3e637c940d9538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 211995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11893
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 314490
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 109ms
60ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

584fb88735c7d0b1c591c56b4e2752aefed84e512a86b5484c2147979825926b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 10:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10576
x-xss-protection: 0

GET
H2 200 container.html Show response
3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 386C 6 KB
4 KB 174ms
47ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 10:24:36 GMT
expires: Sat, 08 Apr 2023 10:24:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 148ms
56ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 10:24:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 56F7 13 KB
5 KB 89ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 09:43:33 GMT
expires: Sat, 08 Apr 2023 09:43:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A857 783 B
1 KB 135ms
48ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1a333f48c0f960672f275d26f855262b88b8c6ddaa189e2f975616ef525c2600

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fJVbkv8rp1LoGqM+dOI+Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-fJVbkv8rp1LoGqM+dOI+Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 10:24:37 GMT
expires: Fri, 08 Apr 2022 10:24:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 105ms
58ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2Z5XGZ7663&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-167532065-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ee2291678cb55e4094932bb056d6a4f638f5652db173d0aa9f0806ad4b9fb3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66231
x-xss-protection: 0
expires: Fri, 08 Apr 2022 10:24:37 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7357824870962864

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8728583f0c6e5400cc724ed7932c6f6bfb4a94c5cc9f586d6b2d459c4e569c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.allsgpromo.com/
Origin: https://www.allsgpromo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54095
x-xss-protection: 0
server: cafe
etag: 1133548629916422156
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Apr 2022 10:24:37 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 102ms
52ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.allsgpromo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 95ms
48ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.allsgpromo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 71 KB
19 KB 375ms
375ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2274504248295943&correlator=2052122440979193&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fifs&iu_parts=21622890900%3A22378184385%2CSG_allsgpromo.com_res_article_mid5_300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280&ifi=2&adks=3437906406&sfv=1-0-38&ecs=20220408&fsapi=false&eri=1&cust_params=url%3D%252Fkfc-promo-menu-delivery%252F%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1649413477204&lmt=1649388641&dlt=1649413473246&idt=3547&biw=1600&bih=1200&adxs=266&adys=9128&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=300x0&fws=132&ohw=1600&ga_vid=423034769.1649413477&ga_sid=1649413477&ga_hid=1569133847&ga_fc=false&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

58b1924ca507c3b572c2f846a2371d56a8afefa27d8822e4e9f99980e3d08286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 213202
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19506
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 327881
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 1246ms
1246ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2274504248295943&correlator=2052122440979193&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fifs&iu_parts=21622890900%3A22378184385%2CSG_allsgpromo.com_res_article_mid4_300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280&ifi=3&adks=2468294021&sfv=1-0-38&ecs=20220408&fsapi=false&eri=1&cust_params=url%3D%252Fkfc-promo-menu-delivery%252F%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1649413477210&lmt=1649388641&dlt=1649413473246&idt=3547&biw=1600&bih=1200&adxs=266&adys=7874&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=300x0&fws=132&ohw=1600&ga_vid=423034769.1649413477&ga_sid=1649413477&ga_hid=1569133847&ga_fc=false&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a498ff47f6c195c0c24239351e085785c76013a34e79e141b0944d60990aa5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 211995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13564
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 314490
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 1000ms
999ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2274504248295943&correlator=2052122440979193&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fifs&iu_parts=21622890900%3A22378184385%2CSG_allsgpromo.com_res_article_mid3_300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280&ifi=4&adks=1268251276&sfv=1-0-38&ecs=20220408&fsapi=false&eri=1&cust_params=url%3D%252Fkfc-promo-menu-delivery%252F%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1649413477215&lmt=1649388641&dlt=1649413473246&idt=3547&biw=1600&bih=1200&adxs=266&adys=5089&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=300x0&fws=132&ohw=1600&ga_vid=423034769.1649413477&ga_sid=1649413477&ga_hid=1569133847&ga_fc=false&btvi=3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d5331191a8f894ed182765bed6531dc63e26cb0b1a7a0ad3e43e591e1e199c7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 211995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13709
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 314490
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 690ms
689ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2274504248295943&correlator=2052122440979193&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fifs&iu_parts=21622890900%3A22378184385%2CSG_allsgpromo.com_res_article_mid2_300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280&ifi=5&adks=1729623053&sfv=1-0-38&ecs=20220408&fsapi=false&eri=1&cust_params=url%3D%252Fkfc-promo-menu-delivery%252F%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1649413477219&lmt=1649388641&dlt=1649413473246&idt=3547&biw=1600&bih=1200&adxs=266&adys=6036&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=300x0&fws=132&ohw=1600&ga_vid=423034769.1649413477&ga_sid=1649413477&ga_hid=1569133847&ga_fc=false&btvi=4&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7c2fb2aac4d50aa268a1fc2720d9188d3fdf0086d7581c9da6700598f85fa7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 211995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13463
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 314490
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 1586ms
1586ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2274504248295943&correlator=2052122440979193&output=ldjh&gdfp_req=1&vrg=2022040401&ptt=17&impl=fifs&iu_parts=21622890900%3A22378184385%2CSG_allsgpromo.com_res_article_mid1_300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C336x280&ifi=6&adks=469734219&sfv=1-0-38&ecs=20220408&fsapi=false&eri=1&cust_params=url%3D%252Fkfc-promo-menu-delivery%252F%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1649413477223&lmt=1649388641&dlt=1649413473246&idt=3547&biw=1600&bih=1200&adxs=266&adys=3414&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=696x0&msz=300x0&fws=132&ohw=1600&ga_vid=423034769.1649413477&ga_sid=1649413477&ga_hid=1569133847&ga_fc=false&btvi=5&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7ccae7849835d007c7669c6f870e6121d80cd03eca435a254a6aa7372cb249d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 211995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13326
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 314490
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B868 6 KB
3 KB 88ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 10:24:36 GMT
expires: Sat, 08 Apr 2023 10:24:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/ 302 KB
108 KB 115ms
67ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7357824870962864&plah=www.allsgpromo.com&bust=31066989

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7357824870962864

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b493a90c8877e5f44d67865eff827b7d885dc70385a21fbfbf3ff79393ff76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110225
x-xss-protection: 0
server: cafe
etag: 13574729270686630054
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Apr 2022 10:24:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/ Frame 1581 10 KB
5 KB 124ms
38ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7357824870962864

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 17:43:12 GMT
etag: 14837630671339829333
expires: Thu, 21 Apr 2022 17:43:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
173 B 172ms
79ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2Z5XGZ7663&gtm=2oe3u0&_p=1569133847&sr=1600x1200&_z=ccd.AAB&ul=en-us&cid=423034769.1649413477&_s=1&dl=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&dt=KFC%20Promotion%3A%20Zinger%20Box%20for%20only%20%247.95%20(U.P%20%2417.85)%20from%206%20to%2019%20April%20%C2%A0%20-%20AllSGPromo&sid=1649413477&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Z5XGZ7663&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 132ms
41ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-167532065-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1191
date: Fri, 08 Apr 2022 10:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 08 Apr 2022 12:04:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A857 0
0 90ms
90ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040401&jk=2274504248295943&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 56F7 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 09:28:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 09:28:15 GMT

POST
H3 200 admin-ajax.php Show response
www.allsgpromo.com/wp-admin/ 14 B
752 B 2142ms
2142ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.allsgpromo.com/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.4.2

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aaf4834790d845b983715189694e17e3adb575974630bfc83e79ef616ac55b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BG5GnliqeNFzjuspgOFwCT9E8m%2FHTGcubQD74G5VvQ4FHfZUKA1cBZKwkQBrIPvurMdSkVhYwDrHijSKhZE25hqE%2BAkRkMTd5PJ7H7NJ9MljemS9V9wsQ4dtU7Z47kqR2oC4HdoS3Iv5vR6UoD%2F8T5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.allsgpromo.com
x-httpd: 1
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6f8a4b59897091ff-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 ez-toc-icomoon.woff2
www.allsgpromo.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ 580 B
1 KB 708ms
708ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.allsgpromo.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ez-toc-icomoon.woff2
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/wp-content/cache/min/1/6faad0fd24dcccd73c21fd9d22f8fe5b.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a5d04f74cf2a5ac395114c141150def9ea2ec79fa5b06febc02cb396d2c88f7

Request headers

Referer: https://www.allsgpromo.com/wp-content/cache/min/1/6faad0fd24dcccd73c21fd9d22f8fe5b.css
Origin: https://www.allsgpromo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 580
last-modified: Wed, 06 Apr 2022 00:26:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PMLxgCJ4pQzwK2mId1otGsZ5e7FDWL2E9ytq8clhvwr0IkhGosSTL%2FMvKjyHdyk%2BIEQ8e%2BspfH7D23%2FbwUIKZDnxBD94gE2of6g1AtuxO%2FVKyMJAXK0Pp5B5kU%2FGSPVNa0jIPFIvUIBtangSchJu8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-httpd: 1
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6f8a4b5a0a2f91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:38 GMT

GET
H3 200 kfcor.jpg
www.allsgpromo.com/wp-content/uploads/ 98 KB
98 KB 1141ms
1140ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/kfcor.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de23a7d9aa6e5616a85b17c9390419d6e5ad1ca9c4ca8eb6bd2b246dc57b8dd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 99941
last-modified: Mon, 28 Mar 2022 12:20:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFPTXIVv48xhDiyUmJvZxF%2FLUR8j656JShr6pocpx1McNLScePE%2F2CNH2MDoBMPQYvpwRd8%2BdE9TordEp780Jy8tVIUwWKKi59PMayxZjulKQ0%2BCO9E%2Bs4iZfuRNUh7P6LuP0LH93x10%2BM38hnMYkMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b5a1a4b91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B868 0
0 71ms
71ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClckBZA1QYsnKNIGs3wP9-46wDO6StZNcv6KFx-QFwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBK4CT9C9cWHVkorpTqMGuBUOC66JXjxBrNg0H0pSfr3KtFuyiQvkiwQvHqrhpzCFZSzjaX59igXuvVEkt_3GmY1TDj9Pb9oF6HbbV7ukgKUDzAHoRLSPL_qeK7Y7S8EQE_Cyev5Z7k2aLNUDZXdjChplQ9QSuNUAHkAdCR55GWuYseqQ6RHBg4hqboy--eu_1SrUqBxml2WcQYeJoY5rTIZ6LDNeSQOt3sz9G7ASUY5QKRmEF2EYBmdCd0Aju7HoZ0u2A0nxU7pF7m6V7C7TJn-U2laO8vu2uAesCEQcXQtHlRtXBR4qU2Ww2Luf3hEEtxWDm-SYLB_52V1DFIN9Tm657PrPiEFrDu_XlSl4BO_0p8KDQ_py4F7m3OMCBWyc9EGrICSMmv47zrUWQWFZdyPgBAGABs-Rvv2xlq6j7QGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=CFsYIzX60Io&uach_m=[UACH]&cid=CAQSPwCNIrLMBufCYMWLT9EFKPi2peDan5oPCmLu8WdB-r-EUUYcnxgK5AMw66_e0krfWkyOKahM7iFQ5b1C5s2jTRgB
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame B868 4 KB
2 KB 36ms
8ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: /
Resource Hash: 71568078dff6e78c47f7990f34955b5ad9a965daca0adc5416a6864dbf8cf1bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:14:54 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 823
etag: "1508938c839842a753a06a4fb2147a7754cc1405"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
content-encoding: gzip
content-length: 2028
x-amz-cf-id: 0t9TOqK1KbEnVcN9BY0yrntk7WxlryA0x-Z_3P6RtU-rMEXAMwmN9g==

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame B868 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:20:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B868 119 KB
36 KB 1039ms
946ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 10:24:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame B868 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:00:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B868 0
0 95ms
47ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGJWW7biJWKBBanDnbOVFqCWO8MzW9jMxReBt5tFuWjIJximC7RF0AQOOOER7n4yxAWkYADrpmuXUmX0lhB1zzVg0V4Q
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B868 22 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Apr 2023 11:16:58 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame B868 37 B
184 B 31ms
7ms Image
image/gif 3.123.205.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=YlANZAANJUkKd9YBAAO9_Uri7P9qv3WWvmfUPw&ts=1649413477&aid=40337981533432411804600&ec=2460_92536_65727303&n=GqcEaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5LzE3NWQwNDY0LWI3MjYtMTFlYy04OWFmLTNmZGMyYWJjNTU4OC8wLjAxNC9DRkJFS0RSTTJNS0FJQlFZUEtTNUhVSzdTWFBSVEVRQ1FPT1pDUVA2WTJZT0JMWDRGWlFZRkxCV1dBMzM3UElNWkFCVjVHTExMTk02UkxPWUdOT01QSUJSVEI2Vk9IWTZRQjZKVklVUERJV0M0RU1RTTM0NDZZTlcyN0tXRUU0S1NPWE9GTlhSNEw2SERHQ1dLT1ZVQ1pWUjU2QjNTVjNMS0xNVTQySUczQ1hYRkpUVEc3WkpPRlUyRzVGRVlPRFAyTzRITTRQNFg1SDZSTkVOWUVINTdJQkJGVlZEQ1Y3TFRBNVBNV1pCV1g3VE02NU1VQUNIUlU3Q0lOUzRXU1RMT0JIQUdCUEdMTk9QQzZTNU5DQlNWVUlDN1FUVlhRTU9SUFdLTVQzRE43N0VKWEtTTExGS0tMVkhBVEtWMkhYS1BTN0hIMkFTVDJJSVpMWk9aRlhLWjVSQjNNM0ZBQ0Q1UFVSRkpETTc1NkFHNTZNQVNCUEdJT1dOWkxBN1RBTjczSkVLREpRSlRSRzI0S0U1SEQ0WlJQT1I3SU1aTjZHQVQ3UEtQVDZYN1hNRUlINzVBQ0dEUERPUllITENJMkhULz%2FyAs4BCAASFzQwMzM3OTgxNTMzNDMyNDExODA0NjAwGAAgASicEzD40gVAAUgAUABgCmgAcM6gIpABAJgBAKgBALABDrgBCcABC8gBDuABC%2FABAPgBDoACC4gCC5ECAAAAAAAA8D%2BZAgrXo3A9Csc%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Ar8xgAPYBYgDWpADAJgDAKADALgDjxHAAwDIAwDSAwg2NTcyNzMwM%2BAD%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAekDAAAAAAAAAADwAw74AgWIAwCSAwRkYmE4mAMAoAPRtgKoAwA%3D
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.205.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame B868 37 B
140 B 33ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=40337981533432411804600
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 101ms
48ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1569133847&t=pageview&_s=1&dl=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&ul=en-us&de=UTF-8&dt=KFC%20Promotion%3A%20Zinger%20Box%20for%20only%20%247.95%20(U.P%20%2417.85)%20from%206%20to%2019%20April%20%C2%A0%20-%20AllSGPromo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAAC~&jid=1615699642&gjid=870961403&cid=423034769.1649413477&tid=UA-167532065-1&_gid=642199782.1649413477&_r=1&gtm=2ou3u0&did=dZTNiMT&gdid=dZTNiMT&z=508300055

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
247 B 56ms
42ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.allsgpromo.com&callback=_gfp_s_&client=ca-pub-7357824870962864&cookie=ID%3Dd64cda19ba189039-22e5d77872cd0074%3AT%3D1649413476%3AS%3DALNI_MYmGCoQW8WVXe_ViHbrnwFGa2z84A

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7357824870962864&plah=www.allsgpromo.com&bust=31066989

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 67ms
67ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.allsgpromo.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.allsgpromo.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1D0D 137 KB
45 KB 573ms
523ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7357824870962864&output=html&adk=1812271804&adf=3025194257&lmt=1649388641&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.allsgpromo.com%2Fkfc-promo-menu-delivery%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649413477283&bpp=3&bdt=4038&idt=224&shv=r20220406&mjsv=m202204040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd64cda19ba189039-22e5d77872cd0074%3AT%3D1649413476%3AS%3DALNI_MYmGCoQW8WVXe_ViHbrnwFGa2z84A&nras=1&correlator=6292785507096&frm=20&pv=2&ga_vid=423034769.1649413477&ga_sid=1649413477&ga_hid=1569133847&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065342%2C31066989%2C31060047&oid=2&pvsid=2274504248295943&pem=68&tmod=1443696229&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=238

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d8d788591d0c68b4091d69b90c669bd61443807329363f052dba3b56e4cb996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45986
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 10:24:38 GMT
expires: Fri, 08 Apr 2022 10:24:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/ Frame B868 254 KB
81 KB 8ms
8ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71694d8ed80c586236db505697b3e29535c6bcefbb7b1ce3880e5c4bd5349227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 22:31:34 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 22:31:18 GMT
server: AmazonS3
age: 129184
etag: "14ff31543d853139c5782ead225ac441"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 82572
x-amz-cf-id: 3KKggA148U7vV8XwGKcL-ChModPfOdzqluVe63KtdgqinV_xyxw_tA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-167532065-1&cid=423034769.1649413477&jid=1615699642&gjid=870961403&_gid=642199782.1649413477&_u=YCDACUAABAAAAC~&z=1289792318

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.allsgpromo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 08 Apr 2022 10:24:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.allsgpromo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B1D 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 10:24:36 GMT
expires: Sat, 08 Apr 2023 10:24:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 moomoo-promotion-free-share-1-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 8 KB
9 KB 779ms
778ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/moomoo-promotion-free-share-1-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 938f284e01a1deaf4f9840c88c4aa8d9cfa5f6f20018de59cec2f749a7efd3aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8657
last-modified: Thu, 31 Mar 2022 17:11:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhbVe5MUByoCxD2u0aHtwwFLVbTL1VRy3O5nj5Sc1e9kE0jna1zCfHMSEvA2EQ1ZSO0RYN%2Bq7qK7yerM8soPTt8RIL1dyH09qiM%2BpwZIkdE4oScLtILk5CjQSC8qNp8x%2BYdOLYQSTehx1BYR63BZx8E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b5c1d6a91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:38 GMT

GET
H3 200 paris7-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 8 KB
8 KB 719ms
718ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/paris7-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24aad7c9688903f80f6b22c21a1c417f0dcc99de20b7eff833db9af5b43b0476

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7826
last-modified: Thu, 07 Apr 2022 03:14:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydEAnpoFfBHPrfr9a58hmw1J7N%2Bwm%2BfqyAlEMq8P48KkvMq8dYyoGTBqAKZndBpwAbwe60CFBruM3yzfMDUWU93yslEM6pCu7zHGQ9XcsmSgGIFHlrSoYvp5QyhptkRjuAxfmmFRW70RqLH%2FoyZghko%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b5c4dc091ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:38 GMT

GET
H2 200 r
eb2.3lift.com/ Frame B868 37 B
139 B 9ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=40337981533432411804600&rev=11f0e47&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=92536&brid=561230&adid=65727303&crid=-1&ts=1649413477&bcud=14&ss=5&caid=0&unid=0&domain=3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.allsgpromo.com%252F&rr=creative&fid=10&rb=0&g=0&cb=41822
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
DATA 200
OK truncated Show response
/ Frame EFA1 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame B868 3 KB
3 KB 8ms
7ms Image
image/png 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 22:10:30 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 476048
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: Wtw0lLo2BgUbMbzuhqEt_dMeaCHv_q1TpfUJP4TBIITMwUJUDDn_7g==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame B868 3 KB
4 KB 8ms
8ms Image
image/png 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 17:38:29 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 578769
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: lty-4S9vWxDSqX89vSq4r87vt5lvVySN7K53bUIXmTy_7aRXauUhAg==

GET
H2 200 ctar
eb2.3lift.com/ Frame B868 37 B
139 B 11ms
11ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_display&aid=40337981533432411804600&rev=11f0e47&cta_render_method=1&cta_render_text=&cb=48610
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 widget-728x90.js Show response
widgets.zemanta.com/1646288090/ Frame E8FE 6 KB
3 KB 35ms
6ms Script
application/javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1646288090/widget-728x90.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f15f4fd8772df9f8469e085c9dcec9ac2b070009ca290d447898bf5400c4021

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: 6gjTgAWv8q0YdgBr3LK0Sms13tYGH2W1
content-encoding: gzip
etag: "9d9eccc5fd836c7aede279135dfdc306"
age: 2984
x-cache: HIT
content-length: 2400
x-amz-id-2: dIscgr73+DCUrEOnmQITXJvFcmA4wgo9AZOn26qwDUF/rJkDc3rgSkBy04OukFtKYetfCNXr+kI=
x-served-by: cache-hhn4039-HHN
last-modified: Thu, 03 Mar 2022 08:30:50 GMT
server: AmazonS3
x-timer: S1649413478.893750,VS0,VE0
date: Fri, 08 Apr 2022 10:24:37 GMT
vary: Accept-Encoding
x-amz-request-id: W1MRTXC3Z2D94WN2
via: 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 828

GET
H2 200 aop
eb2.3lift.com/ Frame B868 37 B
139 B 11ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=40337981533432411804600&rev=11f0e47&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=92536&brid=561230&adid=65727303&crid=-1&ts=1649413477&bcud=14&ss=5&caid=0&unid=0&domain=3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.allsgpromo.com%252F&rr=creative&fid=10&rb=0&g=0&cb=70426
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 5B1D 19 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2021.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30e7a5e36892cb2b68c26ff4e8352b1106707bd9e589fb07729ef7107539a287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 09:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7962
x-xss-protection: 0
server: cafe
etag: 5422798097844672075
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 09:32:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5B1D 8 KB
714 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 09:00:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Apr 2022 10:24:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Apr 2022 10:24:37 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/ Frame 5B1D 14 KB
3 KB 153ms
39ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.css

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 15:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 413328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 10:38:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Apr 2023 15:35:49 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/ Frame 5B1D 347 KB
120 KB 154ms
40ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d85be025a12bbb9bc1b3070e776389404bc1fed2b43fed80aa6d21a0f340d46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 23:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296922
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122269
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 10:38:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Apr 2023 23:55:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 5B1D 15 KB
6 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0
server: cafe
etag: 1861550861606854559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:14:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5B1D 0
0 47ms
46ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQtOJbI0w9Knat4nbC_S23QJDP63DTk_eLuvwTBVAG1aTsvZLGK1_eDVwRaFkoYatlIuEdyZY5fuQxwDZri0lSTe__Bng
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5B1D 22 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Apr 2023 11:16:58 GMT

GET
H3 200 Promo-Posts-with-John-and-Jarolyn-24-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 14 KB
14 KB 945ms
945ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/Promo-Posts-with-John-and-Jarolyn-24-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa6c46abfebdec844846d8e644e7fe0879476d71b931cc3ce09e489f9f327af7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14094
last-modified: Fri, 08 Apr 2022 01:58:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcjVpr7H3msD9XUna2DKdzBRNlvKQEc%2BcmCN2FBnj9N79cNBoMGiO0lZ2ncq6ofObuM0ZbrzW%2F4uhj1H6LDylDL8gqzK6W43UW1gjK5rqDyYKEV7stHZ2i8k8eyxRWSr4EZCFgUYByIjNWu4Qk1X0us%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b5cce7691ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:38 GMT

GET
H3 200 container.html Show response
3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9430 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 10:24:36 GMT
expires: Sat, 08 Apr 2023 10:24:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 56F7 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WJNQCg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 Famous-Amos-31-March-2022-promotion-1.png-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 10 KB
11 KB 222ms
221ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/Famous-Amos-31-March-2022-promotion-1.png-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dd0662413a706f1557f13391648f54cf04c0728bca7054c5bab67daee5796e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10062
last-modified: Wed, 02 Mar 2022 12:40:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9Un8J8qgPgbuH4fcMxFpify5ZBfX%2FG2pSfzaSPxeR1hrnbP6boecMNTd2yJHLqDryhPAAhi1QKkr89NsTgZkA5vlElboaXGoIOCKV80pzHtx5%2Fj2RhI1HXmw98z%2Blq7O6B52O8Gh3aFPvp7OH5wk%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b5d3f0191ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:38 GMT

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/27XRIIVANDICPTU4L6XKHGMXUT57CKV4RWIPGEVQYO43777RHJR5CRU7KAV4WN776UIJ2PDKWBO4OMYYRHAYP77ZYO36LIUP7UX4RYLAYIY3VS66YE4CITXJELOL6S4JJ3BJJKW6FVTFZNARBAD65NEL44PRJG... Frame E8FE 26 B
151 B 63ms
13ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/27XRIIVANDICPTU4L6XKHGMXUT57CKV4RWIPGEVQYO43777RHJR5CRU7KAV4WN776UIJ2PDKWBO4OMYYRHAYP77ZYO36LIUP7UX4RYLAYIY3VS66YE4CITXJELOL6S4JJ3BJJKW6FVTFZNARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTF6U6CYRT4VEJVSPC4SCPIOBFLOBJWWQJPL2TUAMR3TG6RTTDSAFLND4QGD6VI36QJEU2HGVNEPGFSIAY7MIWX2NG5OEBNMW3XR5OGVWPPW47CYIYJPXWNH7VLDY2HSRPHSU3YNUQKGYNUGFY3OPXWGSFQNJZKTKM4NH6P7BN3BI6GIXCCMCSWKO7EPUHYQD3VQ/?
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 10:24:38 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 17b876dd9316d95dec9bc438e18a65838c.jpg
zem.outbrainimg.com/p/srv/sha/0d/4f/bb/ Frame E8FE 10 KB
11 KB 33ms
6ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/0d/4f/bb/17b876dd9316d95dec9bc438e18a65838c.jpg?w=159&h=88&fit=crop&crop=center&fm=jpg

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

5381893b44bf25c349f6a4d6d6f7bd95be16f9d3b01957fc6b1809bc5546a3a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 1866363
x-cache: HIT, HIT, HIT
x-imgix-id: 62be4b35ac59526ac3642dafca7c7e9926a674ab
content-length: 10502
x-served-by: cache-sjc10071-SJC, cache-hhn4073-HHN, cache-hhn4050-HHN
last-modified: Thu, 17 Mar 2022 19:58:32 GMT
server: imgix
x-timer: S1649413478.033264,VS0,VE0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 8

GET
H3 200 Promo-Posts-with-John-and-Jarolyn-20-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 13 KB
14 KB 880ms
880ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/Promo-Posts-with-John-and-Jarolyn-20-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dfc0ff8819b5be0a6d761a97741ef4a6a92046c96e4cde9fa926320ad2d1fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13288
last-modified: Tue, 05 Apr 2022 13:14:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5H%2BH3sy8SacElGnKDBMmYOVxC7l22HUgIeQQY2VVYlFxrt8I8RVOH4znQCFbE15lAkIEmoMRej3jiCuzP3v05uhxbPtLnt1snGduEb8TKBrGbOiTedHS5hrlWsTKwm9iQbkvUkJSxp7wQOeKcUsnAqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b5dbf9f91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9430 0
0 74ms
72ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Csm7HZQ1QYoW9Itv33wO50LToBe6StZNcv6KFx-QFwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBK8CT9B37LAl0yF5e8qOmWBagpmOY7Lxbb6Cpv6Vii3RSASXmZCWx1RYEY4FSBRyBjA6tDAvZNQ-Xwgv3Q0I3aVMNFx67MXnh3FjGcDfm802qzwO8mg3WW0UqA5vDcUgWfiwdkBhEbkDtbnhePENT7VhlqFezdQJEKcsN6jTkUii4k_g0cwXXAD0ICWmrLXoTmPXR5kfbS7Tn4useIKhHVlzn9JgWJegsngZ6AcIg6aUDhM808uVtoDcen894XGqr_MXI7WvbB6JlyCQUCQzhx64keMd36G74odl8Ld2z7_7WgDPtUxcpMJlIuINJdvHxsyAcXHd5PUUECjF-LMwNSDUn6n631V9jB5IW3jNXhR_s9AeTY7k8ZyqjXdj_7gmSR58cFHtdJ460urbjETmux4r4AQBgAbPkb79sZauo-0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=ZFI2mRICHCA&uach_m=[UACH]&cid=CAQSOwCNIrLMo9Vd24WsppkNYqZAnWV6zih6Rrl9_eSHRrxnft4PGhsfq7pMoj2JTlzXS7ypVm4LlnklOiM7GAE
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 9430 4 KB
2 KB 9ms
7ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: /
Resource Hash: 71568078dff6e78c47f7990f34955b5ad9a965daca0adc5416a6864dbf8cf1bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:14:54 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 824
etag: "1508938c839842a753a06a4fb2147a7754cc1405"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
content-encoding: gzip
content-length: 2028
x-amz-cf-id: bOcHk78m5_ytkE6Ql0aW-H7OtaCZd2lHw4jE-KDs9JZda55Avoh6oQ==

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 9430 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:20:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 9430 15 KB
6 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:00:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9430 0
0 47ms
46ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5bbX_oUevLuoXwOAp2jw_iDGz4WQhIB3AlUzrqszLXkoXPPscwo5oH_JnI8pNHKMVI5gYlgz64KS5uNEujK2rqKav-A
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9430 22 KB
7 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Apr 2023 11:16:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9430 119 KB
37 KB 379ms
377ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 10:24:38 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 9430 37 B
183 B 9ms
8ms Image
image/gif 3.123.205.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=YlANZQAInoUKd_vbAA0oOXoglhrClj7O0w01rQ&ts=1649413477&aid=8310197466337671307400&ec=2460_92536_65727303&n=GqcEaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5LzE3YmRjZmQwLWI3MjYtMTFlYy1iYWIzLWVmODBiNTJlMGFkYy8wLjAxNC9DRkJFS0RSTTJNS0FKQUQyS01WV1IyQlYzVFBSVEVRQ1FPT1pDUUxFT09LUDVFWFlCUFJJSDQ1VldURkhMUFdDSkFFSUFOWjU3UlRPVzNER1hQWVA0WVFOTzM0QVc3TlhWRk1GNUlJTlU1QklXWklEREpFTkc2NEFDM0xVRkM2VUVCN0lSTVY1QjRYMkpHQ1dLT1ZVQ1pWUjU2QjNTVjNMS0xNVTQySUczQ1hYRkpUVEc3WkpPRlUyRzVGRVlPRFAyTzRITTRQNFg1SDZSTkVOWUVINTdJQkJGVlZEQ1Y3TFRBNVBNV1pCV1g3VE02NU1VQUNIUlU3Q0lOUzRXU1RMT0JIQUdCUEdMTk9QQzZTNU5DQlNWVUlDN1FUVlhRTU9SUFdLTVQzRE43N0VKWEtTTExGS0tMVkhBVEtWMkhYS1BTN0hIMkFTVDJJSVpMWk9aRlhLWjVSQjNNM0ZBQ0Q1UFVSRkpETTc1NkFHNTZNQVNCUEdJT1dOWkxBN1RBTjczSkVLREpRSlRSRzI0S0U1SEQ0WlJQT1I3SU1aTjZHQVQ3UEtQVDZYN1hNRUlINzVBQ0dEUERPUllITENJMkhULz%2FyAs4BCAASFjgzMTAxOTc0NjYzMzc2NzEzMDc0MDAYACABKJwTMPjSBUABSABQAGAKaABwzqAikAEAmAEAqAEAsAEOuAEJwAELyAEO4AEL8AEA%2BAEOgAILiAILkQIAAAAAAADwP5kCCtejcD0Kxz%2BhAgAAAAAAAPA%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgCvzGAA9ACiAOYApADAJgDAKADALgDjxHAAwDIAwDSAwg2NTcyNzMwM%2BAD%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAekDAAAAAAAAAADwAw74AgWIAwCSAwRkYmE4mAMAoAPRtgKoAwA%3D
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.205.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 9430 37 B
139 B 10ms
10ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=8310197466337671307400
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/ Frame 9430 254 KB
81 KB 10ms
7ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71694d8ed80c586236db505697b3e29535c6bcefbb7b1ce3880e5c4bd5349227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 22:31:34 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 22:31:18 GMT
server: AmazonS3
age: 129185
etag: "14ff31543d853139c5782ead225ac441"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 82572
x-amz-cf-id: noHhnLyKSZGGvS45hmAXl-yUjZQ9QNmOrMx06DWpFJUpWyAzNHLAaA==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F692 1 KB
749 B 40ms
39ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 08 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cdc-merchant-list-singapore-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 13 KB
14 KB 869ms
868ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/cdc-merchant-list-singapore-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5dd8d235814a55fe2ac924486fd0e6f21fe48d6c9625dd0ce3ea2e4d2a31ae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13261
last-modified: Fri, 24 Dec 2021 08:18:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BfRXYtSqD%2B12sJi2YxsWEOKDrLJikyp9MSZsZ%2Fopt6K0dIlP7iB3m3H8fMeh%2BTdNc5ob6JhjEadGIcT79niYW9J1Mj%2BHTEkXCOshbxze7WFRtcnDgX3%2FBUwC8RnFit2Xu1Y1CNkNf%2FN1HBXXQzqvwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b5dffe891ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:38 GMT

GET
H2 200 r
eb2.3lift.com/ Frame 9430 37 B
139 B 9ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=8310197466337671307400&rev=11f0e47&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=92536&brid=561230&adid=65727303&crid=-1&ts=1649413477&bcud=14&ss=5&caid=0&unid=0&domain=3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.allsgpromo.com%252F&rr=creative&fid=10&rb=0&g=0&cb=90493
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 9430 3 KB
3 KB 7ms
7ms Image
image/png 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 22:10:30 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 476049
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: ASyLmQ64QNb2sZlJZI8Vr3X8R0DZOt6kVPKN2p3EeB3OqBaXGMMPlw==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 9430 3 KB
4 KB 8ms
8ms Image
image/png 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 17:38:29 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 578770
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: S9a1nhweyO75zg9u7arzn6U34BWC1Fgh1cgUNZ0KtxxIylhTJZ2IKw==

GET
DATA 200
OK truncated Show response
/ Frame 7D2D 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ctar
eb2.3lift.com/ Frame 9430 37 B
139 B 9ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_display&aid=8310197466337671307400&rev=11f0e47&cta_render_method=1&cta_render_text=&cb=62781
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 widget-336x280.js Show response
widgets.zemanta.com/1646288090/ Frame DA15 6 KB
3 KB 7ms
6ms Script
application/javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1646288090/widget-336x280.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73c73a78933604fd0b0166bd30d9ddd5df2eb4ea29ad66b6fe959e6a2efd18c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: NkfuTGezFwnvsp0_JQU5vMDr9uX6saeK
content-encoding: gzip
etag: "008a81d2770360fc8af601fb99ea9b96"
age: 1044
x-cache: HIT
content-length: 2492
x-amz-id-2: Xm/g93TxJudxfydy3HAl72nUEmUpN3LwB5uaeg97YBESukcF/dG5NNsGH7QEpeK8qs8rQOzvi/k=
x-served-by: cache-hhn4039-HHN
last-modified: Thu, 03 Mar 2022 08:30:49 GMT
server: AmazonS3
x-timer: S1649413478.111056,VS0,VE0
date: Fri, 08 Apr 2022 10:24:38 GMT
vary: Accept-Encoding
x-amz-request-id: 7KSXTR0EQQ3AAJDG
via: 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 256

GET
H2 200 aop
eb2.3lift.com/ Frame 9430 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=8310197466337671307400&rev=11f0e47&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=92536&brid=561230&adid=65727303&crid=-1&ts=1649413477&bcud=14&ss=5&caid=0&unid=0&domain=3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.allsgpromo.com%252F&rr=creative&fid=10&rb=0&g=0&cb=92404
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 CPS-4.4300-x-250-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 7 KB
8 KB 749ms
749ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/CPS-4.4300-x-250-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d6ab7a74c1a31174748a0d2bf5cee7b4c29fd2b4568a2fee228a54f572ea1d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7414
last-modified: Sat, 02 Apr 2022 03:38:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOLFsvk7RmMxuPYNcQS4ccwlffifdzuC32ZBJrTrkJFeV1vPQHtQY5hJL%2Bz76Nl3uWR2rNIT1uOqyO1H7PTUM0aaeA4nzN1VklhK0aBG32J109fO3q%2FArIFhTPkWbLw9e2bKxAtypq%2Bxnk6BypzOicI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b5e586e91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:38 GMT

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/27XRIIVANDICPH2DO4GJQSWDSD57CKV4RWIPGEVA2IFFAYPENJ3CDAYV5XX6JCIHYFLZWJMN2N234MKOMHMSU7LPZDG26TNU6ZIDKKFFMY36R3NTBSZCNZ3EEPXEH7MOZC2XREJFGIFTPNARBAD65NEL44PRJG... Frame DA15 26 B
151 B 14ms
14ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/27XRIIVANDICPH2DO4GJQSWDSD57CKV4RWIPGEVA2IFFAYPENJ3CDAYV5XX6JCIHYFLZWJMN2N234MKOMHMSU7LPZDG26TNU6ZIDKKFFMY36R3NTBSZCNZ3EEPXEH7MOZC2XREJFGIFTPNARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTF6U6CYRT4VEJVSPC4SCPIOBFLOBJWWQJPL2TUAMR3TG6RTTDSAFLND4QGD6VI36QJEU2HGVNEPGFSIAY7MIWX2NG5OEBNMW3XR5OGVWPPW47CYIYJPXWNH7VLDY2HSRPHSU3YNUQKGYNUGFY3OPXWGSFQNJZKTKM4NH6P7BN3BI6GIXCCMCSWKO7EPUHYQD3VQ/?
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 10:24:38 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 17b876dd9316d95dec9bc438e18a65838c.jpg
zem.outbrainimg.com/p/srv/sha/0d/4f/bb/ Frame DA15 20 KB
20 KB 8ms
8ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/0d/4f/bb/17b876dd9316d95dec9bc438e18a65838c.jpg?w=334&h=146&fit=crop&crop=center&fm=jpg

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

57e54599510ae1c24c8a478da234ca0f0b8808228413314bfff6e41496554339

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 563366
x-cache: MISS, HIT, HIT
x-imgix-id: 049b090b6dcc5c2b664b7bfa4229dab1459401b2
content-length: 20608
x-served-by: cache-sjc10030-SJC, cache-hhn4027-HHN, cache-hhn4050-HHN
last-modified: Fri, 01 Apr 2022 21:55:11 GMT
server: imgix
x-timer: S1649413478.210237,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 1

POST
H2 204 csi
csi.gstatic.com/ Frame 5B1D 0
327 B 269ms
104ms Ping
image/gif 2a00:1450:4017:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l1qa7506&c=2724209673102&slotId=1362104836551&qqid=CJGemoOghPcCFQ6qdwodSqwFYA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4017:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5B1D 15 KB
15 KB 89ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 224203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 20:07:55 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5B1D 15 KB
15 KB 86ms
38ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 228289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 18:59:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B1D 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CujqVZQ1QYtHXEI7U3gPK2JaABp6hoa5cofno_p8DwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQXgAgCoAwHIAwKqBLICT9CRYscyzIexxhUjCXTJ_TmnG6GavJRWXLFp19RzMqee5I-m807Tczyj9ZjD3PsKcd9UK-REK34frl0xaHdkl5gYu6L_fEeHWpp3cuvFdaAq0FObKV6ESyDJ6vNIye03Ah65SR-5n6k-QrrgsMIrWAWZuiFfJTPnPQqeWaXz4cbx49yGzBD3IWXQynkiLSp8GyTuz7940wJWYRsu6xGNZaObdtY7r7qzFgVGPJKwRufVth1fgZ5b9QcQ8N8aeigDJIqmZuxAYjvP6_EAB_t0K3YlggH3WB_TtW5uZPKfHtRkad8VSi8ULRS35m-9tzWKHUWflHumnIJ7b7UoyC3v0_tcP5xduxohzzsZ8xDleViSUGBVb71LjvBf4yZ7BqN9TD0oLp0tc13XYuT-rMl2TIeq4AQBgAby-4PC0-qSug2gBiqoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB&eventType=clickstring&clientTime=1649413478232&ai=CujqVZQ1QYtHXEI7U3gPK2JaABp6hoa5cofno_p8DwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQXgAgCoAwHIAwKqBLICT9CRYscyzIexxhUjCXTJ_TmnG6GavJRWXLFp19RzMqee5I-m807Tczyj9ZjD3PsKcd9UK-REK34frl0xaHdkl5gYu6L_fEeHWpp3cuvFdaAq0FObKV6ESyDJ6vNIye03Ah65SR-5n6k-QrrgsMIrWAWZuiFfJTPnPQqeWaXz4cbx49yGzBD3IWXQynkiLSp8GyTuz7940wJWYRsu6xGNZaObdtY7r7qzFgVGPJKwRufVth1fgZ5b9QcQ8N8aeigDJIqmZuxAYjvP6_EAB_t0K3YlggH3WB_TtW5uZPKfHtRkad8VSi8ULRS35m-9tzWKHUWflHumnIJ7b7UoyC3v0_tcP5xduxohzzsZ8xDleViSUGBVb71LjvBf4yZ7BqN9TD0oLp0tc13XYuT-rMl2TIeq4AQBgAby-4PC0-qSug2gBiqoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 5B1D 30 KB
16 KB 108ms
55ms XHR
text/xml 66.102.1.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BWctwWCEtYsWb3rkh-uaMHCx3dFlIIMsnzAvvcXkN-q5_Imau6G6mGVJ6ll6fptxb72VholGktdI86etKbakmTE7mUgA&dbm_d=AKAmf-AKPWmtGv-9xX0dTpcW_ei2xncJ8lWEN42ZJ0wa_Wpb_IJm0w_7BtUg4zX-DVD1C6JHBUVF5myKPs0BihcKOG16Axi-D9cFoogurQZj_fIXRlaIJUsgUtycYQVoZvhkn4_qlmIoRNb6tSp0GdBL6cdIwDVmg6qpCVC1xAMeoPGjPAbXQOjfiszxfLjgGAnqAMGgmnneVHUloaC3JeroJtBG4Op10FMDXwQTkCpUa81csBhGoZUfnp5JqBiDNJVlgSAJOzjcC1BAl79mNhJpeeA1HtgCWF7uUwk8CiG5cR7oLjsDlnUN30BbF5ppqSafAQ1YdIpzlgZ9aTOgmkSYqnkmE_5nMGFEdrMaytm_cp0mVkh01s1ZnkrHQ9zG5fp4qPkojM4ReV98f8TbMkWv6sALmw4Kw_W7TV7fiUk9zf4MdU6-iMEMPM66J-vMcsONaUO1YgjIVQVxqvbd027_mv0GtP54XEFmbJrdDkCMrwL9OxBoHh44VvxpwGvaUK_RDdv0b13Xr0HxvTF13jdR0fU0lgMdcJtKgEOx6usGdd_pa0aspV2tjS53cQI2FBBWONG4ZvDonww638yRITTLFfOdt8E-h3Br7k_48tkKyjUO4lj9FuD60wZmoMinY8bag5Ml5fKkCyy7fRgSP3xhHGyITXmiYgv-hqfdGpa8gh_uddtcWWRXa3z19065RkU8lj4JYPCOCvlHmju9NqdAnhDg9Q1_-cKj5mMaGQzislIZ68_dzaVH2cikee7-dyXAMoCz8vYbINzWEHL2vbSQzmPRy6MohmSWi5EphCSYVwR8ZXEiSTwBp4k_QTBIHBa7GBrwH3P80DlqstgDlz3U__JJSaMka-qlLJt5h_aMBndX0WtAWBa1okp2DCyMZoOyxQKot9DXFrCJfbKVdMoYeCdogLuN4k_tfj-Wjc0APk6To4ewp99WZUQ6mDEKHM98Myk16gKW8WeBfKyBkS3SLyzknFHxQC8aFOI-mc8gk1VErvxIhbgJ2d2zcBESJhrjwXU1zghV097q0KxIKifnxEwqJiXo4QcRktHlwuw34jABmIftv2KXRZWa30ErFBsct5Ixhe9khImQ181bfB5MvWE6yEq_S7o2XImUXObqfi2XcYo7enw_hVCPBlai1kbGrif2gBBJenGFxtMno9-2dz0TnVa14hcyBZrLu204XzndkfGB_HWKYJUkuw0MzGwPVPqHdPMvE3RVfhUZfi8NbB59US1BUOxpkxtBkxCVn-OhxTW09yeX1AMM4esg_Q7G8BMWguhLPrw-ECIm332DTRddLa__75vQEZnODirlj4DK7LfSMtIFifEVFooO-Iz8oE0_rZlbPI7IQctgXwEhiMO14nVpbGv3poguY2iAFRYmsL83HE3jSEexaB3emUrateVCvArRM6taFlKzL51txXMkTIZ-lcNF57f5A19EyCQMs4lCT3CytFxd7h1ovjCU3AAwdMmtoiyuVgA29DEQK4_0lBOpuKh2JVI38O0at0yJG3VC_5HtAxv6w2rurejuEZdhhqzQAHMuk4cJIFfbllGGGEzket1CeBIiGoN29ADHcoEc2d1-DxocNqUWR5XyB0kJX5s3kOQSbvOjc1UR0DuQupI9DMMkRUSu_FHUbHi7OGgZRaJYXSEh5zQuxFpL_hurJ9s7_2gfbya8Tz0G8q8JjUaakVEGvsim_ldDy_XtptBdbO4e1kqmlcJmj3qluebx0QUBFfwi8fflvSwzMw7Psg__0d9IeKae1ado331qA5YpbZu6jsYIzjjsTeQM4Yh9PL63Q7skzq5Bj2JdqWdu1SHaRuwy6aPpNoQ1kznxBL-L5QSeREXrHinshAXVvAWL8omiHajOrhociyqwRlkrZ6M30FInQzIG2j1sKhv1ulE6GOs1thLbPqHwcNbw-KIybJL9MFzqVh5P-ZGICZPXdw2bQb_5TKq21_nh5Gj67tnXXSIr6SEl2yFldIefkRsdbAA5_FNtEYnqEUGvHkdVfH9cdICozwW3HSDrzLurTQnsV9Xeya2yB7Kw_yRq0ykEEZIID-orKzk9n5gGB4HKam2pgOcWhRHQQ0VEekz-eWae7rL8Me6zXa98ic7Kj_Slsn26OZexBKE53yG-YjsjXEx1E9Tn3DBCzzuPCi6ygtHnZ7Hi1osCieYiqilUe6voqtHenvMiQK0R28eyBK9VVL2xqyvXjhjJRjdJCh1xuQer5FqXhHwgqvOZfDA0oW4lc9u348_O7ADqMEpTlppEXIHBzKbK2PAjT0rpZgR0t5KJl9qMCr2UbA5adZx5nIl9JtI37vSCwuBX0X0r2fZwIzm9zwd4pGg5il6Sz855R4ci9nTZJyUJzxBsD-XdCwbtr5-quoYWnXILYPQkgHoR4robqdIddyH2ooa1fH3KHFGvvgVfbfzF_M3FTVf0lrLaXyGSFSZKhVGaFIYXbgNhNLDR6GOSRSyEByUisuT-h2D1dD0jRMaOIgnY1-tUw68kjJrQu14f9Es2-AulkyqOepT_VAmMe8Bv8x2X9scQSl8VyVfVZl7F68uv9namtzBKy9zVqoml4tYnMIzU_Wgk6farMepdfNwcEIYYtRl0j8GFwN3Eq45sX2t_SZ30V8izILroiuPi5-3n1-1iyj-JNT8XnMbP2NCQc5hRqjFWcd6Mk91TQFqAASgldGSI-gi8qHQTQpiOJdrArQK2lvkd6JgdlsdqMkZPe9GBrgpU4jawMyLxngwEHQqa06qgrZM7RNMXNZrCq6k29WsVz8vgQiPUCCieesoswr7AdagqXbgmn_iN_bp7zxDm5syR3L3oXi7fRYYFOMnq6zhDJiICvfmM58MUUaLPzt5N_SlLOOHzT2pN3CmkQe3wdbBpY6f2pI1dv6BmPLnwQbnRxkm-QsECZbDIyLMDfA3Rv43u1HlwRkzNR1ccZXio4JnLW4piYDvaTuuVT7gJdhuzgvIIJshLm509ze-HDIHEU1K4uPnQsY_W5E7HUwCV9gHBSVwo2FdiyyjMT2Xq2Kym63b1JMhkzzLuxGIPXIRzCus2yLRRuVUsi2RtaQLPgR8trspR8n5Ax-GzLMom_5_ksHoGThIslSn8zHlGM480xu0LgP8WAYhRQQ_LrTBDUjtySRxA6ERW&cid=CAASBORoV9A&pr=13%3AYlANZQAAAABleeQ6JWZYvOzkpIUEosjC41ndYw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f154.1e100.net

Software

cafe /

Resource Hash

62d4c22f7fcdc4e758f13a853ea37a188eb3c4829989e592dba94e62fd10d8e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5B1D 0
0 69ms
69ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl25-ZQ1QYtHXEI7U3gPK2JaABp6hoa5cofno_p8DwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQXgAgCoAwGqBK8CT9CRYscyzIexxhUjCXTJ_TmnG6GavJRWXLFp19RzMqee5I-m807Tczyj9ZjD3PsKcd9UK-REK34frl0xaHdkl5gYu6L_fEeHWpp3cuvFdaAq0FObKV6ESyDJ6vNIye03Ah65SR-5n6k-QrrgsMIrWAWZuiFfJTPnPQqeWaXz4cbx49yGzBD3IWXQynkiLSp8GyTuz7940wJWYRsu6xGNZaObdtY7r7qzFgVGPJKwRufVth1fgZ5b9QcQ8N8aeigDJIqmZuxAYjvP6_EAB_t0K3YlggH3WB_TtW5uZPKfHtRkad8VSi8ULRS35m-9tzWKHUWflHumnIJ7b7UoyC3v0_tcP5xduxohz3kb0oI18Mr46PIotl8yUzpn9Cz_D41lifLSV0Dtz0P7ejZSJqPO4AQBgAby-4PC0-qSug2gBiqoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=Asnx2xx2Ztk&uach_m=[UACH]&cid=CAQSPACNIrLM_mPlhjCw4Mljetduz4D0tXnwDvpXavbw4-4Jk4gefaYH0dYEYROT_8NsGLguG046ci-f-OQZjBgB&vt=10
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 64B8 1 KB
749 B 39ms
39ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 08 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5B1D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d300e2428989ba1e2f9efdba0f735895105c2865ab2391d925821a41851c61cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9430 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 420a4aae942bf5f8f03c42cec8b89719e652649a61d84050223a2f03aaaef12f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/ 145 KB
51 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204040101/reactive_library_fy2019.js?bust=31066989

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6830af53332b9acfc76d6ebbfffd778f4f2475091c283d343219152c2dbf79a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52676
x-xss-protection: 0
server: cafe
etag: 11480144285441449500
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Apr 2022 10:24:38 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F692 35 B
463 B 43ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEANklK2aUMORPRt119pMlyo&google_cver=1&google_push=AYg5qPLW95XI_yXW6kCht4hNSxS7kJJtH6e7Mqony9VbozZzEQPfePGLweBRRsIb3VTCo6OadpeDiienWM_PcrcGxAg-b6aXLCI

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F692 0
173 B 51ms
19ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECB5_Tuxe589Yk7Lp-CAfjk&google_cver=1&google_push=AYg5qPL96-pntnufLEXsYn2jJF6_KFncOwwg_bzi2WEzhjITlMkueuiext8aMe1tIqNYHR2CW5dM3r1E7b4OmFyw_mb_yhhMY6w
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F692
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEC_nIirBDpBLvQFLTZb0_5I&google_cver=1&google_push=AYg5qPLVwyhfL4SDB9sPSniUmSn1xAVevnxQcup-rdzF2JhPYJwAQBzx_U9tKv9gSSgYjouE5h_...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFRQTc1M1gtQi1FTDhD&google_push=AYg5qPLVwyhfL4SDB9sPSniUmSn1xAVevnxQcup-rdzF2JhPYJwAQBzx_U9tKv9gSSgYjouE5h_iI8nXfVKr2rMBMl1jniq7TZo

170 B
232 B

75ms
44ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFRQTc1M1gtQi1FTDhD&google_push=AYg5qPLVwyhfL4SDB9sPSniUmSn1xAVevnxQcup-rdzF2JhPYJwAQBzx_U9tKv9gSSgYjouE5h_iI8nXfVKr2rMBMl1jniq7TZo

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFRQTc1M1gtQi1FTDhD&google_push=AYg5qPLVwyhfL4SDB9sPSniUmSn1xAVevnxQcup-rdzF2JhPYJwAQBzx_U9tKv9gSSgYjouE5h_iI8nXfVKr2rMBMl1jniq7TZo
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame F692
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt...

0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F692
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO_iHlKtGp0Dy-wehAU4liI&google_cver=1&google_push=AYg5qPI4P-4CqRwR8SfJZa0BIN-ptKsgq4PIdxt0KdRCWpeehlvy1gdRJ9wSOJxv17ftruDuwrDdY3CftoIHFUKD...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI4P-4CqRwR8SfJZa0BIN-ptKsgq4PIdxt0KdRCWpeehlvy1gdRJ9wSOJxv17ftruDuwrDdY3CftoIHFUKDM2JuX0T85Oc

170 B
243 B

78ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI4P-4CqRwR8SfJZa0BIN-ptKsgq4PIdxt0KdRCWpeehlvy1gdRJ9wSOJxv17ftruDuwrDdY3CftoIHFUKDM2JuX0T85Oc

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI4P-4CqRwR8SfJZa0BIN-ptKsgq4PIdxt0KdRCWpeehlvy1gdRJ9wSOJxv17ftruDuwrDdY3CftoIHFUKDM2JuX0T85Oc
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: kITnBsUvw2dO1UNNmIp6jWMQ_HHaD95VqCQ-K1Z-ys662qQKP6E48Q==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F692
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELMEx82ExejMlWtFpexdNeA&google_cver=1&google_push=AYg5qPLwXF5KW90YKAtaggU_2d672AVZk8Cdoi_qqMAkOqIEVJ1OaxbdVWBV9mEJMA8kGjDAR_jJUFGMuG_9p9Ye62zJ8HzNBMY
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLwXF5KW90YKAtaggU_2d672AVZk8Cdoi_qqMAkOqIEVJ1OaxbdVWBV9mEJMA8kGjDAR_jJUFGMuG_9p9Ye62zJ8HzNBMY&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxOTQ3NDQ5MjQzNTA2OTg3MTc4MQ%3D%3D&google_push=AYg5qPLwXF5KW90YKAtaggU_2d672AVZk8Cdoi_qqMAkOqIEVJ1Oaxbd...

170 B
232 B

92ms
44ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxOTQ3NDQ5MjQzNTA2OTg3MTc4MQ%3D%3D&google_push=AYg5qPLwXF5KW90YKAtaggU_2d672AVZk8Cdoi_qqMAkOqIEVJ1OaxbdVWBV9mEJMA8kGjDAR_jJUFGMuG_9p9Ye62zJ8HzNBMY

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxOTQ3NDQ5MjQzNTA2OTg3MTc4MQ%3D%3D&google_push=AYg5qPLwXF5KW90YKAtaggU_2d672AVZk8Cdoi_qqMAkOqIEVJ1OaxbdVWBV9mEJMA8kGjDAR_jJUFGMuG_9p9Ye62zJ8HzNBMY
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 dot.gif
s0.2mdn.net/ Frame F692 43 B
577 B 162ms
47ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEK3zOww6rgxJtEb3qj-6OJY&google_cver=1&google_push=AYg5qPLqhisM-E46uyPkLQzRwBvUm_-lsl0MpH9BFx42Mci5iYk6al735QqHFAil8f4RFwT_StmDV2Q5hGhLTLG0r_WaZYmVui8

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Apr 2022 10:24:38 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F692 0
223 B 116ms
40ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JiV4XLhwwlB6uFpPE2nREZ6OUT55XHJcFyM8YJYyUkWh529JDjKgzEKZaKCPEAyc1ZP2s8dg

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 container.html Show response
3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CFB5 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 10:24:36 GMT
expires: Sat, 08 Apr 2023 10:24:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Famous-Amos-31-March-2022-promotion-1.png-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 10 KB
11 KB 210ms
209ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/Famous-Amos-31-March-2022-promotion-1.png-218x150.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dd0662413a706f1557f13391648f54cf04c0728bca7054c5bab67daee5796e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10062
last-modified: Wed, 02 Mar 2022 12:40:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GocnvuP0B2YkuJJ3hvZf5L6uiILRuPSS%2BflUjZDSpMkSUUHp3TSGnUlHELTnuB6MjUeCC5zxWPByhKI5TfbECVRNwNDA3g34zCXXaM574X45u11V4S9HURkn7MSQHBbiaCZ96weT9N8kc%2FEH7uYcNwU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b5f69d591ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:38 GMT

GET /
google2waycm.netmng.com/cm/ Frame 64B8 0
0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 64B8 0
104 B 108ms
25ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEB-44aUb5bUozHv3lxwJLL8&google_cver=1&google_push=AYg5qPLLn_aLA5v1gWLtBHT141eLB_rETVlo4Lg1_A5PFrm7uLIg7rI3Imc7cl9nAc_TYPLMtkoKbpIwiJVYRxOQv2BJ7vO3GQ
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64B8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMNhNGqrRjstXWbEeQeD_WA&google_cver=1&google_push=AYg5qPJ2tGYcFSQKsVpUZEMLGt0kOkYLzQYrakEHvwtLyevz0E_sHxvLNjR_8E4hPV-A5QKHXYLfAvGG-RO_9vLMnhPi96p3_SI
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C3BBD50E7BAA4CC084B3C22342CD6624&google_push=AYg5qPJ2tGYcFSQKsVpUZEMLGt0kOkYLzQYrakEHvwtLyevz0E_sHxvLNjR_8E4hPV-A5QKHXYLfAvGG-RO_9vL...

170 B
188 B

84ms
45ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C3BBD50E7BAA4CC084B3C22342CD6624&google_push=AYg5qPJ2tGYcFSQKsVpUZEMLGt0kOkYLzQYrakEHvwtLyevz0E_sHxvLNjR_8E4hPV-A5QKHXYLfAvGG-RO_9vLMnhPi96p3_SI

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Apr 2022 10:24:38 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C3BBD50E7BAA4CC084B3C22342CD6624&google_push=AYg5qPJ2tGYcFSQKsVpUZEMLGt0kOkYLzQYrakEHvwtLyevz0E_sHxvLNjR_8E4hPV-A5QKHXYLfAvGG-RO_9vLMnhPi96p3_SI
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 07 Apr 2022 10:24:38 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64B8
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBXAjOowozRcontBwMz0I28&google_cver=1&google_push=AYg5qPLKaRyYdPJhmMjUzp0FFz3Bcj2V1fGdN2Au4OkumWZucaLKvsP-4MXLCbrpz-cGbxwdovF0eY1d3OqVZp...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4NDE3Njk0NTYwMDY1NzU1Nw%3D%3D&google_push=AYg5qPLKaRyYdPJhmMjUzp0FFz3Bcj2V1fGdN2Au4OkumWZucaLKvsP-4MXLCbrpz-cGbxwdovF0eY1d3OqVZph-KQ...

170 B
188 B

84ms
44ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4NDE3Njk0NTYwMDY1NzU1Nw%3D%3D&google_push=AYg5qPLKaRyYdPJhmMjUzp0FFz3Bcj2V1fGdN2Au4OkumWZucaLKvsP-4MXLCbrpz-cGbxwdovF0eY1d3OqVZph-KQ5Igqm3hT8

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4NDE3Njk0NTYwMDY1NzU1Nw%3D%3D&google_push=AYg5qPLKaRyYdPJhmMjUzp0FFz3Bcj2V1fGdN2Au4OkumWZucaLKvsP-4MXLCbrpz-cGbxwdovF0eY1d3OqVZph-KQ5Igqm3hT8
Date: Fri, 08 Apr 2022 10:24:38 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64B8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENVs0I7vPIiqNEnKi0qFQRI&google_cver=1&google_push=AYg5qPI5zPVCZDzob29HOTJBc1ffGg1Q8MjBlvWFv_S6GZQQX_vHWr-uTav-qoimg54VmyO2jEm4uuBZ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENVs0I7vPIiqNEnKi0qFQRI&google_cver=1&google_push=AYg5qPI5zPVCZDzob29HOTJBc1ffGg1Q8MjBlvWFv_S6GZQQX_vHWr-uTav-qoimg54VmyO2jEm...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU2NjA5OTQzOTEwMTIwMjM5OQ&google_push=AYg5qPI5zPVCZDzob29HOTJBc1ffGg1Q8MjBlvWFv_S6GZQQX_vHWr-uTav-qoimg54VmyO2jEm4uu...

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU2NjA5OTQzOTEwMTIwMjM5OQ&google_push=AYg5qPI5zPVCZDzob29HOTJBc1ffGg1Q8MjBlvWFv_S6GZQQX_vHWr-uTav-qoimg54VmyO2jEm4uuBZUFrI2nTN2hC0u9M5TWI

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU2NjA5OTQzOTEwMTIwMjM5OQ&google_push=AYg5qPI5zPVCZDzob29HOTJBc1ffGg1Q8MjBlvWFv_S6GZQQX_vHWr-uTav-qoimg54VmyO2jEm4uuBZUFrI2nTN2hC0u9M5TWI
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 64B8 43 B
351 B 57ms
19ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELkWLmXBou1rOEa4dJJNxu0&google_cver=1&google_push=AYg5qPKkq_lIcCwQ6yV-q_mJ26TNUEkm8N-CTr2zCAJJh7GJcskqX7BJeniNu3Xxe5mgpRn3Nw6wTzk5pLTc5eXlLo5e7UVeLSE
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: kfmtj0v5ovu45c38dug413qs7snjohle

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 64B8
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFJVab4a3qchvV4AWzz44fc&google_cver=1&google_push=AYg5qPIPM28LdNpB-Ax2baAjOX0IAiQiADGOarTSt2j8-PtPuwbJ1shccSsr--2WHMRaNvEgxxPEpT985-e8Fd0a...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIPM28LdNpB-Ax2baAjOX0IAiQiADGOarTSt2j8-PtPuwbJ1shccSsr--2WHMRaNvEgxxPEpT985-e8Fd0axtVRznv5j4I

170 B
232 B

68ms
46ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIPM28LdNpB-Ax2baAjOX0IAiQiADGOarTSt2j8-PtPuwbJ1shccSsr--2WHMRaNvEgxxPEpT985-e8Fd0axtVRznv5j4I

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIPM28LdNpB-Ax2baAjOX0IAiQiADGOarTSt2j8-PtPuwbJ1shccSsr--2WHMRaNvEgxxPEpT985-e8Fd0axtVRznv5j4I
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: h8Uh1RNZ9EXXUl3onJtPs217O7HftDnbFPlN1OSHBuGz3-pcXpC0yQ==

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 64B8 0
49 B 72ms
41ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IlffRq879uBei6zVjYjUgUh8zLuXMy4O_LwR9l7rI6ysx2KfpoINO37arwApDft2QgG88e

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CFB5 0
0 75ms
75ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLv6oZQ1QYq3vNZfL3gOZ7ITYCu6StZNcv6KFx-QFwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBK8CT9CU4RQyTglb2shk9RH4vnCEdaD_RI3b1mDmm-0duBg9V4-bOViMqfO1-q_gNJWCmGBa8j-a7ew_5kEHY9q2d4sQfzrExlwXiEAlCGAx0w1f1Fc8D_q29_HlumzLW8KrReaHtyPcOm09OyneX1mZw0890HfFo2hzyQbH9nujjAT26tqQZ53lcD60v_4zZ_2NGPZxZ_Xwx1GDEzY3d2p8hLdm7WNAGX13LvxIpGHhDOo5cuOicmGrklevznfAbXYPblJKMYZYxnB9N6CduiuWNvTKOLdc7yV3PEDcwAtD2b7O7r2mK_D9nrd-WH8mUizMw7utgMSiUHYGcSKXztZYlDPbXclQiSbcP_02pL5N3awgi-Kvt5kfiiGCC8kH0Vp9EOP1pi3k6ujKX3uuN2WM4AQBgAbPkb79sZauo-0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=rcjOOqIPqBE&uach_m=[UACH]&cid=CAQSPACNIrLMVTx_HnfZL86rP_aLJZj18lLB06jkMrfc_eWmNakUXb2Br6ORYSgkukyOSbcRcY8e77z2YamBXRgB
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame CFB5 4 KB
2 KB 9ms
6ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: /
Resource Hash: 71568078dff6e78c47f7990f34955b5ad9a965daca0adc5416a6864dbf8cf1bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:14:54 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 824
etag: "1508938c839842a753a06a4fb2147a7754cc1405"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
content-encoding: gzip
content-length: 2028
x-amz-cf-id: oteN1usEI9LgUBcOcuKSIv-G1zODA84hOt2rbkXwwAAM8w47COA95g==

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame CFB5 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:20:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CFB5 119 KB
36 KB 115ms
112ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 10:24:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame CFB5 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:00:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CFB5 0
0 48ms
46ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1fYylXaCMNlShMWifO1JK_U-RJe_nBAVuBQBkaK8n_yRc033AxkWOK0PazULaBvCJqtsjJwBVMW5Xgrbn7P9eAe5zBQ
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CFB5 22 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Apr 2023 11:16:58 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame CFB5 37 B
183 B 20ms
19ms Image
image/gif 3.123.205.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=YlANZQANd60Kd6WXAAE2GbttmHuufYjI5WOl7Q&ts=1649413477&aid=44286745189539624426450&ec=2460_92536_65727303&n=GqcEaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5LzE3ZWZkMTI1LWI3MjYtMTFlYy04YTkwLTVjM2VlYTA1MjM4ZS8wLjAxNC9DRkJFS0RSTTJNS0FKNk9QVFA1Q00zWUZORFBSVEVRQ1FPT1pDUU9RRlM3SkpXWE1VTFVMRjdMSlFLNUxLR01BQlFVNkczRElCWFBISlVXVDdCRUhRUU41Rlk0UE82MklUUUlWREs3U1lWRFc0QUFXSlo2NUE2NDdaUklHRFVNUjY3VEtRWjVPWkhSVTNHQ1dLT1ZVQ1pWUjU2QjNTVjNMS0xNVTQySUczQ1hYRkpUVEc3WkpPRlUyRzVGRVlPRFAyTzRITTRQNFg1SDZSTkVOWUVINTdJQkJGVlZEQ1Y3TFRBNVBNV1pCV1g3VE02NU1VQUNIUlU3Q0lOUzRXU1RMT0JIQUdCUEdMTk9QQzZTNU5DQlNWVUlDN1FUVlhRTU9SUFdLTVQzRE43N0VKWEtTTExGS0tMVkhBVEtWMkhYS1BTN0hIMkFTVDJJSVpMWk9aRlhLWjVSQjNNM0ZBQ0Q1UFVSRkpETTc1NkFHNTZNQVNCUEdJT1dOWkxBN1RBTjczSkVLREpRSlRSRzI0S0U1SEQ0WlJQT1I3SU1aTjZHQVQ3UEtQVDZYN1hNRUlINzVBQ0dEUERPUllITENJMkhULz%2FyAs8BCAASFzQ0Mjg2NzQ1MTg5NTM5NjI0NDI2NDUwGAAgASicEzD40gVAAUgAUABgCmgAcM6gIpABAJgBAKgBALABDrgBCcABC8gBDuABC%2FABAPgBDoACC4gCC5ECAAAAAAAA8D%2BZAgrXo3A9Csc%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Ar8xgAPQAogDmAKQAwCYAwCgAwC4A48RwAMAyAMA0gMINjU3MjczMDPgA%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwHpAwAAAAAAAAAA8AMO%2BAIFiAMAkgMEZGJhOJgDAKAD0bYCqAMA
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.205.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame CFB5 37 B
139 B 9ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=44286745189539624426450
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/ Frame CFB5 254 KB
81 KB 7ms
7ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71694d8ed80c586236db505697b3e29535c6bcefbb7b1ce3880e5c4bd5349227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 22:31:34 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 22:31:18 GMT
server: AmazonS3
age: 129185
etag: "14ff31543d853139c5782ead225ac441"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 82572
x-amz-cf-id: ET2BKfIBcdkYatMXMo0QJSuy_z_rx1RKqpZ6UFf3cnrglELKSynO-g==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C70F 1 KB
749 B 40ms
39ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 08 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 52ms
52ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.allsgpromo.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 10:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.allsgpromo.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 10:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/ Frame 7401 10 KB
4 KB 42ms
41ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 17:46:52 GMT
etag: 14837630671339829333
expires: Thu, 21 Apr 2022 17:46:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 5B1D 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 13:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Apr 2023 13:10:14 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-5hnekn7l.c.2mdn.net/videoplayback/id/2db05676d91974a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3792054679/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 5B1D
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/2db05676d91974a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3792054679/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r4---sn-5hnekn7l.c.2mdn.net/videoplayback/id/2db05676d91974a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3792054679/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

87ms
14ms

Fetch
video/mp4

2a00:1450:400e:a::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5hnekn7l.c.2mdn.net/videoplayback/id/2db05676d91974a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3792054679/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/058EE23D487A20F6C448E9830D8E5B4DE29FE48C.29873639555CA284B5BAB562926A5DE1B6912048/key/cms1/cms_redirect/yes/mh/4-/mip/2a03:1b20:6:f011::7e/mm/42/mn/sn-5hnekn7l/ms/onc/mt/1649412765/mv/u/mvi/4/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400e:a::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 10:24:38 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1798401
Last-Modified: Fri, 18 Mar 2022 12:31:18 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 08 Apr 2022 10:24:38 GMT

Redirect headers

date: Fri, 08 Apr 2022 10:24:38 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 652
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r4---sn-5hnekn7l.c.2mdn.net/videoplayback/id/2db05676d91974a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3792054679/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/058EE23D487A20F6C448E9830D8E5B4DE29FE48C.29873639555CA284B5BAB562926A5DE1B6912048/key/cms1/cms_redirect/yes/mh/4-/mip/2a03:1b20:6:f011::7e/mm/42/mn/sn-5hnekn7l/ms/onc/mt/1649412765/mv/u/mvi/4/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r
eb2.3lift.com/ Frame CFB5 37 B
139 B 9ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=44286745189539624426450&rev=11f0e47&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=92536&brid=561230&adid=65727303&crid=-1&ts=1649413477&bcud=14&ss=5&caid=0&unid=0&domain=3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.allsgpromo.com%252F&rr=creative&fid=10&rb=0&g=0&cb=94052
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame CFB5 3 KB
3 KB 8ms
8ms Image
image/png 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 22:10:30 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 476049
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: p-hGjn1vXOZNz2Zp_w4HlEQL_ejpUGcaDkZuXJXD2Kmmb3RdXtJs3g==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame CFB5 3 KB
4 KB 9ms
8ms Image
image/png 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 17:38:29 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 578770
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: YHvelfaPBA8N5I1rgVEn47T-MsleDMbUuq6HoiisRYJYDLZtfXtlqg==

GET
DATA 200
OK truncated Show response
/ Frame A78C 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ctar
eb2.3lift.com/ Frame CFB5 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_display&aid=44286745189539624426450&rev=11f0e47&cta_render_method=1&cta_render_text=&cb=11255
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 widget-336x280.js Show response
widgets.zemanta.com/1646288090/ Frame 6113 6 KB
3 KB 7ms
7ms Script
application/javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1646288090/widget-336x280.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73c73a78933604fd0b0166bd30d9ddd5df2eb4ea29ad66b6fe959e6a2efd18c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: NkfuTGezFwnvsp0_JQU5vMDr9uX6saeK
content-encoding: gzip
etag: "008a81d2770360fc8af601fb99ea9b96"
age: 1044
x-cache: HIT
content-length: 2492
x-amz-id-2: Xm/g93TxJudxfydy3HAl72nUEmUpN3LwB5uaeg97YBESukcF/dG5NNsGH7QEpeK8qs8rQOzvi/k=
x-served-by: cache-hhn4039-HHN
last-modified: Thu, 03 Mar 2022 08:30:49 GMT
server: AmazonS3
x-timer: S1649413478.472779,VS0,VE0
date: Fri, 08 Apr 2022 10:24:38 GMT
vary: Accept-Encoding
x-amz-request-id: 7KSXTR0EQQ3AAJDG
via: 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 257

GET
H2 200 aop
eb2.3lift.com/ Frame CFB5 37 B
139 B 9ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=44286745189539624426450&rev=11f0e47&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=92536&brid=561230&adid=65727303&crid=-1&ts=1649413477&bcud=14&ss=5&caid=0&unid=0&domain=3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.allsgpromo.com%252F&rr=creative&fid=10&rb=0&g=0&cb=96193
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/ Frame 38C3 53 KB
15 KB 40ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/index.html

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

429e67c8702087ee430a8b685c8b1832f2fb949d507a572ab1a871695602d630

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 294006
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 15355
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Apr 2022 00:44:32 GMT
expires: Wed, 05 Apr 2023 00:44:32 GMT
last-modified: Fri, 14 May 2021 13:30:04 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7401 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbGb0ZQ1QYtiMJYqAtwe2hLiIB-bg0JZppeWZ5eYNwuaHiq0lEAEg0qT3fGCV4pCCoAegAZzC8bMByAEJqQJ-NVqpLDuyPqgDAcgDSKoE_gFP0CUUKfE8CbbEPsy-ymhKMCogLuEHAZl44X-geunbyvr2wAiKtqYNFMMhM1XYmc8UJKY0muoDYja3kEvMhMnubjddPg3My-N4XbsDOR0ODIK1of1-kpKhNOo2BHFjiPKfWmQUnn1pnEiqlaZph7OTZgEkYW7HYVOpcaGadvajA38p855hV5oxRlnA4fJ6tT4ilBLH3UTdshi8dVmJNQkmB7V1XUDaSSZH3wKO0NxO3xfq79n0cCK-mMCTMtlz7MG_5XIIVBUQfI7IEY1HJE7hfS2hhKOYHcBEZQJ1coPcvSnGaCGsEMYzel7ZVTCPQ2SWpUvBcP_BLU5BlZ9TVcAE8867q9IDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8y9jswCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQ7N64AdIICQiA4YAQEAEYH4AKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi03MzU3ODI0ODcwOTYyODY0GAA&sigh=_kigD0T0JlU&uach_m=[UACH]&template_id=419

Requested by

Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 08 Apr 2022 10:24:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 7401 19 KB
8 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 3330746967810570135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:24:26 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C70F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEND1LJ9_jQoxCHEUt4UoG2E&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEND1LJ9_jQoxCHEUt4UoG2E&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2RFVDRHWjQxTkNMTmM1&google_gid=CAESEND1LJ9_jQoxCHEUt4UoG2E&google_cver=1&google_push=AYg5qPJT8PAwrzqF3slVv-7dHjt9ZPo8FbAH8RI-ufQR_Bd...

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2RFVDRHWjQxTkNMTmM1&google_gid=CAESEND1LJ9_jQoxCHEUt4UoG2E&google_cver=1&google_push=AYg5qPJT8PAwrzqF3slVv-7dHjt9ZPo8FbAH8RI-ufQR_BdCfQotq2J8liCc76zN9FLrM_WCQ6lCz6QqxKYrpoBWvVDgb5oeuY_N

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:38 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2RFVDRHWjQxTkNMTmM1&google_gid=CAESEND1LJ9_jQoxCHEUt4UoG2E&google_cver=1&google_push=AYg5qPJT8PAwrzqF3slVv-7dHjt9ZPo8FbAH8RI-ufQR_BdCfQotq2J8liCc76zN9FLrM_WCQ6lCz6QqxKYrpoBWvVDgb5oeuY_N
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C70F 70 B
265 B 97ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEK7-Rq1XmEKKEyzlqXQOJck&google_cver=1&google_push=AYg5qPLHRzaw3F-yFVSxsMKy7Utc3zpidDPOpP5OP8el2Y7NxgG0zwKr2GS1KQW83JWqUsOTmwS0GLFxu0gyJVVuo5V4aXfVnYg
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame C70F 0
191 B 81ms
24ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFNzaLOTGD_Jc2A2_45ln5Q&google_cver=1&google_push=AYg5qPJS0-2zVom9FBtteAAH7FYxS7inIxYmCm6lA2LleV7oepw39sBPIiVaBfhVYwyCX2hRjFLFUvW-Cfud7_aBpnp57D5zp3A
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C70F
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENEzqmlbunw9ZDk4TTNqtCU&google_cver=1&google_push=AYg5qPKAqscy65gosVLwByCDw99xm1EXMtzIxxvVoAtbjsq78r-_f9vqTCOG6lIzrrQ_rfUCK9pIevTsmrXb1s5TVoV-...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENEzqmlbunw9ZDk4TTNqtCU&google_cver=1&google_push=AYg5qPKAqscy65gosVLwByCDw99xm1EXMtzIxxvVoAtbjsq78r-_f9vqTCOG6lIzrrQ_rfUCK9pIevTsmrXb1s...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKAqscy65gosVLwByCDw99xm1EXMtzIxxvVoAtbjsq78r-_f9vqTCOG6lIzrrQ_rfUCK9pIevTsmrXb1s5TVoV-7VvykH9F&google_hm=OTPznqIHR82khPM6ZhvGlw==

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKAqscy65gosVLwByCDw99xm1EXMtzIxxvVoAtbjsq78r-_f9vqTCOG6lIzrrQ_rfUCK9pIevTsmrXb1s5TVoV-7VvykH9F&google_hm=OTPznqIHR82khPM6ZhvGlw==

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKAqscy65gosVLwByCDw99xm1EXMtzIxxvVoAtbjsq78r-_f9vqTCOG6lIzrrQ_rfUCK9pIevTsmrXb1s5TVoV-7VvykH9F&google_hm=OTPznqIHR82khPM6ZhvGlw==
Date: Fri, 08 Apr 2022 10:24:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C70F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRTPmY3a9mkFeNYLxzDqZI&google_cver=1&google_push=AYg5qPL3siCaE8R8qjO12xhm_SucS-vZ_LondNy59FNVenmrE10v7cntJu7ioAEJiKHmJi2xofz8BSMFc_X4LE3aRtAEc4f...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL3siCaE8R8qjO12xhm_SucS-vZ_LondNy59FNVenmrE10v7cntJu7ioAEJiKHmJi2xofz8BSMFc_X4LE3aRtAEc4fpXNas&google_hm=NTQwMjk0MDUyNzg4MDQxNT...

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL3siCaE8R8qjO12xhm_SucS-vZ_LondNy59FNVenmrE10v7cntJu7ioAEJiKHmJi2xofz8BSMFc_X4LE3aRtAEc4fpXNas&google_hm=NTQwMjk0MDUyNzg4MDQxNTgyNw%3D%3D

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Apr 2022 10:24:38 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL3siCaE8R8qjO12xhm_SucS-vZ_LondNy59FNVenmrE10v7cntJu7ioAEJiKHmJi2xofz8BSMFc_X4LE3aRtAEc4fpXNas&google_hm=NTQwMjk0MDUyNzg4MDQxNTgyNw%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C70F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRQaUpRATQ2DAqUlPd9XMQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRQaUpRATQ2DAqUlPd9XMQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK4t3PUDfVE0kbUXLIAO8ROfzThcfb18mD4z9bf2i4z4MC-0UgQWfCbsUO642gWHmrvT5hCyhcAw5vPch3J0QcVmY3BA1hd

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRQaUpRATQ2DAqUlPd9XMQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK4t3PUDfVE0kbUXLIAO8ROfzThcfb18mD4z9bf2i4z4MC-0UgQWfCbsUO642gWHmrvT5hCyhcAw5vPch3J0QcVmY3BA1hd
date: Fri, 08 Apr 2022 10:24:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 200 dot.gif
s0.2mdn.net/ Frame C70F 43 B
65 B 100ms
50ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEC3X2wdY4vHgu_uWw57siU4&google_cver=1&google_push=AYg5qPKyqyB2r8nCZPj5CEsleLmV4qwiaOfbFIwVdkovgBZ6pruNkbTGfZXmlEx8bCHJKQ6KqP9QUzhkAIYrtK88HhCUTwomQfcH7w

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Apr 2022 10:24:38 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C70F 0
12 B 43ms
41ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Im3Dxnd0_XWVdcKxrXfhnwOn92cUH21FsvdT3OTwbmJDWliCMG4MnX7sGb724Q-UuKa1AEhQ

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 container.html Show response
3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4879 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 10:24:36 GMT
expires: Sat, 08 Apr 2023 10:24:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/27XRIIVANDICOPHVHCXVDX22WX57CKV4RWIPGET4V42LFMIN3OG75FGGMDTP2IVXBDIE6YEIRMJ2L7K6SHLC5WZKNS35THR35HPJM222BGCZ2M6BT55BBWQO3N2D2HYDP7C2WKETBUH3JNARBAD65NEL44PRJG... Frame 6113 26 B
151 B 14ms
14ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/27XRIIVANDICOPHVHCXVDX22WX57CKV4RWIPGET4V42LFMIN3OG75FGGMDTP2IVXBDIE6YEIRMJ2L7K6SHLC5WZKNS35THR35HPJM222BGCZ2M6BT55BBWQO3N2D2HYDP7C2WKETBUH3JNARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTF6U6CYRT4VEJVSPC4SCPIOBFLOBJWWQJPL2TUAMR3TG6RTTDSAFLND4QGD6VI36QJEU2HGVNEPGFSIAY7MIWX2NG5OEBNMW3XR5OGVWPPW47CYIYJPXWNH7VLDY2HSRPHSU3YNUQKGYNUGFY3OPXWGSFQNJZKTKM4NH6P7BN3BI6GIXCCMCSWKO7EPUHYQD3VQ/?
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 10:24:38 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 17b876dd9316d95dec9bc438e18a65838c.jpg
zem.outbrainimg.com/p/srv/sha/0d/4f/bb/ Frame 6113 20 KB
20 KB 6ms
6ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/0d/4f/bb/17b876dd9316d95dec9bc438e18a65838c.jpg?w=334&h=146&fit=crop&crop=center&fm=jpg

Requested by

Host: widgets.zemanta.com
URL: https://widgets.zemanta.com/1646288090/widget-336x280.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

57e54599510ae1c24c8a478da234ca0f0b8808228413314bfff6e41496554339

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 563366
x-cache: MISS, HIT, HIT
x-imgix-id: 049b090b6dcc5c2b664b7bfa4229dab1459401b2
content-length: 20608
x-served-by: cache-sjc10030-SJC, cache-hhn4027-HHN, cache-hhn4050-HHN
last-modified: Fri, 01 Apr 2022 21:55:11 GMT
server: imgix
x-timer: S1649413479.531120,VS0,VE0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 2

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame A974 23 KB
9 KB 40ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9566
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 07:45:12 GMT
expires: Sat, 08 Apr 2023 07:45:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 shopee-promo-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 4 KB
5 KB 721ms
721ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/shopee-promo-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c61289dd92e84fc4aacea5e4d2e16fa09aae064d4051bb8cda0ee8906315a6bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4218
last-modified: Mon, 30 Aug 2021 16:42:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOCD98ebXvys3EG1RKnjfJH9JFVJwDR3cnxWezEviiOC3xbELsqrDZmE6EKWy7l%2F63iQMoF2Sl%2BtpZMdJSCX1avj%2BpQRN1uZMmOLHLkwiNBYY2uBjjiDfHMu1Rbx1EQ7qgOEBQue7O37VkiJoMP1rMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b614d4891ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
DATA 200
OK truncated
/ Frame CFB5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2321264d58ba338457f68a31ce45a1bee00b682e1762d7a148fe852090178f03

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 38C3 16 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 09 Apr 2022 07:29:47 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 38C3 26 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 08 Apr 2022 14:22:05 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 7F83 1 KB
1 KB 8ms
8ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=34523
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 51059ba2306358a4dbc6e0745206a20e73b1dcaa2f17b92a9ab6009d769889a1

Request headers

Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 461
content-type: text/html; charset=utf-8
date: Fri, 08 Apr 2022 10:24:38 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
DATA 200
OK truncated
/ Frame B868 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 740aa471be292bd80ba5df1a74906025ff4609ac072cd7e61a49e0b85df74377

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 6AB0 1 KB
1 KB 9ms
9ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=11926
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: c2598c10349c4efd26f21a74b9fa3258103b6161e701c8f6a21bde1bcdc61441

Request headers

Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 522
content-type: text/html; charset=utf-8
date: Fri, 08 Apr 2022 10:24:38 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 7B6F 1 KB
1 KB 8ms
8ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=10115
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: c2598c10349c4efd26f21a74b9fa3258103b6161e701c8f6a21bde1bcdc61441

Request headers

Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 522
content-type: text/html; charset=utf-8
date: Fri, 08 Apr 2022 10:24:38 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CC20 143 B
163 B 46ms
41ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 08 Apr 2022 10:05:33 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 7401 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:20:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7DB0 1 KB
749 B 45ms
39ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 08 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7401 119 KB
36 KB 103ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 10:24:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4879 0
0 74ms
74ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSEoDZg1QYvHvC5iq3wPX2ZCwD-6StZNcv6KFx-QFwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBK8CT9A7Z6XyO1eJIHsH08lqAvL2NJ1-F6DAvO1lUF96CXGcqyRVopvjiBKiAlRVwQfQzLxK45SHecJHnvW6hoAXHqf9W8qhdydRfj6xUSMCQ5ZLJPU1TuYmPDRuqnA0-XInK7R63DwA5xJdQ8LRVLmIdHJXTxQqqsikQQyN64Oj4KcGpsack9LKkri_3SyuvjXU1BE2DKqUOVaYNLOIzYHEcR6Ewm81-mFVuJy7dIaJU1cDfECRYXBSK8Dzf2ZfVJ4oP5Kyxbk_iYAKhaCCXKeLHClafTc4YQSDUCVzZM7P_0qYG-ISRDNV4Z4EEzJ_6W_hPLiY5GDMUdvgrZLxyzWYd0jqskKxrRbJBlubfEEE6ceQKBNsVQGVX_K4D9PY8uR7FlouMhjkxaeRBy1k-0J44AQBgAbPkb79sZauo-0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=pnU5LQ3unrk&uach_m=[UACH]&cid=CAQSOwCNIrLMM5uqSNwLREW0i2CTgQEzKnXQVO6vsBxis4ImF3Q93T13iFbTicY2TDkTA0p66y3mPKfnUdGnGAE
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 4879 4 KB
2 KB 8ms
7ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: /
Resource Hash: 71568078dff6e78c47f7990f34955b5ad9a965daca0adc5416a6864dbf8cf1bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:14:54 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 824
etag: "1508938c839842a753a06a4fb2147a7754cc1405"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
content-encoding: gzip
content-length: 2028
x-amz-cf-id: plrhwuOzrgjEvj6L-_MzBRfZMeXR9jB8oh5SAxdYIniUKWUHJ9fLQQ==

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 4879 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:20:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4879 119 KB
36 KB 122ms
74ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 10:24:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 4879 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:00:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4879 0
0 47ms
46ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTw1k_HCWTAtKG6ZUOvZu19JknimPGCPDKfkaHu-gJlatBoViVuo75BAjmZ_kfWJSPiEE7b62xFylu1CEZRRwe6ayR4jg
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4879 22 KB
7 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Apr 2023 11:16:58 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 4879 37 B
183 B 9ms
8ms Image
image/gif 3.123.205.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=YlANZgAC9_EKd9UYAAQs1yMXKLzUaxZ-S8TEXw&ts=1649413478&aid=40571466635456284107320&ec=2460_92536_65727303&n=GqcEaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5LzE4MWQzNmFjLWI3MjYtMTFlYy1hYTBhLWQ0MTJlY2M5YWEzNy8wLjAxNC9KUzVNVElNQU40QlRVUldCM1ZBUFBVN0lIVFBSVEVRQ1FPT1pDUUxTUEpTR1BMVFMyRkhSVFVEVlJORzVLTEJGQTRKT0NOSTNZUjNXTVdIQldVN09LSVdTUlhWNVVDQUhXSUxGSVhBRVZMWFRVTFpEVE5LTkdOQk5BV0lSRURCM0dNWFBIRTJDRVlRSDdHQ1dLT1ZVQ1pWUjU2QjNTVjNMS0xNVTQySUczQ1hYRkpUVEc3WkpPRlUyRzVGRVlPRFAyTzRITTRQNFg1SDZSTkVOWUVINTdJQkJGVlZEQ1Y3TFRBNVBNV1pCV1g3VE02NU1VQUNIUlU3Q0lOUzRXU1RMT0JIQUdCUEdMTk9QQzZTNU5DQlNWVUlDN1FUVlhRTU9SUFdLTVQzRE43N0VKWEtTTExGS0tMVkhBVEtWMkhYS1BTN0hIMkFTVDJJSVpMWk9aRlhLWjVSQjNNM0ZBQ0Q1UFVSRkpETTc1NkFHNTZNQVNCUEdJT1dOWkxBN1RBTjczSkVLREpRSlRSRzI0S0U1SEQ0WlJQT1I3SU1aTjZHQVQ3UEtQVDZYN1hNRUlINzVBQ0dEUERPUllITENJMkhULz%2FyAs8BCAASFzQwNTcxNDY2NjM1NDU2Mjg0MTA3MzIwGAAgASicEzD40gVAAUgAUABgCmgAcM6gIpABAJgBAKgBALABDrgBCcABC8gBDuABC%2FABAPgBDoACC4gCC5ECAAAAAAAA8D%2BZAgrXo3A9Csc%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Ar8xgAOsAogD%2BgGQAwCYAwCgAwC4A48RwAMAyAMA0gMINjU3MjczMDPgA%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwHpAwAAAAAAAAAA8AMO%2BAIFiAMAkgMEZGJhOJgDAKAD0bYCqAMA
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.205.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 4879 37 B
139 B 9ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=40571466635456284107320
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022040401&jk=2274504248295943&bg=!V1SlVBDNAAZAkm7qYJI7ACkAdvg8WnHvS85Y2uxSi_E8tpRwlenst1T69TWhKZ5INNos9EYUqVL_BAIAAAI8UgAAAAFoAQeZAp5-_AO2P-POMuyDNYk8hToZWsbkxc7K3GXgLuwNj2v0UWfJCjaZQDUctWkMGe5Re6G--MY6qP8e4Bzorw4lbeuRYI2iHiP3CBe3EeDI5uvlKSt35P_K4zUgfSYfA9AZGVpqb6LzKNaGbCtKoF-A9q-6N38RMyIM_ugU3k2e4dxcnK3Hp2TVhPQ2XjSI-ESh26b08LkhFucVmFSbzF-6v33O40PCvdD_1wUA_IFT2ubv8WOtRe2KjQ_-h8DCo_7u93u7KEvfbIIzeSMs_jR4drN0j280v2EQXc0quTG0y6Q3Gc9pSVSpkxvRMzN_J9niMbuevyvhu4dLe8blVRE0CSafVWF_T-Zzs8EhIUXS7yANBTEwk-QP6rOxKha--LI-0ZxH2KdbO930u8Ny3M2m-biH9rz_3Q_wE-mwFBE-CwKkvECzlAfM50JNawDL1vy7gS2lsIB7GevjUt1-1uuyC9X76HJGX-Sml5bKBSmkqXSaRApJMq1Fo7Pbtblf5JDgiiW1tuWjpFvq3eT2U-F3CK2Dh8tQLX_GzNk3haYBR_SM_a2XCQpZsMe8acXryh-4tBu8xLF-cgjTGtTN0d3atNbjMKZ8tLBFyNXaTzWF5rsITNQjqfZMMn8PHLLpHO17zc3xYSaVX3SZFkF7oZeXE7WL3C0Ibfs6h8NJNUKzrPz1LyKvkrKZH3z57ex1L-U6KkBD7mpvgwgSLitJhymg2Wd7hnzHmhiL177LUGaGE9s7RPxHNZlhnScDOSbYrLOCWMYoUnoFJ9Du0BOle6_R7e6NlDb43GUh5YdQreUruNxcLaLxiLkDpn2JcPxFqwqi_bl7riL3HLPwq37stc1aDc-qlpAs1Fi4Who0GRX6fe2tfMN9hLc-6oUKkLJSWkL6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 standard-chartered-unlmited-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 8 KB
9 KB 801ms
801ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/standard-chartered-unlmited-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b92e70ed1161211c9c9164b687868ecf8c468228e6206dd411a8ff3279dab00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8688
last-modified: Sat, 05 Jun 2021 12:51:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zC3khWWg9Dv7eXgcVDHAOEVa7N6ogkDy%2FflRsObDHVENK5dlABx5dnvInRn4HfcMf%2FojQvi89NwoctN31yLGHeQVfbIvf95gJCu6t3k4RyaxuRvcz6A3laaN0UzP2evV0IZ3xc1j8i%2FcMB6stiQ7C4I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b619dd791ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7F83 70 B
264 B 31ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=34523
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F83
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxOTQ3NDQ5MjQzNTA2OTg3MTc4MQ%3D%3D

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxOTQ3NDQ5MjQzNTA2OTg3MTc4MQ%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=34523

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxOTQ3NDQ5MjQzNTA2OTg3MTc4MQ%3D%3D
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 7F83 170 B
188 B 43ms
41ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=34523

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F83
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxOTQ3NDQ5MjQzNTA2OTg3MTc4MQ%3D%3D

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxOTQ3NDQ5MjQzNTA2OTg3MTc4MQ%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=34523

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxOTQ3NDQ5MjQzNTA2OTg3MTc4MQ%3D%3D
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 7F83 0
706 B 252ms
207ms Image
text/plain 2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4219474492435069871781&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=34523
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: 70567BD4BFB44434B4416F89A09741D1 Ref B: VIEEDGE1616 Ref C: 2022-04-08T10:24:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: sngK7dHk4xbgPavBzyoAAA==

GET
H2

200

xuid
eb2.3lift.com/ Frame 7F83
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/4219474492435069871781?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-BXMjl6RE2oT5GZ.nk0g3LaVNXwjtee88Y4q_uZw0Lg--~A&dongle=0883

37 B
354 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-BXMjl6RE2oT5GZ.nk0g3LaVNXwjtee88Y4q_uZw0Lg--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=34523
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Fri, 08 Apr 2022 10:24:38 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-BXMjl6RE2oT5GZ.nk0g3LaVNXwjtee88Y4q_uZw0Lg--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 7F83 43 B
220 B 9ms
8ms Image
image/gif 3.121.30.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=4219474492435069871781&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=34523
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.30.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-30-106.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 10:24:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 7F83 42 B
594 B 63ms
31ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=4219474492435069871781&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=34523
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:37 GMT
etag: "8120eaf0ff3ad81:0"
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 254F036AA49E40968E33A41071758EC6 Ref B: FRAEDGE1208 Ref C: 2022-04-08T10:24:38Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET 757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 7F83 0
0

GET
H2

200

xuid
eb2.3lift.com/ Frame 7F83
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=34523
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 6AB0 0
0 25ms
25ms Image
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=4219474492435069871781
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=11926
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 6AB0 0
0 41ms
15ms Image
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=4219474492435069871781
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=11926
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2

200

xuid
eb2.3lift.com/ Frame 6AB0
Redirect Chain

https://match.prod.bidr.io/cookie-sync/trl
https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1
https://eb2.3lift.com/xuid?mid=7255&xuid=AABpgE7EoBsAADWG_-LNRg&dongle=bzwx

37 B
354 B

11ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7255&xuid=AABpgE7EoBsAADWG_-LNRg&dongle=bzwx
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=11926
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=7255&xuid=AABpgE7EoBsAADWG_-LNRg&dongle=bzwx
Date: Fri, 08 Apr 2022 10:24:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 6AB0 0
0

GET sync
sync.srv.stackadapt.com/ Frame 6AB0 0
0

GET
H2

200

RVF22VSl
sync-tm.everesttech.net/ct/upi/pid/ Frame 6AB0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=&_test=YlANZgAG4E4tigA-

85 B
166 B

7ms
6ms

Image
image/png

151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=&_test=YlANZgAG4E4tigA-
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=11926
Protocol: H2
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2475
x-served-by: cache-hhn4068-HHN
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1649413479.867821,VS0,VE0
content-length: 85
x-cache-hits: 44043

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1649413479.718935,VS0,VE89
x-served-by: cache-hhn4068-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=&_test=YlANZgAG4E4tigA-
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 6AB0
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=8967287953539117079&dongle=4d58&gdpr=1&gdpr_consent=

37 B
354 B

16ms
15ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=8967287953539117079&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=11926
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:38 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1df89518-a480-40b6-a686-50a135a0d1a9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=8967287953539117079&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 6AB0
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4945&xuid=02dc9b05-8f6a-45c2-bc9a-90660d99cd5c&dongle=31ac

37 B
354 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4945&xuid=02dc9b05-8f6a-45c2-bc9a-90660d99cd5c&dongle=31ac
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=11926
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=4945&xuid=02dc9b05-8f6a-45c2-bc9a-90660d99cd5c&dongle=31ac
Date: Fri, 08 Apr 2022 10:24:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 6AB0
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=2313027768381429768&dongle=d407

37 B
354 B

11ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=2313027768381429768&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=11926
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=2313027768381429768&dongle=d407
pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 6AB0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3690&xuid=2f806250-0d66-4400-93ec-4559660112c1&dongle=3995&gdpr=1&gdpr_consent=

37 B
354 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3690&xuid=2f806250-0d66-4400-93ec-4559660112c1&dongle=3995&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=11926
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Fri, 08 Apr 2022 10:24:38 GMT
Server: MT3 4335 2c68c00 master zrh-pixel-x24 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eb2.3lift.com/xuid?mid=3690&xuid=2f806250-0d66-4400-93ec-4559660112c1&dongle=3995&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 08 Apr 2022 10:24:37 GMT

GET
H3 200 scoot-promo-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 9 KB
10 KB 707ms
706ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/scoot-promo-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3f75cb7f9867b899f72a8928d6d09cb17afbc0cbda8288ddc451b0e04c427bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9210
last-modified: Wed, 06 Apr 2022 03:00:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15%2BsPqqauXMw0PQOVRFO52RDG%2FVaGVZl6mJHhi%2Bt0JRYweczEZvZHA5%2FBJTYGEYrCfKrh7peZdIto5z6q94dc%2B18gR3ogF9ScNxyNzKl1BzefzAG%2Bl5H%2BzWtJSNCEAp1PvovEXjRqmWKN2EJeAfals0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b61ce1591ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 7B6F 0
0 42ms
16ms Image
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=4219474492435069871781
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10115
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 7B6F 0
0 57ms
30ms Image
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=4219474492435069871781
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10115
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2

200

xuid
eb2.3lift.com/ Frame 7B6F
Redirect Chain

https://match.prod.bidr.io/cookie-sync/trl
https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1
https://eb2.3lift.com/xuid?mid=7255&xuid=AADqek7EoBsAADYlyn1lSg&dongle=bzwx

37 B
354 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7255&xuid=AADqek7EoBsAADYlyn1lSg&dongle=bzwx
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10115
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=7255&xuid=AADqek7EoBsAADYlyn1lSg&dongle=bzwx
Date: Fri, 08 Apr 2022 10:24:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 7B6F 0
0

GET sync
sync.srv.stackadapt.com/ Frame 7B6F 0
0

GET
H2

200

xuid
eb2.3lift.com/ Frame 7B6F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=&_test=YlANZgAG4zwtmQA-
https://eb2.3lift.com/xuid?mid=3657&xuid=YlANZgAG4zwtmQA-&dongle=3c0a&gdpr=1&gdpr_consent=&_test=YlANZgAG4zwtmQA-

37 B
354 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3657&xuid=YlANZgAG4zwtmQA-&dongle=3c0a&gdpr=1&gdpr_consent=&_test=YlANZgAG4zwtmQA-
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10115
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649413479.867921,VS0,VE0
x-served-by: cache-hhn4068-HHN
x-cache: HIT
location: https://eb2.3lift.com/xuid?mid=3657&xuid=YlANZgAG4zwtmQA-&dongle=3c0a&gdpr=1&gdpr_consent=&_test=YlANZgAG4zwtmQA-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 7B6F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=8967287953539117079&dongle=4d58&gdpr=1&gdpr_consent=

37 B
354 B

17ms
16ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=8967287953539117079&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10115
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:38 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2f4156d0-fae7-4677-9910-d861f285f453
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=8967287953539117079&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 7B6F
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4945&xuid=02dc9b05-8f6a-45c2-bc9a-90660d99cd5c&dongle=31ac

37 B
354 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4945&xuid=02dc9b05-8f6a-45c2-bc9a-90660d99cd5c&dongle=31ac
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10115
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=4945&xuid=02dc9b05-8f6a-45c2-bc9a-90660d99cd5c&dongle=31ac
Date: Fri, 08 Apr 2022 10:24:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 7B6F
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=2817430926646925320&dongle=d407

37 B
354 B

11ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=2817430926646925320&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10115
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=2817430926646925320&dongle=d407
pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 7B6F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3690&xuid=d08a6250-0d66-4500-8972-770b1a81856d&dongle=3995&gdpr=1&gdpr_consent=

37 B
354 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3690&xuid=d08a6250-0d66-4500-8972-770b1a81856d&dongle=3995&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=10115
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Fri, 08 Apr 2022 10:24:38 GMT
Server: MT3 4335 2c68c00 master zrh-pixel-x5 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eb2.3lift.com/xuid?mid=3690&xuid=d08a6250-0d66-4500-8972-770b1a81856d&dongle=3995&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 08 Apr 2022 10:24:37 GMT

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/ Frame 4879 254 KB
81 KB 10ms
7ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71694d8ed80c586236db505697b3e29535c6bcefbb7b1ce3880e5c4bd5349227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 22:31:34 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 22:31:18 GMT
server: AmazonS3
age: 129185
etag: "14ff31543d853139c5782ead225ac441"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 82572
x-amz-cf-id: xOuczc6XRqzQtVyvDxPCofPr7mbv3iB03S4ixLsv55gH5sMmJSkBtw==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9274 1 KB
749 B 40ms
40ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 08 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js Show response
pagead2.googlesyndication.com/bg/ Frame A974 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yPRSpnmC7kCVHbP5HJYGhFaCAnVrOjYDhSjhq7GpE_U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13627
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Apr 2023 15:15:29 GMT

GET
H3 200 singapore-airlines-promotion-2-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 6 KB
7 KB 784ms
783ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/singapore-airlines-promotion-2-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2da9c835e375178d8bfaec2335e8f15c5563179dcb2f8114a2e1a2f0b6d3bef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6474
last-modified: Mon, 04 Apr 2022 05:51:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYPmlQ9QbGcb%2Bgsnh7JUG0684Xsn21ycO94XZXHkcow%2FoClLDC6VD9FSxYQj8N6iZU2X6vRRK8kW7xGtX4x%2B7MCYsiJ%2Bs9ZYVW%2BZsKT8FcY5l%2FMe2PAdLUklixbceClR1nW9qdkhnRNK37HJfnViw%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b622f0591ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 206 file.mp4
r4---sn-5hnekn7l.c.2mdn.net/videoplayback/id/2db05676d91974a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3792054679/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 5B1D 2 MB
2 MB 32ms
16ms Media
video/mp4 2a00:1450:400e:a::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:a::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fda1e2770ec235492f0cb19651ab5d181eb306d147687ea4577602b41c760985

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1798400/1798401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1798401
expires: Fri, 08 Apr 2022 10:24:38 GMT
last-modified: Fri, 18 Mar 2022 12:31:18 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
client-protocol: quic

GET
H2 200 r
eb2.3lift.com/ Frame 4879 37 B
139 B 9ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=40571466635456284107320&rev=11f0e47&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=92536&brid=561230&adid=65727303&crid=-1&ts=1649413478&bcud=14&ss=5&caid=0&unid=0&domain=3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.allsgpromo.com%252F&rr=creative&fid=10&rb=0&g=0&cb=13564
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 4879 3 KB
3 KB 8ms
7ms Image
image/png 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 22:10:30 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 476049
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: pmLo-R1JnorC8ADsjRCLBZa9yza5tbvGdVW2ACb71lcVQ400bcj8oQ==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 4879 3 KB
4 KB 8ms
8ms Image
image/png 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 17:38:29 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 578770
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: VLlKBDLgQOjEp1yN8ZKIVltbFTOr7cw3GdSVXfZ3CanB22paIKDN5w==

GET
DATA 200
OK truncated Show response
/ Frame B37D 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ctar
eb2.3lift.com/ Frame 4879 37 B
139 B 9ms
6ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_display&aid=40571466635456284107320&rev=11f0e47&cta_render_method=1&cta_render_text=&cb=95118
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 widget-300x250.js Show response
widgets.zemanta.com/1646288090/ Frame D8A5 7 KB
3 KB 6ms
6ms Script
application/javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1646288090/widget-300x250.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5c315ac0e20cd6fa803c642d705216f1db2b775a01d39659ad94357777b64c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: BIaxKvgQWMMbKJ64EUDQ8_r1TOYpzMdO
content-encoding: gzip
etag: "219d6ce77c230f015c317b2847a1286b"
age: 250
x-cache: HIT
content-length: 2583
x-amz-id-2: wSMfVJGbeK0942A8S/kVtPlFOroSYbRoYS+v36Hfbf6n/atJ/dB/HDBxVvOp4ZEza5gNALoBOwA=
x-served-by: cache-hhn4039-HHN
last-modified: Thu, 03 Mar 2022 08:30:46 GMT
server: AmazonS3
x-timer: S1649413479.793690,VS0,VE0
date: Fri, 08 Apr 2022 10:24:38 GMT
vary: Accept-Encoding
x-amz-request-id: 5WTKS6T47JW58ENB
via: 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 129

GET
H2 200 aop
eb2.3lift.com/ Frame 4879 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=40571466635456284107320&rev=11f0e47&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=92536&brid=561230&adid=65727303&crid=-1&ts=1649413478&bcud=14&ss=5&caid=0&unid=0&domain=3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.allsgpromo.com%252F&rr=creative&fid=10&rb=0&g=0&cb=91407
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DB0
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGoFPAW7ZGk8EHK-3N5EGXw&google_cver=1&google_push=AYg5qPLcpq1RbJnoTkGZVX472CQgjFR_y1vyfFW16JsSL1bBmPC0UXlcDG...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLcpq1RbJnoTkGZVX472CQgjFR_y1vyfFW16JsSL1bBmPC0UXlcDGPPmH6lkZbHMFOnPzw59fXJ9m7OFyQXMDrypQhKA0gn&google_hm=a3YW6EnBXYw5...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLcpq1RbJnoTkGZVX472CQgjFR_y1vyfFW16JsSL1bBmPC0UXlcDGPPmH6lkZbHMFOnPzw59fXJ9m7OFyQXMDrypQhKA0gn&google_hm=a3YW6EnBXYw53zAWaQjAKQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLcpq1RbJnoTkGZVX472CQgjFR_y1vyfFW16JsSL1bBmPC0UXlcDGPPmH6lkZbHMFOnPzw59fXJ9m7OFyQXMDrypQhKA0gn&google_hm=a3YW6EnBXYw53zAWaQjAKQ
pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DB0
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEKnae_5O-igdd9AZMCFFKDw&google_cver=1&google_push=AYg5qPLnZitubzoSHe3xWwp9wtezBhm3ZmfPI_6TBMD9Y-pGszmx0n-_1rFbhS76dGfva4SpScvgeP207b0iQYt5RC2TuG6xIYsT
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLnZitubzoSHe3xWwp9wtezBhm3ZmfPI_6TBMD9Y-pGszmx0n-_1rFbhS76dGfva4SpScvgeP207b0iQYt5RC2TuG6xIYsT&google_hm=Q0FFU0VLbmFlXzVPLWlnZ...

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLnZitubzoSHe3xWwp9wtezBhm3ZmfPI_6TBMD9Y-pGszmx0n-_1rFbhS76dGfva4SpScvgeP207b0iQYt5RC2TuG6xIYsT&google_hm=Q0FFU0VLbmFlXzVPLWlnZGQ5QVpNQ0ZGS0R3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:37 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLnZitubzoSHe3xWwp9wtezBhm3ZmfPI_6TBMD9Y-pGszmx0n-_1rFbhS76dGfva4SpScvgeP207b0iQYt5RC2TuG6xIYsT&google_hm=Q0FFU0VLbmFlXzVPLWlnZGQ5QVpNQ0ZGS0R3
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 7DB0 43 B
64 B 52ms
26ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPnKR37BygERFLc0wIzg-WY&google_cver=1&google_push=AYg5qPJP2FUkHffWKhr6fQeQvrs9tp9LKRrnqm3_UxAAfNenCgkCrDc1zCarW3O3l4ggK951h3Buuhc1ehFyf2YAwPoQdghD8ubv
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 50b2h9d7jdoj4v8h4n54nc6icccvd414

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DB0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRQaUpRATQ2DAqUlPd9XMQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRQaUpRATQ2DAqUlPd9XMQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJB7n6HTONQD31XOiJxRyvp7SK_IE5RYgqH7pgA84NF5jL_dufDAWpuo0ZcZ9HpI9A6P3oc8T0hReTLGPzCdCWd5BJ96S8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRQaUpRATQ2DAqUlPd9XMQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJB7n6HTONQD31XOiJxRyvp7SK_IE5RYgqH7pgA84NF5jL_dufDAWpuo0ZcZ9HpI9A6P3oc8T0hReTLGPzCdCWd5BJ96S8
date: Fri, 08 Apr 2022 10:24:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7DB0
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENINiuKjmzarxWvxXknDHXg&google_cver=1&google_push=AYg5qPJsTuAVnpSVqrDJNEdeFlxDhMnSroxpY3TaqyIYpQr69TzLU1w_3kRsXd2sp8DtOwkWZI4...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFRQTc1SFMtVi1JTUhS&google_push=AYg5qPJsTuAVnpSVqrDJNEdeFlxDhMnSroxpY3TaqyIYpQr69TzLU1w_3kRsXd2sp8DtOwkWZI4iXO0cV6mhtOwCLS5c7hrq0N52

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFRQTc1SFMtVi1JTUhS&google_push=AYg5qPJsTuAVnpSVqrDJNEdeFlxDhMnSroxpY3TaqyIYpQr69TzLU1w_3kRsXd2sp8DtOwkWZI4iXO0cV6mhtOwCLS5c7hrq0N52

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFRQTc1SFMtVi1JTUhS&google_push=AYg5qPJsTuAVnpSVqrDJNEdeFlxDhMnSroxpY3TaqyIYpQr69TzLU1w_3kRsXd2sp8DtOwkWZI4iXO0cV6mhtOwCLS5c7hrq0N52
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 7DB0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbUR...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 7DB0 43 B
297 B 97ms
18ms Image
image/gif 2a05:d01c:1d8:8100:8701:aae2:1118:ca9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOsu5KEvh6i5ZLKC7TiAkOU&google_cver=1&google_push=AYg5qPL_KUE-hiSCW81ZaWQb7h1MWAEE_BCh_x5EfinaAEYJ-Rx5oNkdcIwHAwzYyZ16dyAGA03_tQlUHsRiljWu7kN4UHks4cEB
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:8701:aae2:1118:ca9 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7DB0 0
12 B 43ms
43ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ik2It1P6aSo0WpNoT_MWegGZPu5rVoKiILyCHfNw-fAUk-ag2AQanHaFUFDOr27B_QW8ZE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CC20
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

93ms
93ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Apr 2022 10:24:38 GMT
expires: Fri, 08 Apr 2022 10:24:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Apr 2022 10:24:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 trip_com-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 4 KB
5 KB 783ms
783ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/trip_com-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f94fbaa4222578abc40259a8e95510f8aa8c687f94ca5ca7dc56674e835e7ff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4301
last-modified: Sun, 31 Oct 2021 01:38:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtVfTpvZCSOEiOB7a8r9YoHVLl6M8XSM6C1LKCluzQSLdppe9Vq5UYLC91YfxjCjxHH0pt%2FpVLtesxHbFmZXobQqN7dOP%2B%2BrZtvcmIkOx1uUMoYygG5%2FbtNrpCFaxxwN5ucS2WfFQpSDUa9xlwn5y0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b62d83391ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 200 container.html Show response
3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5470 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 10:24:36 GMT
expires: Sat, 08 Apr 2023 10:24:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 7401 15 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:00:29 GMT

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/OVMQOQWXOFJ27WMNMEQCA52KBL57CKV4RWIPGERHBBHFADEVHUBKH3NVYQOLL5IBPMBWV4OSRIFQL5NS7F4P27QB6BM4HR3QBB3SXTKCXZJ4XAKIMV2BEOUHOJ2GFBME7JPCEVZJQV767NARBAD65NEL44PRJG... Frame D8A5 26 B
151 B 14ms
13ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/OVMQOQWXOFJ27WMNMEQCA52KBL57CKV4RWIPGERHBBHFADEVHUBKH3NVYQOLL5IBPMBWV4OSRIFQL5NS7F4P27QB6BM4HR3QBB3SXTKCXZJ4XAKIMV2BEOUHOJ2GFBME7JPCEVZJQV767NARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTF6U6CYRT4VEJVSPC4SCPIOBFLOBJWWQJPL2TUAMR3TG6RTTDSAFLND4QGD6VI36QJEU2HGVNEPGFSIAY7MIWX2NG5OEBNMW3XR5OGVWPPW47CYIYJPXWNH7VLDY2HSRPHSU3YNUQKGYNUGFY3OPXWGSFQNJZKTKM4NH6P7BN3BI6GIXCCMCSWKO7EPUHYQD3VQ/?
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 10:24:38 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 17b876dd9316d95dec9bc438e18a65838c.jpg
zem.outbrainimg.com/p/srv/sha/0d/4f/bb/ Frame D8A5 15 KB
15 KB 9ms
8ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/0d/4f/bb/17b876dd9316d95dec9bc438e18a65838c.jpg?w=298&h=110&fit=crop&crop=center&fm=jpg

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

41ab23a1587790795ac5fdf093aae7652818d606b97ab2b932a5f773712ccf7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 1462109
x-cache: HIT, MISS, HIT
x-imgix-id: f9933065d2e934c3bbd9ebd892cd4fd806bae78c
content-length: 15553
x-served-by: cache-sjc10066-SJC, cache-hhn4049-HHN, cache-hhn4050-HHN
last-modified: Tue, 22 Mar 2022 12:16:10 GMT
server: imgix
x-timer: S1649413479.893399,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 1

GET
H3 200 klook-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 7 KB
8 KB 715ms
714ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/klook-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5a7b426e6216fc4c9c99a1d1cc009bcb14dba64016197de419f5bb445b80b66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7342
last-modified: Sat, 30 Oct 2021 13:59:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11PkDb9kbcwo0blCTRXE40NWrQFXSpKI%2F2On3z9uQcv7rFcmHAKC2Ynggugy%2BqRLlljxsczj8cTdY3KQUaMHx%2BP4Ld6P1vdb0Z%2FHN6YARsysYn1Vyrmh6u9v3yB9vYu9959I0q5Lf%2Booec53tCe3Fuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b6328b691ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 200 6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js Show response
pagead2.googlesyndication.com/bg/ Frame 38C3 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6DGELVyRstON4LmPFAMeAOP1baW3TqSdWCO5xyb3u9s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 09:28:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 09:28:15 GMT

GET
H3 200 728x90-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/ Frame 38C3 3 KB
3 KB 41ms
41ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/728x90-logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c555d3ea105d46af61cdfba31aef06c96b928cb93022555c7cc2e1b295aaff0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 4706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2865
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:04 GMT
server: sffe
date: Fri, 08 Apr 2022 09:06:12 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Apr 2023 09:06:12 GMT

GET
H3 200 728x90-frame-02.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/ Frame 38C3 8 KB
9 KB 43ms
42ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/728x90-frame-02.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dccefb67a62757e50de964e41b94e0631da84ca51e0938d79a9ca2a163f01ad6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 4706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8685
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:04 GMT
server: sffe
date: Fri, 08 Apr 2022 09:06:12 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Apr 2023 09:06:12 GMT

GET
H3 200 728x90-frame-01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/ Frame 38C3 8 KB
8 KB 49ms
48ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/728x90-frame-01.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c850a2621740716cc4a32fc0f6dfcf28ea75caaa0f3581ecf2d5a8476f453865

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 4706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8629
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:04 GMT
server: sffe
date: Fri, 08 Apr 2022 09:06:12 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Apr 2023 09:06:12 GMT

GET
H3 200 728x90-bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/ Frame 38C3 17 KB
17 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/728x90-bg.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

215ad0c70556c67a1466be322992ea25c2285da98e93253ff5a38febe0d57a09

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 4706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17862
x-xss-protection: 0
last-modified: Fri, 14 May 2021 13:30:04 GMT
server: sffe
date: Fri, 08 Apr 2022 09:06:12 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Apr 2023 09:06:12 GMT

GET
DATA 200
OK truncated
/ Frame 4879 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2912611f80b2d3d6d6fb3129005efca9959f7851f57868bc36028ed4e304e9ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9274
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIIX7ubkCPTEVTI58fxUe_o&google_cver=1&google_push=AYg5qPKGzoW6Q4C_POBj3js1Rl9HN1NZkCAZ8uKfD8B8mxUO2KmWJTiupR...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKGzoW6Q4C_POBj3js1Rl9HN1NZkCAZ8uKfD8B8mxUO2KmWJTiupR8eDK0i5QAE9p6EEv2GNZsBLeCqAPrP2B1rssIq6QVR&google_hm=a3YW6EnBXYw5...

170 B
188 B

44ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKGzoW6Q4C_POBj3js1Rl9HN1NZkCAZ8uKfD8B8mxUO2KmWJTiupR8eDK0i5QAE9p6EEv2GNZsBLeCqAPrP2B1rssIq6QVR&google_hm=a3YW6EnBXYw53zAWaQjAKQ

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKGzoW6Q4C_POBj3js1Rl9HN1NZkCAZ8uKfD8B8mxUO2KmWJTiupR8eDK0i5QAE9p6EEv2GNZsBLeCqAPrP2B1rssIq6QVR&google_hm=a3YW6EnBXYw53zAWaQjAKQ
pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9274
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFheF4ptU3TA9yz4L0Mnj7E&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2RFVDRHWjQxTkNMTmM1&google_gid=CAESEFheF4ptU3TA9yz4L0Mnj7E&google_cver=1&google_push=AYg5qPLIm2hZQmOdIg3B5Gc5fMwTBYgtbKxtKUjGJ8tO1PT...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2RFVDRHWjQxTkNMTmM1&google_gid=CAESEFheF4ptU3TA9yz4L0Mnj7E&google_cver=1&google_push=AYg5qPLIm2hZQmOdIg3B5Gc5fMwTBYgtbKxtKUjGJ8tO1PTAvz2iYL526CRLiRm_KSKnY-_SICQxZzAMo9ju5jbVfnfo26ty1TBT

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:38 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-078691873e5d8cf91@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2RFVDRHWjQxTkNMTmM1&google_gid=CAESEFheF4ptU3TA9yz4L0Mnj7E&google_cver=1&google_push=AYg5qPLIm2hZQmOdIg3B5Gc5fMwTBYgtbKxtKUjGJ8tO1PTAvz2iYL526CRLiRm_KSKnY-_SICQxZzAMo9ju5jbVfnfo26ty1TBT
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9274
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAH5QXaIFjNcIdtfO2qkwvM&google_cver=1&google_push=AYg5qPIVwks2vSj1xupXipRU_H0lp5ywknarEqbJq6xjbTHR7XwKlQasp0OwdaU5eOayxIX_wI2Lb87L2TKIVt...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4NDE3Njk0NTYwMDY1NzU1Nw%3D%3D&google_push=AYg5qPIVwks2vSj1xupXipRU_H0lp5ywknarEqbJq6xjbTHR7XwKlQasp0OwdaU5eOayxIX_wI2Lb87L2TKIVtQhbt...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4NDE3Njk0NTYwMDY1NzU1Nw%3D%3D&google_push=AYg5qPIVwks2vSj1xupXipRU_H0lp5ywknarEqbJq6xjbTHR7XwKlQasp0OwdaU5eOayxIX_wI2Lb87L2TKIVtQhbtP79VsFpvI

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4NDE3Njk0NTYwMDY1NzU1Nw%3D%3D&google_push=AYg5qPIVwks2vSj1xupXipRU_H0lp5ywknarEqbJq6xjbTHR7XwKlQasp0OwdaU5eOayxIX_wI2Lb87L2TKIVtQhbtP79VsFpvI
Date: Fri, 08 Apr 2022 10:24:38 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9274
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHV2MhuxgoRY8hCYx108Enc&google_cver=1&google_push=AYg5qPLQZCyCXl4RIF0YyJ-l5uZ-8T-X_tmFH_oru5GV7BFs9bacCEww1p4JbSukLy1EA9mZC6_sc-tdEcUK4N4I...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=E6Juy2i2RTmojXDbNZIq3Q2&google_push=AYg5qPLQZCyCXl4RIF0YyJ-l5uZ-8T-X_tmFH_oru5GV7BFs9bacCEww1p4JbSukLy1EA9mZC6_sc-tdEcUK4N4IiHSwHvYrySLn

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=E6Juy2i2RTmojXDbNZIq3Q2&google_push=AYg5qPLQZCyCXl4RIF0YyJ-l5uZ-8T-X_tmFH_oru5GV7BFs9bacCEww1p4JbSukLy1EA9mZC6_sc-tdEcUK4N4IiHSwHvYrySLn

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=E6Juy2i2RTmojXDbNZIq3Q2&google_push=AYg5qPLQZCyCXl4RIF0YyJ-l5uZ-8T-X_tmFH_oru5GV7BFs9bacCEww1p4JbSukLy1EA9mZC6_sc-tdEcUK4N4IiHSwHvYrySLn
x-host: tde-deliveryengine-production-5957d9dd65-6zrch
alt-svc: clear
content-length: 0

GET
H3 200 dds
rtb.openx.net/sync/ Frame 9274 43 B
64 B 31ms
30ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJHd-JgMNPLmyDKt3L9znhg&google_cver=1&google_push=AYg5qPL9lC-Vw3b8msjc7fgI5jP4N2IGLf-9neZX42t_gFSAlvuZM_7giwv5ug7Ne5jN7RTyIrT1QOODWd8ZYcSr4a9Wd_UMqfNC
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 72btemifpse753o0jci280p4n2a3ppe4

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9274
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHBzw80qBBdT5Gi_O-o4t28&google_cver=1&google_push=AYg5qPIBguHCqDhZUW-UYPfHE23CZvM9CbSSnkp8-qDspas3QDvXPsI4DSornSHDWalpeZH_asr...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFRQTc1TEstQi1DTUlX&google_push=AYg5qPIBguHCqDhZUW-UYPfHE23CZvM9CbSSnkp8-qDspas3QDvXPsI4DSornSHDWalpeZH_asr542Yyh6x95hKzMxqCEBLJAneP

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFRQTc1TEstQi1DTUlX&google_push=AYg5qPIBguHCqDhZUW-UYPfHE23CZvM9CbSSnkp8-qDspas3QDvXPsI4DSornSHDWalpeZH_asr542Yyh6x95hKzMxqCEBLJAneP

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFRQTc1TEstQi1DTUlX&google_push=AYg5qPIBguHCqDhZUW-UYPfHE23CZvM9CbSSnkp8-qDspas3QDvXPsI4DSornSHDWalpeZH_asr542Yyh6x95hKzMxqCEBLJAneP
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 9274
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8Xe...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9274 0
12 B 43ms
42ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBNY4NZBqK1yV1r7G9R9-a7SukwouxBOxCmiCCMiya55E0u93gC9BuhCh096Si98epINf-

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 klook-travel-fair-singapore-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 11 KB
11 KB 962ms
962ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/klook-travel-fair-singapore-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dee22a319ee6dc63a27b7bff3a646be3cf58512010b30cb3dd693109f045c51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11059
last-modified: Fri, 01 Apr 2022 05:32:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBGsT3KHRBoNfa9JniSLtbzu%2B9MkP7sf%2FNarSGScqmePE%2FKpPuiMjtTX%2BRG6T8SWjqHCQlc5G8osD8%2FBQVPcRn%2F5EjpReZhysAHwRH3Ym5VN0s2dOOx7GsaMduiRT1SqLSgc%2F2IbKpg9n77CBNX7WiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b63690591ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 49D9 1 KB
1 KB 9ms
9ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=42135
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: b357d236ad199cd742e1289b24fea42ee1bc40480269c13de8de675556c004ca

Request headers

Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 624
content-type: text/html; charset=utf-8
date: Fri, 08 Apr 2022 10:24:38 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5470 0
0 72ms
72ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3O2gZg1QYrTeGo7s3wOhjK1o7pK1k1y_ooXH5AXAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTA1ODI5MTg1NDQ0Mzg4McgBCeACAKgDAaoErwJP0J3SmjnwCH-x8NBP38u8rs5ETp5Vrh-qFsxptiTEEWTJ-N7Z7YmTj4qCdOd7fmoRjea2pHla0ATx6EbIwjuXMeBobC7H85wzhF_WH-qGRFVkfpzmsKjACW3kwXUW7YWN0MLtqCiErdWRYuBxxtG1a4yLe9BA0BiauKoTOC0-y_5Ak77qBpMCTM2PlziWiIT2yqZka_fr6czkB5H6POGLFla68S1QhXxPOHDyVbsX9g3E8ZxKDMIglvKxHdkzMei7Zrk6XkBIFrfZ38Mw4OEEf1bbQ7PxW9GJGnhu6WZlwTE7j30TUdHnHq6Vt4QOO-HI8imCE508DNRs9WKMWOGsXxexyz557eOR_Z-xl6oXSL7B-svAFzN7JpLqSulZ9CVjfi1ISJHJ2qBS4R7pzefgBAGABs-Rvv2xlq6j7QGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=DQwE2f4hJ1o&uach_m=[UACH]&cid=CAQSPACNIrLMOfreXiH-TDu9mn_8-YCxwof9zoX8A62BcHbcheTMZS2by3mrfKK5jULgQ0kD51s2IZnaswF28BgB
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 5470 4 KB
2 KB 7ms
7ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: /
Resource Hash: 71568078dff6e78c47f7990f34955b5ad9a965daca0adc5416a6864dbf8cf1bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:14:54 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age: 824
etag: "1508938c839842a753a06a4fb2147a7754cc1405"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
content-encoding: gzip
content-length: 2028
x-amz-cf-id: laz1kISIZ6N0cxxYeughmGfdNDU1gj4BhHiZopyaRvlHn-8FMu1BGQ==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 5470 3 KB
1 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:19:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5470 119 KB
36 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 10:24:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 5470 15 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0
server: cafe
etag: 1861550861606854559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 10:14:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5470 0
0 47ms
46ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkKfxtEAZRp8Kn5ujSf_wCNfXwGOwXo215woLfggqORem6d-bEZZqI1SgzG2BXNdDpBntHO6pjjZLEhLQrcozg988MvA
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5470 22 KB
7 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 11:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Apr 2023 11:16:58 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 5470 37 B
183 B 8ms
7ms Image
image/gif 3.123.205.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=YlANZgAGrzQKd_YOAAtGIQ59XCzxtiJr-fGIqA&ts=1649413478&aid=14518854812676048119740&ec=2460_92536_65727303&n=GqcEaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5LzE4NDJiZjk0LWI3MjYtMTFlYy04MThmLTc1NTE0MjUyNWM5Yi8wLjAxNC9KUzVNVElNQU40QlRWWVc3U01STEo1WVhNUFBSVEVRQ1FPT1pDUU8yRlhLMllTRVMzVlpMVlRUUTZNQ1NRR0NVWllTQVlTWEQzUk9DTk1SQ09OUzJEVE81S042Vk9IWTZRQjZKVklVRkFCQ0c3SFdDSkZPV0VBSkMzTFlTSFY0SFFDVDdZRUZFUEg1QVZHQ1dLT1ZVQ1pWUjU2QjNTVjNMS0xNVTQySUczQ1hYRkpUVEc3WkpPRlUyRzVGRVlPRFAyTzRITTRQNFg1SDZSTkVOWUVINTdJQkJGVlZEQ1Y3TFRBNVBNV1pCV1g3VE02NU1VQUNIUlU3Q0lOUzRXU1RMT0JIQUdCUEdMTk9QQzZTNU5DQlNWVUlDN1FUVlhRTU9SUFdLTVQzRE43N0VKWEtTTExGS0tMVkhBVEtWMkhYS1BTN0hIMkFTVDJJSVpMWk9aRlhLWjVSQjNNM0ZBQ0Q1UFVSRkpETTc1NkFHNTZNQVNCUEdJT1dOWkxBN1RBTjczSkVLREpRSlRSRzI0S0U1SEQ0WlJQT1I3SU1aTjZHQVQ3UEtQVDZYN1hNRUlINzVBQ0dEUERPUllITENJMkhULz%2FyAs8BCAASFzE0NTE4ODU0ODEyNjc2MDQ4MTE5NzQwGAAgASicEzD40gVAAUgAUABgCmgAcM6gIpABAJgBAKgBALABDrgBCcABC8gBDuABC%2FABAPgBDoACC4gCC5ECAAAAAAAA8D%2BZAgrXo3A9Csc%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Ar8xgAPQAogDmAKQAwCYAwCgAwC4A48RwAMAyAMA0gMINjU3MjczMDPgA%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwHpAwAAAAAAAAAA8AMO%2BAIFiAMAkgMEZGJhOJgDAKAD0bYCqAMA
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.205.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-205-63.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 5470 37 B
139 B 9ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=14518854812676048119740
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7401 0
0 46ms
46ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfUu73wkM4A9R9qPaVBBdQJpsK1fOvbDUckWyEhG7B2MQg7hnqvy1H4URUOkVSv-PrIsrj3Bzg2PAh0avLhRrJ6wnRUg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7401 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de2c2318c4228f5ccad90c119d3c110623844e92aec0a7f571f77b743c1fc3f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 49D9 0
191 B 21ms
19ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=42135
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET triplelift
sync.hgrtb.com/ Frame 49D9 0
0

GET
H2 204 current
triplelift-match.dotomi.com/match/bounce/ Frame 49D9 0
103 B 31ms
13ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=42135
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 49D9
Redirect Chain

https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=VPYcSlKgH0xP8BBIVqYEGFD1HUJPpxtMUPyiTnmx

37 B
354 B

11ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=VPYcSlKgH0xP8BBIVqYEGFD1HUJPpxtMUPyiTnmx
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=42135
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://eb2.3lift.com/xuid?&mid=5316&dongle=fa68&xuid=VPYcSlKgH0xP8BBIVqYEGFD1HUJPpxtMUPyiTnmx
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 49D9
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4219474492435069871781
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4219474492435069871781&dcc=t

0
0

34ms
33ms

Image
text/html

52.94.223.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4219474492435069871781&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=42135
Protocol: HTTP/1.1
Server: 52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:39 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9DKV8CAF79S1YQDA4BQW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4219474492435069871781&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

value=4219474492435069871781
sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/ Frame 49D9
Redirect Chain

https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=4219474492435069871781
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=4219474492435069871781

43 B
520 B

293ms
293ms

Image
image/gif

54.206.226.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=4219474492435069871781
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=42135
Protocol: H2
Server: 54.206.226.14 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-206-226-14.ap-southeast-2.compute.amazonaws.com
Software: Match/6817.2933fd11c233c2bdcb1c706b698b10fcabbf4860 (i-0ca5705919a29579d) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:40 GMT
server: Match/6817.2933fd11c233c2bdcb1c706b698b10fcabbf4860 (i-0ca5705919a29579d)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: Match/6817.2933fd11c233c2bdcb1c706b698b10fcabbf4860 (i-08e21715d2debbc1f)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location: https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=4219474492435069871781
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
expires: -1

GET usermatch
usersync.getpublica.com/ Frame 49D9 0
0

GET
H2

200

xuid
eb2.3lift.com/ Frame 49D9
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=6019&xuid=odET4GZ41NCLNc5&dongle=465e&gdpr=1&gdpr_consent=

37 B
354 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=6019&xuid=odET4GZ41NCLNc5&dongle=465e&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=42135
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:39 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://eb2.3lift.com/xuid?mid=6019&xuid=odET4GZ41NCLNc5&dongle=465e&gdpr=1&gdpr_consent=
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 49D9
Redirect Chain

https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent=
https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent=&tc=1
https://eb2.3lift.com/xuid?mid=6547&xuid=EBpP5WFsaY1LqQ1Tyhpy&dongle=45fg&pi=triplelift&gdpr=1&gdpr_consent=&tc=1

37 B
354 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=6547&xuid=EBpP5WFsaY1LqQ1Tyhpy&dongle=45fg&pi=triplelift&gdpr=1&gdpr_consent=&tc=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=42135
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=6547&xuid=EBpP5WFsaY1LqQ1Tyhpy&dongle=45fg&pi=triplelift&gdpr=1&gdpr_consent=&tc=1
pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT, Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 49D9 35 B
380 B 377ms
93ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=3a66d299-1ebd-4293-884e-8e6f36dc1a6a&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=42135
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

X-ServerName: Track001-iad
Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:38 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H3 200 cdc-merchant-list-singapore-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 13 KB
14 KB 204ms
203ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/cdc-merchant-list-singapore-218x150.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5dd8d235814a55fe2ac924486fd0e6f21fe48d6c9625dd0ce3ea2e4d2a31ae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13261
last-modified: Fri, 24 Dec 2021 08:18:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpWUdVqlaip1%2FfS3wowyjin7OBG5Y5XP6W1LB1eHYEGndViTVqqiYuWO53skP7isYzU1ZQEGlQA3xZDCPCwgzAPCfKv5amvrCT4xyBhBBN015B4nYGyybPAeHMTl68bq%2B725cCr5Fl5mkK8zqsYifV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b6419f091ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/ Frame 5470 254 KB
81 KB 8ms
6ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71694d8ed80c586236db505697b3e29535c6bcefbb7b1ce3880e5c4bd5349227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 22:31:34 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 22:31:18 GMT
server: AmazonS3
age: 129186
etag: "14ff31543d853139c5782ead225ac441"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 82572
x-amz-cf-id: 8K5h8ZYE0efnV-ZqX44aLgazI0v0N-ukU_zeO4DOXWR6r--JR7QfMg==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CDE4 1 KB
749 B 40ms
39ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 08 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5470 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a6cc40ffcf687ad5644518311b11f07b2780278f14ee90f34daca8177f99332

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1-for-1-staycation-deals-singapore-20-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 12 KB
13 KB 944ms
944ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/1-for-1-staycation-deals-singapore-20-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8f805612a9825344bce9d513843e533782a8b8510b24011da7511ddaf9cf4e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12517
last-modified: Thu, 24 Mar 2022 08:11:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMpzR0ppPFjTgyQyDMm%2BO8EjRrYmM3%2BDHy5tylo3WCIbyGkzcOxvcLMVz%2FidKncxMIpixKtIIW6UX6zTmGPzfuacIZ2gOGiWzXc0pTVxkWkXzUyn3fk8shryaE28CTt63q%2BaESeucb3%2BCrqS1ouyEMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b646aa791ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H2 200 r
eb2.3lift.com/ Frame 5470 37 B
139 B 9ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=14518854812676048119740&rev=11f0e47&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=92536&brid=561230&adid=65727303&crid=-1&ts=1649413478&bcud=14&ss=5&caid=0&unid=0&domain=3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.allsgpromo.com%252F&rr=creative&fid=10&rb=0&g=0&cb=85455
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 5470 3 KB
3 KB 7ms
7ms Image
image/png 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 22:10:30 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 476050
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: iiFUtK7T1qdZmm7me-Ft7xocEji4lwzQgBG-n6A7EAT00oHLcKpwFg==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 5470 3 KB
4 KB 8ms
8ms Image
image/png 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 17:38:29 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 578771
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: BZS0vUw9uaISrgGlFwMmuMejElPRWKMEsImLslI0kxODNc_qEtHh7A==

GET
DATA 200
OK truncated Show response
/ Frame D39F 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ctar
eb2.3lift.com/ Frame 5470 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_display&aid=14518854812676048119740&rev=11f0e47&cta_render_method=1&cta_render_text=&cb=18656
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 widget-336x280.js Show response
widgets.zemanta.com/1646288090/ Frame 9BC6 6 KB
3 KB 7ms
6ms Script
application/javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1646288090/widget-336x280.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73c73a78933604fd0b0166bd30d9ddd5df2eb4ea29ad66b6fe959e6a2efd18c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: NkfuTGezFwnvsp0_JQU5vMDr9uX6saeK
content-encoding: gzip
etag: "008a81d2770360fc8af601fb99ea9b96"
age: 1045
x-cache: HIT
content-length: 2492
x-amz-id-2: Xm/g93TxJudxfydy3HAl72nUEmUpN3LwB5uaeg97YBESukcF/dG5NNsGH7QEpeK8qs8rQOzvi/k=
x-served-by: cache-hhn4039-HHN
last-modified: Thu, 03 Mar 2022 08:30:49 GMT
server: AmazonS3
x-timer: S1649413479.139620,VS0,VE0
date: Fri, 08 Apr 2022 10:24:39 GMT
vary: Accept-Encoding
x-amz-request-id: 7KSXTR0EQQ3AAJDG
via: 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 258

GET
H2 200 aop
eb2.3lift.com/ Frame 5470 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=14518854812676048119740&rev=11f0e47&pr=can%27t%2520access%2520top%2520document&bc=0.014&bmid=2460&biid=6335&sid=92536&brid=561230&adid=65727303&crid=-1&ts=1649413478&bcud=14&ss=5&caid=0&unid=0&domain=3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.allsgpromo.com%252F&rr=creative&fid=10&rb=0&g=0&cb=32482
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 staycation-deals-singapore-7-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 12 KB
12 KB 943ms
942ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/staycation-deals-singapore-7-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c631d9cfbfae4d008be9878ccfbc516dee2dd812828035af2dcfcbed930ee08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11938
last-modified: Fri, 18 Mar 2022 02:34:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuB2xKb9ctLOabzHGgr%2Fs79xlIJDSlRiEbTQQIXAejvlk88Zv8JRXUJzSODXm9sycLYX%2BPpp15rGCaQwfY6SK%2ByHmAompqBumdGGFCgiB0K0ildy6%2FUIhtaNPiUMX7yOgUn53mauPfpNgLcZM3S3sjo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b64cb3091ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/OVMQOQWXOFJ26HAMOYRFINTLOL57CKV4RWIPGEUSFRD5OSBVJ772MYRI2DMIZVBSL223GOUJKCXUL5ZTHRM4VMY6LG36LIUP7UX4RYLHTJVPE5QSOUW3TQOUJLQ2BCOPJVORXW5WMY43JNARBAD65NEL44PRJG... Frame 9BC6 26 B
151 B 14ms
13ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/OVMQOQWXOFJ26HAMOYRFINTLOL57CKV4RWIPGEUSFRD5OSBVJ772MYRI2DMIZVBSL223GOUJKCXUL5ZTHRM4VMY6LG36LIUP7UX4RYLHTJVPE5QSOUW3TQOUJLQ2BCOPJVORXW5WMY43JNARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTF6U6CYRT4VEJVSPC4SCPIOBFLOBJWWQJPL2TUAMR3TG6RTTDSAFLND4QGD6VI36QJEU2HGVNEPGFSIAY7MIWX2NG5OEBNMW3XR5OGVWPPW47CYIYJPXWNH7VLDY2HSRPHSU3YNUQKGYNUGFY3OPXWGSFQNJZKTKM4NH6P7BN3BI6GIXCCMCSWKO7EPUHYQD3VQ/?
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 10:24:39 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 17b876dd9316d95dec9bc438e18a65838c.jpg
zem.outbrainimg.com/p/srv/sha/0d/4f/bb/ Frame 9BC6 20 KB
20 KB 11ms
11ms Image
image/jpeg 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/0d/4f/bb/17b876dd9316d95dec9bc438e18a65838c.jpg?w=334&h=146&fit=crop&crop=center&fm=jpg

Requested by

Host: widgets.zemanta.com
URL: https://widgets.zemanta.com/1646288090/widget-336x280.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

57e54599510ae1c24c8a478da234ca0f0b8808228413314bfff6e41496554339

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 563367
x-cache: MISS, HIT, HIT
x-imgix-id: 049b090b6dcc5c2b664b7bfa4229dab1459401b2
content-length: 20608
x-served-by: cache-sjc10030-SJC, cache-hhn4027-HHN, cache-hhn4050-HHN
last-modified: Fri, 01 Apr 2022 21:55:11 GMT
server: imgix
x-timer: S1649413479.175968,VS0,VE0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 3

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDE4
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELO80mtHlogHPhejN9glO6k&google_cver=1&google_push=AYg5qPLoTd-sQalz4O-_SioS9v2JqA9Wh9v_AZNd-wbV1dVJPsigtE5ODT...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLoTd-sQalz4O-_SioS9v2JqA9Wh9v_AZNd-wbV1dVJPsigtE5ODTRj8t31YnBrUem_pkfe2xEWixPNJRMyZz_r_1t2NrLl&google_hm=a3YW6EnBXYw5...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLoTd-sQalz4O-_SioS9v2JqA9Wh9v_AZNd-wbV1dVJPsigtE5ODTRj8t31YnBrUem_pkfe2xEWixPNJRMyZz_r_1t2NrLl&google_hm=a3YW6EnBXYw53zAWaQjAKQ

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLoTd-sQalz4O-_SioS9v2JqA9Wh9v_AZNd-wbV1dVJPsigtE5ODTRj8t31YnBrUem_pkfe2xEWixPNJRMyZz_r_1t2NrLl&google_hm=a3YW6EnBXYw53zAWaQjAKQ
pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDE4
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIsB9nfKFBUqE6GYDpYDdE3xU2zL-dY9s7cUj2...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxBTlpnQUc0end0bVFBLQ&google_push=AYg5qPIsB9nfKFBUqE6GYDpYDdE3xU2zL-dY9s7cUj2v0igV4NUwLdA98kN0ixLnLVGh4FFHoAF4Kbpqs2Q6L_i0UYi2O522bSw2

170 B
188 B

44ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxBTlpnQUc0end0bVFBLQ&google_push=AYg5qPIsB9nfKFBUqE6GYDpYDdE3xU2zL-dY9s7cUj2v0igV4NUwLdA98kN0ixLnLVGh4FFHoAF4Kbpqs2Q6L_i0UYi2O522bSw2

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxBTlpnQUc0end0bVFBLQ&google_push=AYg5qPIsB9nfKFBUqE6GYDpYDdE3xU2zL-dY9s7cUj2v0igV4NUwLdA98kN0ixLnLVGh4FFHoAF4Kbpqs2Q6L_i0UYi2O522bSw2
Date: Fri, 08 Apr 2022 10:24:39 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDE4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECoxFDM1adRTsuO2JDNebSc&google_cver=1&google_push=AYg5qPJX3ahOPUu9hjO8LUkN6iL0xmgWBehzXrr4V00eli00in5hfhcPSf90JOCP50lh8UUtNEJx-hUI4x5CrCPr...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=L4BiUA1mRACT7EVZZgESwQ&google_push=AYg5qPJX3ahOPUu9hjO8LUkN6iL0xmgWBehzXrr4V00eli00in5hfhcPSf90JOCP50lh8UUtNEJx-hUI4x5CrCPrkCp8_9p2...

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=L4BiUA1mRACT7EVZZgESwQ&google_push=AYg5qPJX3ahOPUu9hjO8LUkN6iL0xmgWBehzXrr4V00eli00in5hfhcPSf90JOCP50lh8UUtNEJx-hUI4x5CrCPrkCp8_9p2yfEn

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 08 Apr 2022 10:24:39 GMT
Server: MT3 4335 2c68c00 master zrh-pixel-x15 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=L4BiUA1mRACT7EVZZgESwQ&google_push=AYg5qPJX3ahOPUu9hjO8LUkN6iL0xmgWBehzXrr4V00eli00in5hfhcPSf90JOCP50lh8UUtNEJx-hUI4x5CrCPrkCp8_9p2yfEn
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 08 Apr 2022 10:24:38 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame CDE4
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMjgKTHvBBDz9MpTqMjrxNc&google_cver=1&google_push=AYg5qPLzb4Cagaf9QbnCasBhTTqZJcvLSaDge6aiedwljk4h4COZ6LLiaO_37sTeC0PA--oTmZw7naJ40ednbSzrymchV-2YPGNJ&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMjgKTHvBBDz9MpTqMjrxNc&google_cver=1&google_push=AYg5qPLzb4Cagaf9QbnCasBhTTqZJcvLSaDge6aiedwljk4h4COZ6LLiaO_37sTeC0PA--oTmZw7naJ40ednbSzrymchV-2YPGN...

43 B
417 B

177ms
176ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMjgKTHvBBDz9MpTqMjrxNc&google_cver=1&google_push=AYg5qPLzb4Cagaf9QbnCasBhTTqZJcvLSaDge6aiedwljk4h4COZ6LLiaO_37sTeC0PA--oTmZw7naJ40ednbSzrymchV-2YPGNJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLzb4Cagaf9QbnCasBhTTqZJcvLSaDge6aiedwljk4h4COZ6LLiaO_37sTeC0PA--oTmZw7naJ40ednbSzrymchV-2YPGNJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6f8a4b661f246909-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 34470
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6f8a4b650c976909-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMjgKTHvBBDz9MpTqMjrxNc&google_cver=1&google_push=AYg5qPLzb4Cagaf9QbnCasBhTTqZJcvLSaDge6aiedwljk4h4COZ6LLiaO_37sTeC0PA--oTmZw7naJ40ednbSzrymchV-2YPGNJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLzb4Cagaf9QbnCasBhTTqZJcvLSaDge6aiedwljk4h4COZ6LLiaO_37sTeC0PA--oTmZw7naJ40ednbSzrymchV-2YPGNJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDE4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWxBTlpnQUc0end0bVFBLQ==&google_gid=CAESEEevLM5_1bLEyuN-awRisoI&google_cver=1&google_push=AYg5qPLkFB2iG6XqokPOiL6Lp_MTEJI8D-...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWxBTlpnQUc0end0bVFBLQ==&google_gid=CAESEEevLM5_1bLEyuN-awRisoI&google_cver=1&google_push=AYg5qPLkFB2iG6XqokPOiL6Lp_MTEJI8D-6nu6xsWbXM0YR6HfAn5ykOe95jHpNbaGsVx9cvT21ksQHvsWwoDdoEsRX3onvF-EVg

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649413479.179071,VS0,VE0
x-served-by: cache-hhn4068-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWxBTlpnQUc0end0bVFBLQ==&google_gid=CAESEEevLM5_1bLEyuN-awRisoI&google_cver=1&google_push=AYg5qPLkFB2iG6XqokPOiL6Lp_MTEJI8D-6nu6xsWbXM0YR6HfAn5ykOe95jHpNbaGsVx9cvT21ksQHvsWwoDdoEsRX3onvF-EVg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 dds
rtb.openx.net/sync/ Frame CDE4 43 B
64 B 27ms
27ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFmRPUoW4VRuadbkpUo5doo&google_cver=1&google_push=AYg5qPIEeSqrLBCQheQAHNugseMBbvn069Fa_oDo5NnrPFVKrKVqyFCu4XVWLCq735suVO2dmlbL__Ema_ERr-dx8UQ4Z1RNkD-g
Requested by: Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: fshsulqgq1i7fu2bjrhtklhoeg9in85c

GET

pixel
cm.g.doubleclick.net/ Frame CDE4
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEKpm5K3BvUOgBALYG_LVB7A&google_cver=1&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CDE4 0
12 B 41ms
40ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JCBnQ7SnLxD-lvWIjOMeBMdlaIcNfCLR7m1E3eQWYb4bl-dRMuYzJZ0EDOJjyD5Ko5hhLr

Requested by

Host: 3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
URL: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Promo-Posts-with-John-and-Jarolyn-26-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 13 KB
14 KB 947ms
947ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/Promo-Posts-with-John-and-Jarolyn-26-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 018c5610d7770f398e198fc787bba85a18a8fbdedb95aa64c3766d610436a9b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13233
last-modified: Fri, 08 Apr 2022 03:17:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNP9LD8gTD2t0FjHLwpFWsGW3Fg8RNfanEg26QiUVIF%2FIGTmyOTMgdFbQJ8jgkG21eTchBPPPKt9ZQ0QFLtoXu1x6e28F0zPHsA7ASWGy3evzCdfS9mM2tYE3YUxqyk9RnbeK%2Fz1Cahi%2ByAu4pGeSTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b64eb6f91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A974 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bmz0dZg1QYt25E7KH9fgPx-6pGAAAAAA4AeAEAg&bg=!fH-lfzvNAAZAkm7qYJI7ACkAdvg8Wv9g1CY-6ljbba8aR5bmk0yfPgt21E4WzKPDMm_7aFNimDfJUAIAAAEHUgAAAAJoAQeZAuzt8Z4ke-k_gAEmNieor4YoAwzZPZERzln6h1pvdTwM7qCbVbf1hyOD-0KXSBSuwK0QujXQOwnfGgYpW7i44fX-4V_awzECIgjfDsiyWpyXl03wlfS9J8hAeJnxCdNoTeDURXcKWQX_8_5kbkTuOYmamDBRVeqzGoOSo3EkG_k5AkwTNvc0sC-d9xsqZfhTwWazMHtKarXlUF4iJ-HTtEUMicGTV63IxfkvBWLrdPNeUeATQnoJElHcvTLvFBMyldJlT-8mZFyyAdO0ZFIxZXBVqUdODJ8-uV4njlqIYHOMMBgPBCEFuv9MoqhvpAmztOj7Ct223CAj0i8GAq7m9ZKCj_rlUnHPHzyLHJY2FrpujWO56bkLpZo1nOxf-iLiijUn7SDClRC7142bogNvWP6OBClePgP_9qbAs_pweFIYzG3FKM4yRgS9WN5Y4IXHrbGiL29uMUh5RIrjJQ9-9K0RDRDV73_M7R09-rp1_KfPAhErLlOmYdWKNMhawHlSD9b0hWSjHRnpD1ZhEPBvga8QIS250ymJucED6ZcW1h52kt3yEkIzEBrQhux1UJ2cKJCC9-_o8WtRv0z6ATcDjPd2rxrQvCFVHmqNyA5dCXvh0iixUBTavCpLpI15khR5L8mDua6GwP2HdHZDQXoPX32NPKIuwScA03dDI6FzDFVAVmf46_VQ-UnCMDulz0x0Z7hgouZyQn__r6qcMWpuWSBCLCtvfzpyY_Sz4mN1oGlbbkDh5ig4V8iROzJS3t0YEkirEcATvudqPmllaEzK9GfE4cXDjUcfGKs9cep98odSnsqFnPFIPHpElInNwdSNoQmPYkJTSWcjonlXvuXBrNc3EzB9cltry_oVeaJQkdwG98mRxtvXOU8LXreLh1C8Cfa_jgtQ4kRybxDq_PKKbjdjVqC4VmoESFrpJhgOfCe3x3HDhLYRVSuZGNjYsFzbbcuH_H5KKQw9NigNdSx3aD4Dj7HgXv2fOlUdIBZD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 3A8B 1022 B
1 KB 9ms
8ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=62132
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 2ae24e28cba41dfa0432235bc4d7baf09dd9395cf9773436556cb206ffe04584

Request headers

Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 496
content-type: text/html; charset=utf-8
date: Fri, 08 Apr 2022 10:24:39 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 paris7-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 8 KB
8 KB 204ms
203ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/paris7-218x150.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24aad7c9688903f80f6b22c21a1c417f0dcc99de20b7eff833db9af5b43b0476

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7826
last-modified: Thu, 07 Apr 2022 03:14:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lQfovOcG65x1Vqam%2FE0k%2BTURRlZvRoFGnrYqG%2BKzAjHkex6OaQbArmNswuQqT4UJQNvV8av5znifxL0I0eSjoPmaveJbunnScLX14BfLQl6qe79NwKYkm6SA4sHAG0cRGUfrYqujioDw446W5%2BSxz8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b651bb191ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3A8B
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=6126&xuid=86894863-ee3b-4fcb-af53-dfe227f80e40&dongle=9e4f&gdpr

37 B
354 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=6126&xuid=86894863-ee3b-4fcb-af53-dfe227f80e40&dongle=9e4f&gdpr
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=62132
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=6126&xuid=86894863-ee3b-4fcb-af53-dfe227f80e40&dongle=9e4f&gdpr
date: Fri, 08 Apr 2022 10:24:39 GMT
server: _
content-length: 0

GET CookieSyncTripleLift&gdpr=1&gdpr_consent=
rtb.adentifi.com/ Frame 3A8B 0
0

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 3A8B 0
330 B 22ms
19ms Image
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1245&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=62132

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 140
match.deepintent.com/usersync/ Frame 3A8B 0
44 B 280ms
90ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/140
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=62132
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
content-length: 0
server: c

GET
H2

200

xuid
eb2.3lift.com/ Frame 3A8B
Redirect Chain

https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=1%26gdpr_consent=
https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3DQwQpdwph96ba%26dongle%3D8bee%26gdpr%3D1%26gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=2636&xuid=QwQpdwph96ba&dongle=8bee&gdpr=1&gdpr_consent=

37 B
354 B

11ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2636&xuid=QwQpdwph96ba&dongle=8bee&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=62132
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://eb2.3lift.com/xuid?mid=2636&xuid=QwQpdwph96ba&dongle=8bee&gdpr=1&gdpr_consent=
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-84dd458cf8-zjmnz
expires: -1

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ Frame 3A8B 49 B
513 B 67ms
13ms Image
image/gif 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4219474492435069871781

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=62132

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:39 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET 9779a491-75d6-4ad2-92bd-2f159c9892ab
www.storygize.net/ccm/ Frame 3A8B 0
0

GET
H2

200

xuid
eb2.3lift.com/ Frame 3A8B
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=C3BBD50E7BAA4CC084B3C22342CD6624&dongle=yf3

37 B
354 B

11ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=C3BBD50E7BAA4CC084B3C22342CD6624&dongle=yf3
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=62132
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Fri, 08 Apr 2022 10:24:39 GMT
x-content-type-options: nosniff
server: nginx
location: https://eb2.3lift.com/xuid?mid=7969&xuid=C3BBD50E7BAA4CC084B3C22342CD6624&dongle=yf3
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 07 Apr 2022 10:24:39 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 3A8B
Redirect Chain

https://ums.acuityplatform.com/tum?umid=23&uid=4219474492435069871781&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3391&xuid=661867446894&dongle=6f30

37 B
354 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3391&xuid=661867446894&dongle=6f30
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=62132
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

access-control-allow-origin: *
content-length: 0
location: https://eb2.3lift.com/xuid?mid=3391&xuid=661867446894&dongle=6f30

GET
H2

200

xuid
eb2.3lift.com/ Frame 3A8B
Redirect Chain

https://sync.1rx.io/usersync2/triplelift
https://sync.1rx.io/usersync2/triplelift?zcc=1&cb=1649413479979
https://eb2.3lift.com/xuid?mid=4070&xuid=OPTOUT&dongle=2dcc

37 B
354 B

11ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4070&xuid=OPTOUT&dongle=2dcc
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=62132
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:40 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=4070&xuid=OPTOUT&dongle=2dcc
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H3 200 Promo-Posts-with-John-and-Jarolyn-24-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 14 KB
14 KB 223ms
220ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/Promo-Posts-with-John-and-Jarolyn-24-218x150.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa6c46abfebdec844846d8e644e7fe0879476d71b931cc3ce09e489f9f327af7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14094
last-modified: Fri, 08 Apr 2022 01:58:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GHOul260xgifunL64Js28Gm2g692%2FipPzLa4VBGrg9apKKebiCKT33odSGABnJ8zAKRqAmyMwAOvWyM0ZtmUWRQcGurBiJqgfRYl8ynvoNV1vNl5lGKbzbLRDviDgBmFtUuit0Hdie6VGpXoC%2FkcUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b653bed91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 200 jacks-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 11 KB
12 KB 971ms
971ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/jacks-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b6380085b7872383aa47f365d2b919a2c2f1367e5f9d310e8e7c715e842cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11161
last-modified: Wed, 06 Apr 2022 07:49:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4J7lCKTYdgKXqprgL0ozTk7aG%2BPzPDpXOJSniRfzpCCARLSIBgadbqRiqPY3al4NdAmvHMZDlwQ4tcpcnQqpPVNAL2YS3p3kZQhj9ZaPW8Eo%2Bd9%2F2ssBulp%2B%2F020IBhWsm2LAqoTOKwDAryPEEduAWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b655c1691ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 200 Promo-Posts-with-John-and-Jarolyn-20-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 13 KB
14 KB 210ms
209ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/Promo-Posts-with-John-and-Jarolyn-20-218x150.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dfc0ff8819b5be0a6d761a97741ef4a6a92046c96e4cde9fa926320ad2d1fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13288
last-modified: Tue, 05 Apr 2022 13:14:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rsfKqd%2BrBpSWZdnGBuzPktoUtlkuFIVPe4Xs2ybor1CkdvRfPb05ZTOwwU%2FDGtsGvCHP%2FIJ58pV1WaDv%2BP9t7sCFxTBrQYXQDTtj47EDCcTHxXegnMjsAZj9w3MJNLyOkafLc62f9WsWeb2f649TkU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b657c3991ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 200 moomoo-promotion-free-share-1-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 8 KB
9 KB 222ms
221ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/moomoo-promotion-free-share-1-218x150.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 938f284e01a1deaf4f9840c88c4aa8d9cfa5f6f20018de59cec2f749a7efd3aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8657
last-modified: Thu, 31 Mar 2022 17:11:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78qfdq3u4PxdQSsRAzLatvOjq0zbMJYa5DUyNP7nsckeE3naUPk6hIgRAur%2BE6OmBKXbMTNF%2Fw9epfvHFoNSLQwIeGhhIrHjG%2BRgE%2Fm9EI7PeJOLerkErLcPlfl93vv1RHvl4Z1yiZxPFOUmv7Vz8d8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b658c6191ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 200 popular-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 11 KB
12 KB 227ms
226ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/popular-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbab134b40516c3b82fcf4ff38e672ffcce14dae999c1df5fe9413c579c3ad07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11730
last-modified: Thu, 07 Apr 2022 02:49:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3bqvvDfaH5dp5Aj3W1N16EQgEofu25MBrd%2FHRsCwlI4P6Ep1TBe1WiXdVWVtU8UgOjfnBVt6cK26ToEZRYMlLvNBAOvx5lxOMt8CHQvXnELyYKtnkV66A%2Ff073ioKHL%2Fo83pIRouqp2XlCdRVZ0OrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b65bca091ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 200 flowflex-covid-test-kit-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 10 KB
11 KB 978ms
978ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/flowflex-covid-test-kit-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aaa4a2fd868afee5db9268e5ee173ccaf70906fe21b276196e3e338f20cf37a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10347
last-modified: Thu, 31 Mar 2022 02:54:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oJruXwnKe5jORH3N%2BDcRJT9m%2FUElato32rPn%2BuVkAvz0Yw5njnYeomqcJeqe4sWKTcqahe9POcDPh1rrzPtgoyzq%2FyHl2moqsq%2F7xP6J34gTYNh%2BMQh8a22kbZEDGbjUTd0vkaSKKhvBTUwYpjty1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b65dcee91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:40 GMT

GET
H3 200 gojek-promo-code-1-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 10 KB
10 KB 229ms
229ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/gojek-promo-code-1-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a68049e5184cc74b95460fe324b8dc079af40854352b4b46154fa75cbd450a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9897
last-modified: Tue, 28 Sep 2021 03:10:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26wbEJYjqaVmWMlLV6DSTf6oXmTrihEqmMDhrR%2BholWy2mhBpyqIfvRhKspk76z0Daeh42dwEA2igGsyoGEKSUOBjqzxSWC48ZNBZRCBfcowD5WXMsXKQjQVtwxb61gKvx4cIdEBHYWJfdfJ282F2zc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b664d8f91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 200 kfc5april-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 13 KB
14 KB 220ms
220ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/kfc5april-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20c4bb51eb6ef09479e9ca86e447630ae7be53d0565c996776338feffd36d4b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13242
last-modified: Tue, 05 Apr 2022 12:52:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5sude76iwk3VTV9SjFK0k%2FYhayfUqZeFPzyB6361B5SeLS8DPypP47FnaifRnJnJ9XNOGMstajFas8bgmXwJsKml26ryCU7TfFAWilgPWH%2F%2FxI%2FVQrUhVvjDw7S5RW5WOjZYor7flR6Ada1VJvzaC0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b666dba91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 200 mcdelivery-promo-code-1-for-1-and-more-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 10 KB
11 KB 867ms
866ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/mcdelivery-promo-code-1-for-1-and-more-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aa26d93d44c86b5ab2153d300620aa53e709f699eaa277a15d78736557cd42c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10354
last-modified: Tue, 29 Mar 2022 02:15:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7bjg95GwYiG9VDrvn3ie9ZZzpBAbPUYzxc%2B8PCPaISAmY0XsC6geFfu%2Bl1DvXrAfZVn6IOisY1yIG%2BhGzYW0dmDaxq4miNMd%2BHuGY1U2SpBdh4%2BP4U%2FIT9MxosuiOH%2FnPFhLnTUityaXD91v3VtbLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b668dde91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:40 GMT

GET
H3 200 CHARTERIASE28-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 5 KB
6 KB 715ms
714ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/CHARTERIASE28-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1db913e4389546952fdd6c292443d0464d35e3d2ad3402ba43ae5923a9b6ad7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5168
last-modified: Mon, 28 Mar 2022 12:40:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNxczjUzyIlbKL9RGxtPSA6HJIiMDSc11obyRJlOI7loO%2F6srR9hevdKmxx%2B%2FaYKMXNGS4HlZJ0M2hfanhndOEIJ4wKc4I%2B07Hx3tAAgXwX50c57XD1ASyVK4KsnSeeVerGLK7yWwlfKWKqVL7elpKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b669e0e91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:40 GMT

GET
H3 200 Coffee-Bean-Menu-Coffee-and-Espresso-Coffee-Menu-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 8 KB
9 KB 786ms
786ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/Coffee-Bean-Menu-Coffee-and-Espresso-Coffee-Menu-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 348315c4386b4a1ee64b946aea378166d8cc348210321fdbb6d19dccb89f14db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8149
last-modified: Sat, 10 Apr 2021 02:58:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fW7a2UU1fpdmRqdx4RRxvKNElVfklysRZkGwq5qZE0K%2B9PX82i1PAT95QPZqVmIQX8sNxvb4wqXm6rQMtE42ri39dU%2Fy%2Fg7n%2FV4HZa5kkdDyH3EQ2xHYx3FoflUwcU%2BI1dI9R4FsmUiCNJ6bZvqpWok%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b66be3691ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:40 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5B1D 0
17 B 196ms
104ms Ping
image/gif 2a00:1450:4017:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l1qa7521&c=2724209673102&slotId=1362104836551&qqid=CJGemoOghPcCFQ6qdwodSqwFYA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=999&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=12&vhc=0&msm=1&aits=18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220323_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4017:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cedele-218x148.png
www.allsgpromo.com/wp-content/uploads/ 12 KB
12 KB 870ms
870ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/cedele-218x148.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af5bc7fd6a48854ff031f84585f3130e6d74461d9919fed97843ddb4f393481c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11862
last-modified: Wed, 02 Feb 2022 04:52:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBD%2B2VVQ2Jlyfnrllv14huHd%2FnxMBhQ09csAucKDD3GvPu9LrTF7bE1K6NcQRg6FjZqsu%2Fglz4E2cwGlmr01LPpox6VWTZ%2B65Vi%2Fyh7VJomigH6PE8lpBx7ZYzsMvNVKm0ejiSPrQm2U18%2F6wfMVAKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b66de5a91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:40 GMT

GET
H3 200 Cold-Storage-logo-218x147.png
www.allsgpromo.com/wp-content/uploads/ 9 KB
10 KB 225ms
224ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/Cold-Storage-logo-218x147.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa7b159c9534ad3f612a6988bd7e39010f3c6fd0240ede7791b08b7a42df5467

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9512
last-modified: Sat, 05 Mar 2022 08:22:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Brlk2IUt5RMV4qxfW43uNqAHYfKU9t2v1hh%2B1A0UllWDFLihjA4M%2BdhCzn5%2Fi88WCJRcT0N6MX1UFOu%2F1O76KAXiJnm8nTQueDY4OnCN7eLRk0aG62%2F2WK5rrI%2Bkis8L%2BcQQuO1Nmtso%2BfmS3RR4TFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b66fe8591ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 200 logosocial_awfullychocolate-218x150.png
www.allsgpromo.com/wp-content/uploads/ 6 KB
6 KB 197ms
197ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/logosocial_awfullychocolate-218x150.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2fe3596cd5ccbf866d8a20edcbbe61a4663745d39324a72c749192963d75453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5844
last-modified: Sat, 05 Mar 2022 08:08:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ddm8Q%2Bi0V4l7L5fxa4rN%2BzRappFGV2k%2F0yPAosssM7FhCVVugyS9SmYlaDWi7DjhwMZl5GWubvEHJ3mtXoAmKslVV4VBd4beq3Ju3%2FhTkfngMWxiOMXlX0WZCasS1EBfI5DB6WTvLcC2lA2jBaXRPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b671ea991ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 200 Promo-Posts-with-John-and-Jarolyn-17-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 8 KB
8 KB 793ms
792ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/Promo-Posts-with-John-and-Jarolyn-17-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa812c159057599e703484c762b9f385db5e5dc30ee5d71a0a05fbd88a1a97fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7851
last-modified: Mon, 04 Apr 2022 04:18:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELvII8zBpk5nGCUV4MEeA1ftPBSvZGXCWa7auE6miBfXe6hQUt5LL1i7tbw4qfWwgmwDrygmM4JOhiub0A%2BRgK2oNChuoY1LX6uQAsfBEvqC0ADQFB7VpIyJA3d6jBYyKBHxZY3jgKuZDtH%2FfFUZQqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b672ed491ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:40 GMT

GET
H3 200 grab-promo-code-wfo1-1-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 6 KB
7 KB 776ms
776ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/grab-promo-code-wfo1-1-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23779ca3450704884e8ebec4e87ae1821456ab54961ae8de5d28b33201767c76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6498
last-modified: Wed, 09 Feb 2022 12:36:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KC700oT0PLi4r8T1%2BSyPN3FcnhYl2UAsSt3tRJng6iXf%2B0cguPyrbT8rfi8QPKPRDE5Ss7JEwi3e6Rx29GzMWanD7zxvyuxdlCOLcnarhXifPzB0RLjGNwCnJ461izXqvVFzNI6kuMAcmvxV4zgRjCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b674ef491ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:40 GMT

GET
H3 200 popular-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 11 KB
12 KB 221ms
221ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/popular-218x150.jpg
Requested by: Host: www.allsgpromo.com
URL: https://www.allsgpromo.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbab134b40516c3b82fcf4ff38e672ffcce14dae999c1df5fe9413c579c3ad07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11730
last-modified: Thu, 07 Apr 2022 02:49:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inH2%2BH9sBNaBpMw6Gv6SaQIMCZmI%2FLiU4pI5E6d9dlCCqGFrM4QMpnLT%2BDP40%2BNws%2BE3nuXlYHZoUm5pZV1lUdJ%2F%2FOkCbvb29rps%2BMZnNSlECGm392ug6gDksCF8c0Usb%2F7%2FxZkW%2F8M5WiiD1WUdxJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b677f3e91ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:39 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B868 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEXws1q_iY2crX6ihbckffNHwtjM1oSCDki7B5KZZeA5bNEAOHlnxQOEdX7f-4sGc1whxhbHppQJ2yX1-yfPsxYw&sig=Cg0ArKJSzA38rpZuUlkgEAE&id=lidar2&mcvt=1002&p=233,436,323,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1567859958&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649413477245&rpt=1334&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Promo-Posts-with-John-and-Jarolyn-18-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 12 KB
12 KB 872ms
871ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/Promo-Posts-with-John-and-Jarolyn-18-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2031851ae8d54c8de1aad8605596997201dfd6b27fdc0c36464ba25ffcd4c2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11828
last-modified: Mon, 04 Apr 2022 06:51:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSnL9zqTtMqpDt2Y3Qjqsl91YjYNZiTRMrlmrhK%2Fh3A04Z0lL%2BWLeUKp1oe6Br1vCQLUnLQBCGlXv%2BmJFvcrcltb5MdKTUJmtQ3%2BkQc9RlieIJGKnfStEPHw8LVzfqNa%2FlDNx6w%2F7wryRyHk9FGXIt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b67af8191ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:40 GMT

GET
H3 200 uob-logo-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 4 KB
5 KB 780ms
780ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/uob-logo-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 336ceb4b8840ce4e45e3f6475c3f16decdbba02ce25fdd54c184db2f39f0e371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4383
last-modified: Sat, 13 Nov 2021 15:51:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RE1mHG3%2FZ2hHjaQ4EukwcJb%2BWKeu%2F5MEmazM9XXPr8QNl3LItu7UXluVxJbPdQnBs48%2FC49KN%2BDIPjSceqGy4rDH1wQid15JvIMtlLhljySYyemOzeH0chyYV4acjuiXvwiQJa5M8CB9p4gOdxkBhY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b67dfc691ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:40 GMT

GET
H3 200 xingfutangapr3-218x150.jpg
www.allsgpromo.com/wp-content/uploads/ 7 KB
8 KB 711ms
711ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.allsgpromo.com/wp-content/uploads/xingfutangapr3-218x150.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deee21662411ee0483dd9460a51ddeaffeee830b5a7898fb2ed9d5963e400a20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.allsgpromo.com/kfc-promo-menu-delivery/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: d NC:000000 UP:SKIP_CACHE_PRIVATE
host-header: 6b7412fb82ca5edfd0917e3957f05d89
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7124
last-modified: Sun, 03 Apr 2022 03:30:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=792NN7R%2FM%2FYbMY7oH%2BUBELh3wqjSoEGr%2BHvliraSimdEJCsTOxbrRsgwX30zdMxp2enyMcxev9a5B8qfH5YsqN8A2wJ3moaw8b9aiHFuMilYAEm1mj0raOGQO9suwbQ5qaffHVXqe36%2FmQTbToTG%2FrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-httpd: 1
cache-control: private, max-age=10368000, public
accept-ranges: bytes
cf-ray: 6f8a4b68185391ff-FRA
x-proxy-cache: MISS
expires: Sat, 06 Aug 2022 10:24:40 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 06F3 3 KB
2 KB 27ms
7ms Document
text/html 69.192.160.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-245.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1388
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Apr 2022 10:24:39 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 3F4A 0
91 B 44ms
38ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 08 Apr 2022 10:24:39 GMT
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9807 52 KB
17 KB 28ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 18193
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 08 Apr 2022 10:24:39 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 07 Apr 2022 05:21:24 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 3, 389939
X-Served-By: cache-lga21973-LGA, cache-hhn4036-HHN
X-Timer: S1649413480.735021,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 78C3 15 KB
6 KB 38ms
7ms Document
text/html 69.192.160.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.160.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-199.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.allsgpromo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=72328
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 08 Apr 2022 10:24:39 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 09 Apr 2022 06:30:07 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame C7E8 2 KB
3 KB 18ms
18ms Document
text/html 69.192.160.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.allsgpromo.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-245.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 09f7f477153e084e63b7358a23cf7f7e12ce89c55e124e8767abd074e5087d6e

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1716
Content-Type: text/html
Date: Fri, 08 Apr 2022 10:24:39 GMT
Dropped-Udsids: 241|230|39|45|65|46|73|26
Expires: Fri, 08 Apr 2022 10:24:39 GMT
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache
Vary: Is-Traffic-Usersync

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9807 0
735 B 34ms
34ms Script
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:39 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 656613aa-d110-4633-a807-10cc2b23374e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 78C3 3 KB
4 KB 15ms
14ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84657404&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e9c46d58343a80c129a905acf8ef264eda8857c1b9bb279084625fa39a7f6889

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET dcm
s.amazon-adsystem.com/ Frame C7E8 0
0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame C7E8 170 B
188 B 43ms
43ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.allsgpromo.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame C7E8 70 B
264 B 31ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.allsgpromo.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C7E8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YlANZtc5ecG1qqRyJTqAGwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHx9toTi79lDR0eXmZoDuAQ&google_cver=1&gdpr=1

43 B
999 B

19ms
18ms

Image
image/gif

69.192.160.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHx9toTi79lDR0eXmZoDuAQ&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.allsgpromo.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-245.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 08 Apr 2022 10:24:39 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHx9toTi79lDR0eXmZoDuAQ&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame C7E8
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1649499879&gdpr=1

43 B
315 B

38ms
11ms

Image
image/gif

69.192.160.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1649499879&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.allsgpromo.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-245.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 08 Apr 2022 10:24:39 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1649499879&gdpr=1
pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame C7E8 0
0 61ms
31ms Image
text/html 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.allsgpromo.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C7E8 43 B
987 B 36ms
35ms Image
image/gif 2a05:d018:d29:3601:4405:fc16:ad1d:f00e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.allsgpromo.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:4405:fc16:ad1d:f00e Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 200 /
sync.taboola.com/sg/indexscod/1/cm/ Frame C7E8 0
99 B 46ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YlANZtc5ecG1qqRyJTqAGwAA%261109
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.allsgpromo.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13633

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame C7E8 43 B
425 B 13ms
13ms Image
image/gif 69.192.160.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YlANZtc5ecG1qqRyJTqAGwAA%261109
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.allsgpromo.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-245.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 10:24:39 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2254
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 08 Apr 2022 11:02:13 GMT

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 1862 35 B
467 B 20ms
20ms Document
image/gif 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=B1141A52-9440-4D0D-8302-A5253DDF5731

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Fri, 08 Apr 2022 10:24:39 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2BF8
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2752972302389155323

42 B
210 B

16ms
16ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2752972302389155323
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 08 Apr 2022 10:24:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: amspug007:0:410

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2752972302389155323
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6A53
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2f806250-0d66-4400-93ec-4559660112c1&gdpr=0&gdpr_consent=

42 B
339 B

63ms
16ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2f806250-0d66-4400-93ec-4559660112c1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 08 Apr 2022 10:24:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug030:0:391

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 08 Apr 2022 10:24:39 GMT
Expires: Fri, 08 Apr 2022 10:24:38 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4335 2c68c00 master zrh-pixel-x30 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2f806250-0d66-4400-93ec-4559660112c1&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 2FE1 43 B
363 B 52ms
14ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 10:24:39 GMT
expires: Fri, 08 Apr 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 473661
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0EC1
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7084176945600657557

42 B
229 B

63ms
16ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7084176945600657557
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 08 Apr 2022 10:24:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug028:0:420

Redirect headers

Connection: keep-alive
Date: Fri, 08 Apr 2022 10:24:39 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7084176945600657557
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BFAF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlANZgAG4zwtmQA-&gdpr=0&gdpr_consent=

1 B
548 B

67ms
15ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlANZgAG4zwtmQA-&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Fri, 08 Apr 2022 10:24:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx
x-lat: lhrpug010:0:334

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Fri, 08 Apr 2022 10:24:39 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YlANZgAG4zwtmQA-&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4068-HHN
x-timer: S1649413480.819307,VS0,VE0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 78C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sRQaUpRATQ2DAqUlPd9XMQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

7ms
7ms

Image
text/html

69.192.160.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 69.192.160.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-199.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=72328
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Sat, 09 Apr 2022 06:30:07 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 78C3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2f806250-0d66-4400-93ec-4559660112c1

0
260 B

80ms
15ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2f806250-0d66-4400-93ec-4559660112c1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 08 Apr 2022 10:24:39 GMT
Server: MT3 4335 2c68c00 master zrh-pixel-x30 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2f806250-0d66-4400-93ec-4559660112c1
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 08 Apr 2022 10:24:38 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 78C3
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=B1141A52-9440-4D0D-8302-A5253DDF5731
https://spl.zeotap.com/?zdid=1332&zcluid=05ab061a5d6b969b
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e73d1edd-ef90-45d0-5ae4-764d8167d07b&reqId=6a34747e-f886-4d36-6ee1-384647c16cee&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESELheIIb5PqtuscadEYGs60I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e73d1edd-ef90-45d0-5ae4-764d8167d07b&reqId=6a34747e-f886-4d36-6ee1-384...

95 B
187 B

37ms
26ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESELheIIb5PqtuscadEYGs60I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e73d1edd-ef90-45d0-5ae4-764d8167d07b&reqId=6a34747e-f886-4d36-6ee1-384647c16cee&zcluid=05ab061a5d6b969b&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6f8a4b6a2af69c07-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESELheIIb5PqtuscadEYGs60I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=e73d1edd-ef90-45d0-5ae4-764d8167d07b&reqId=6a34747e-f886-4d36-6ee1-384647c16cee&zcluid=05ab061a5d6b969b&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 78C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjExNDFBNTItOTQ0MC00RDBELTgzMDItQTUyNTNEREY1NzMx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
188 B

25ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 03:13:56 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0028:0:514
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 78C3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDdU2iAezYSf0yYC2BHzleU&google_cver=1

42 B
438 B

24ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDdU2iAezYSf0yYC2BHzleU&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-store, no-cache, private
x-lat: amspug009:0:491
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDdU2iAezYSf0yYC2BHzleU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 78C3 43 B
409 B 17ms
13ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 07 Apr 2022 10:24:39 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 78C3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1566099439101202399

42 B
233 B

50ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1566099439101202399
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug027:0:602
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1566099439101202399
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 78C3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=83a2d2c7-4b8b-40d5-801c-1e95dd3105ce

42 B
292 B

16ms
15ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=83a2d2c7-4b8b-40d5-801c-1e95dd3105ce
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:557
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=83a2d2c7-4b8b-40d5-801c-1e95dd3105ce
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 78C3
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8967287953539117079&gdpr=0&gdpr_consent=

42 B
391 B

15ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8967287953539117079&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-store, no-cache, private
x-lat: amspug016:0:373
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:39 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f80c4195-71ab-43f7-ad02-f748b30d92cd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8967287953539117079&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 78C3
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=lCxQspJ6U7SPKlywlnxI4JAvUbqPfVe0kCauesAi

42 B
623 B

55ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=lCxQspJ6U7SPKlywlnxI4JAvUbqPfVe0kCauesAi
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 03:11:13 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0021:0:382
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=lCxQspJ6U7SPKlywlnxI4JAvUbqPfVe0kCauesAi
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 B1141A52-9440-4D0D-8302-A5253DDF5731
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 78C3 43 B
987 B 35ms
33ms Image
image/gif 2a05:d018:d29:3601:4405:fc16:ad1d:f00e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/B1141A52-9440-4D0D-8302-A5253DDF5731?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:4405:fc16:ad1d:f00e Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:39 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 78C3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B1141A52-9440-4D0D-8302-A5253DDF5731&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1U1wFe9E2uUfjCs_Unp.RnNS5xk2YPY-~A&gdpr=0&gdpr_consent=

0
48 B

47ms
15ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1U1wFe9E2uUfjCs_Unp.RnNS5xk2YPY-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:38 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1U1wFe9E2uUfjCs_Unp.RnNS5xk2YPY-~A&gdpr=0&gdpr_consent=
date: Fri, 08 Apr 2022 10:24:39 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 78C3
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://px.adhigh.net/p/cm/bsw?u=3933f39e-a207-47cd-a484-f33a661bc697&bidswitch_ssp_id=pubmatic
https://px.adhigh.net/p/cm/bsw?u=3933f39e-a207-47cd-a484-f33a661bc697&bidswitch_ssp_id=pubmatic&bounced=1
https://x.bidswitch.net/sync?dsp_id=9&user_id=6W86yAEpDHh.AikABlGACLReEQ&expires=30&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3933f39e-a207-47cd-a484-f33a661bc697&gdpr=&gdpr_consent=&gdpr_pd=

1 B
337 B

16ms
16ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3933f39e-a207-47cd-a484-f33a661bc697&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:40 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug024:0:560
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3933f39e-a207-47cd-a484-f33a661bc697&gdpr=&gdpr_consent=&gdpr_pd=
Date: Fri, 08 Apr 2022 10:24:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7401 42 B
64 B 81ms
81ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBntLQ1NuM0mHRbAymOzvSj-TnSH3NfZAs5dxx9SnxjY3zwu9s32HZYfs4d-Ni1-1pSY6wWHnLKrsiaLPdU1YUCCuXY1_Ks5O9FgNr2R9-kzidL2XlfQ&sai=AMfl-YQ9wBJnBToTFh2xi_TwG1BThdlLCzHQtQCGijzGapleRQwF58koRC8L5LeUBYqZbJf3IivQpnOuDlAM7uMHJqEpihMLepnz9d0NMSyKIMLUE2uNps2pxR_pjGf4&sig=Cg0ArKJSzFtGqUqK4_eIEAE&cid=CAASF-Rovbp695ImF8R0Yo0D23ZFlxXfbd3b&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,803,1000,1000,1000&tos=0,803,197,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649413478346&rpt=499&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 10:24:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9807 0
735 B 13ms
13ms Script
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 10:24:40 GMT
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 051d78df-bb26-4321-8a18-4b3b89dde63c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 78C3 0
128 B 22ms
15ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158497&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 10:24:41 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEFlLJe5ktwQKjz57NK97iNY&google_cver=1&google_push=AYg5qPL49qruLRxcXcAnkL1y3ZJQOArHDeZ7F9poL85xMyO7ts2M80c1PIyVEr-QtmyJxUzn732U_rv8AG-MRpODhriiBaDLfw

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4219474492435069871781

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent=

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1

Domain: sync.hgrtb.com
URL: https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7

Domain: usersync.getpublica.com
URL: https://usersync.getpublica.com/usermatch?provider=triplelift&TripleLiftID={$UID}

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD

Domain: rtb.adentifi.com
URL: https://rtb.adentifi.com/CookieSyncTripleLift&gdpr=1&gdpr_consent=

Domain: www.storygize.net
URL: https://www.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB

Verdicts & Comments Add Verdict or Comment

516 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

90 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 04:19:49	Name: sync Value: CgoIgAIQvbTRxYAwCgoIgQIQ17HRxYAwCgoIggIQvbTRxYAwCgoIhwIQ17HRxYAwCgkICRDXsdHFgDAKCQhJEOax0cWAMAoJCAsQ17HRxYAwCgoIiwIQnrbRxYAwCgoIjAIQ17HRxYAwCgoIjgEQ5rHRxYAwCgoIzgEQ5rHRxYAwCgkIDhCettHFgDAKCgiPAhC9tNHFgDAKCgiQAhCettHFgDAKCgiRAhDmsdHFgDAKCgiSAhDmsdHFgDAKCgiUAhDmsdHFgDAKCgiVAhCettHFgDAKCgjWARDmsdHFgDAKCgiWAhC9tNHFgDAKCgiaARCettHFgDAKCQgbEOax0cWAMAoKCJ0CEJ620cWAMAoKCN4BEL200cWAMAoJCF8Q17HRxYAwCgkIHxDmsdHFgDAKCgihARDXsdHFgDAKCgjiARDXsdHFgDAKCgiiAhC9tNHFgDAKCgjjARC9tNHFgDAKCQgkEJ620cWAMAoKCOYBENex0cWAMAoKCOcBEL200cWAMAoJCHMQvbTRxYAwCgoIuAEQnrbRxYAwCgkIORDmsdHFgDAKCQg6ENex0cWAMAoKCPsBEJ620cWAMAoKCP8BEL200cWAMAoJCD8QnrbRxYAw
www.kfc.com.sg/	1970-01-20 02:20:18	Name: AWSALBCORS Value: yVQt2u4l1cUtb72GXU/CqieFjnepYIzPaMDr98x3pwF3daic/bClJlIzCA5gy/lYoJtj8eU9regQZbxfyKa2/DFQS6zYPXk7z8prwuvQXUTapbvif/yULTTTXqTb
.allsgpromo.com/	1970-01-20 04:19:49	Name: _fbp Value: fb.1.1649413475755.1800957598
www.allsgpromo.com/	1970-01-20 02:53:25	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.allsgpromo.com/	1970-01-20 11:31:49	Name: cto_bidid Value: ww8FYV9tSHAxdThWNXN6bCUyQkQybnNWbUlUbmRHb0dVTEk0d0l3WmJpRU16Zm4xMDhPJTJGWkplJTJGMEMxcm0yUWRxWVFkUjhsTElQbyUyQkElMkJHJTJCaUM1OXpXYzNDQzlFZyUzRCUzRA
www.allsgpromo.com/	1970-01-20 11:31:49	Name: cto_bundle Value: 57TvIl9WNHA2YXBGOURBVFh0SmVTN0QxSEowVnp5ajB4SHVtb01ROFc4SGlONSUyQjdUQXZ2NVY1U050eXdabnRJMDhlT1dhc2FsaFNPb3JpQkpKQUhGRUo0UFB6clJCb2xVQlllcEI5RUc5cm53ZHJ6TDd2UjJGaWU5VkdHRnFXdk0wVzdS
.allsgpromo.com/	1970-01-20 19:41:25	Name: _ga_2Z5XGZ7663 Value: GS1.1.1649413477.1.0.1649413477.0
.allsgpromo.com/	1970-01-20 19:41:25	Name: _ga Value: GA1.2.423034769.1649413477
.allsgpromo.com/	1970-01-20 02:11:39	Name: _gid Value: GA1.2.642199782.1649413477
.allsgpromo.com/	1970-01-20 02:10:13	Name: _gat_gtag_UA_167532065_1 Value: 1
.3lift.com/	1970-01-20 04:19:49	Name: tluid Value: 4219474492435069871781
.quantserve.com/	1970-01-20 11:40:27	Name: mc Value: 62500d66-4924b-b2148-c2628
.casalemedia.com/	1970-01-20 10:55:49	Name: CMID Value: YlANZtc5ecG1qqRyJTqAGwAA
.casalemedia.com/	1970-01-20 04:19:49	Name: CMPS Value: 3276
.blismedia.com/	1970-01-20 10:55:53	Name: b Value: 62500D66EC068ED6E0B72419BLIS
.casalemedia.com/	1970-01-20 04:19:49	Name: CMPRO Value: 1109
.adfarm1.adition.com/	1970-01-20 04:19:49	Name: UserID1 Value: 7084176945600657557
.simpli.fi/	1970-01-20 10:57:15	Name: suid Value: C3BBD50E7BAA4CC084B3C22342CD6624
.adform.net/	1970-01-20 02:53:25	Name: C Value: 1
.adform.net/	1970-01-20 03:36:37	Name: uid Value: 1566099439101202399
.w55c.net/	1970-01-20 11:39:01	Name: wfivefivec Value: odET4GZ41NCLNc5
.bidswitch.net/	1970-01-20 10:55:49	Name: tuuid Value: 3933f39e-a207-47cd-a484-f33a661bc697
.bidswitch.net/	1970-01-20 10:55:49	Name: c Value: 1649413478
.bidswitch.net/	1970-01-20 10:55:49	Name: tuuid_lu Value: 1649413478
.w55c.net/	1970-01-20 02:53:25	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-20 10:56:11	Name: A3 Value: d=AQABBGYNUGICEJhuR6eHea_PtErhuk-eWBIFEgEBAQFeUWJZYgAAAAAA_eMAAA&S=AQAAAtA6MkjDR3-c_vIoHGItrdI
.pubmatic.com/	1970-01-20 04:19:49	Name: KADUSERCOOKIE Value: B1141A52-9440-4D0D-8302-A5253DDF5731
.bidswitch.net/	1970-01-20 02:10:13	Name: google_push Value: AYg5qPKAqscy65gosVLwByCDw99xm1EXMtzIxxvVoAtbjsq78r-_f9vqTCOG6lIzrrQ_rfUCK9pIevTsmrXb1s5TVoV-7VvykH9F
.turn.com/	1970-01-20 06:29:25	Name: uid Value: 2817430926646925320
.adnxs.com/	1970-01-20 04:19:49	Name: uuid2 Value: 8967287953539117079
.mathtag.com/	1970-01-20 11:36:08	Name: uuid Value: 2f806250-0d66-4400-93ec-4559660112c1
.bing.com/	1970-01-20 11:31:49	Name: MUID Value: 1A7187EE4BC9645D288F966E4A1B6537
.everesttech.net/	1970-01-20 10:55:49	Name: everest_g_v2 Value: g_surferid~YlANZgAG4zwtmQA-
.doubleclick.net/	1970-01-20 11:31:49	Name: IDE Value: AHWqTUkqmcy8ZLcphAvY-jPZXJusGZ_d4FrNyScGmTYejiGDQfxK97L6LHfauTXZ3z8
.agkn.com/	1970-01-20 10:55:49	Name: ab Value: 0001%3AoBvQCw8k65opqvWhGn0QbNRksQarbSaf
.agkn.com/	1970-01-20 10:55:49	Name: u Value: C\|0CEAp4snmKeLJ5gAAAAAAAQ13AQCAAQpAAAAAAA
.allsgpromo.com/	1970-01-20 11:31:49	Name: __gads Value: ID=a6975e9cbe2fd797:T=1649413477:S=ALNI_MZAPuyLFaBK4AQJZYnPH47dOjDyZQ
.mfadsrvr.com/	1970-01-20 19:41:25	Name: c Value: 1649413478
.mfadsrvr.com/	1970-01-20 19:41:25	Name: tuuid_lu Value: 1649413478
.mfadsrvr.com/	1970-01-20 19:41:25	Name: tuuid Value: 02dc9b05-8f6a-45c2-bc9a-90660d99cd5c
.bidr.io/	1970-01-20 11:38:47	Name: bitoIsSecure Value: ok
.bidr.io/	1970-01-20 11:38:47	Name: bito Value: AABpgE7EoBsAADWG_-LNRg
.innovid.com/	1970-01-20 04:19:49	Name: uuid Value: 7b686634-291e-469d-a3e2-d183781e70e1-20220408 06:24:38
.mfadsrvr.com/	1970-01-20 19:41:25	Name: ssh Value: !triplelift,1649413478
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:42:07	Name: bcookie Value: "v=2&74c4247b-63f9-4a87-805a-37dafaab3af5"
.linkedin.com/	1970-01-20 19:37:52	Name: li_gc Value: MTswOzE2NDk0MTM0Nzg7MjswMjGoXGJzee+3WQg7WE1P5kF+jdXfOljOri1MseUpofJO8A==
.linkedin.com/	1970-01-20 02:11:39	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2280:u=1:x=1:i=1649413478:t=1649499878:v=2:sig=AQHzWfwIWhVuRJuw6h2cQZKeGM6PvCP8"
.travelaudience.com/	1970-01-20 11:39:01	Name: _tracker Value: %7B%22UUID%22%3A%2213A26ECB-68B6-4539-A88D-70DB35922ADD%22%7D
.doubleclick.net/	1970-01-20 02:10:17	Name: DSID Value: NO_DATA
.w55c.net/	1970-01-20 02:53:25	Name: matchtriplelift Value: 5
.mathtag.com/	1970-01-20 02:53:25	Name: mt_mop Value: 4:1649413478
.acuityplatform.com/	1970-01-20 10:55:49	Name: auid Value: 661867446894
.acuityplatform.com/	1970-01-20 10:55:49	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjP6jXVzZXJNYXRjaGluZ0lkJK6RbGFzdERyb3BUaW1lTWlsbGlzJQFAAhZGD7aYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBQAIWRg+2j3RoaXJkUGFydHlVc2VySWRVNDIxOTQ3NDQ5MjQzNTA2OTg3MTc4Mfv7hnZlcnNpb27C+w=="
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 4bcf9be0c7a6adac
.creativecdn.com/	1970-01-20 10:55:49	Name: u Value: EBpP5WFsaY1LqQ1Tyhpy
.creativecdn.com/	1970-01-20 10:55:49	Name: ts Value: 1649413479
.tribalfusion.com/	1970-01-20 04:19:49	Name: ANON_ID Value: a3nseFM0inh9PBmSUT9CCtZc7vZdP1Xslj42XsohLGtKbYFdWh4VWaEMOvqS8DcivxOxqPl0ysfvVxAIZcLTjZcY
.casalemedia.com/	1970-01-20 02:11:39	Name: CMST Value: YlANZmJQDWcA
.pubmatic.com/	1970-01-20 04:19:49	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 02:11:39	Name: pi Value: 158497:3
.pubmatic.com/	1970-01-20 04:19:49	Name: DPSync3 Value: 1650585600%3A197_219_201%7C1649462400%3A174
.pubmatic.com/	1970-01-20 04:19:49	Name: SyncRTB3 Value: 1650672000%3A35%7C1650585600%3A3_71_54_22_161_7_8_220_21_13_56%7C1650240000%3A63%7C1649980800%3A223%7C1651968000%3A203
.quantserve.com/	1970-01-20 04:19:49	Name: d Value: EDwBFQHtJYEO-TDr34MA
.adsrvr.org/	1970-01-20 10:55:49	Name: TDID Value: 83a2d2c7-4b8b-40d5-801c-1e95dd3105ce
.analytics.yahoo.com/	1970-01-20 10:55:49	Name: IDSYNC Value: 18z8~247m
.onaudience.com/	1970-01-20 10:55:49	Name: cookie Value: 05ab061a5d6b969b
.onaudience.com/	1970-01-20 02:11:39	Name: done_redirects219 Value: 1
.adsrvr.org/	1970-01-20 10:55:49	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwjWiNzYgNXMOhAFGAUgASgCMgsIrpa9hZfVzDoQBTgB
.pubmatic.com/	1970-01-20 02:53:25	Name: KRTBCOOKIE_153 Value: 1923-lCxQspJ6U7SPKlywlnxI4JAvUbqPfVe0kCauesAi&KRTB&19420-lCxQspJ6U7SPKlywlnxI4JAvUbqPfVe0kCauesAi&KRTB&22979-lCxQspJ6U7SPKlywlnxI4JAvUbqPfVe0kCauesAi
.pubmatic.com/	1970-01-20 04:19:49	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 02:53:25	Name: KRTBCOOKIE_80 Value: 22987-CAESEDdU2iAezYSf0yYC2BHzleU&KRTB&16514-CAESEDdU2iAezYSf0yYC2BHzleU&KRTB&23025-CAESEDdU2iAezYSf0yYC2BHzleU
.pubmatic.com/	1970-01-20 02:53:25	Name: KRTBCOOKIE_57 Value: 22776-8967287953539117079&KRTB&23339-8967287953539117079
.pubmatic.com/	1970-01-20 02:53:25	Name: KRTBCOOKIE_218 Value: 4056-YlANZgAG4zwtmQA-&KRTB&22978-YlANZgAG4zwtmQA-&KRTB&23194-YlANZgAG4zwtmQA-&KRTB&23209-YlANZgAG4zwtmQA-
.pubmatic.com/	1970-01-20 02:53:25	Name: KRTBCOOKIE_1101 Value: 23040-7084176945600657557
.pubmatic.com/	1970-01-20 02:53:25	Name: KRTBCOOKIE_27 Value: 16735-uid:2f806250-0d66-4400-93ec-4559660112c1&KRTB&16736-uid:2f806250-0d66-4400-93ec-4559660112c1&KRTB&23019-uid:2f806250-0d66-4400-93ec-4559660112c1&KRTB&23208-uid:2f806250-0d66-4400-93ec-4559660112c1
.pubmatic.com/	1970-01-20 02:53:25	Name: KRTBCOOKIE_391 Value: 22924-1566099439101202399&KRTB&23263-1566099439101202399
.casalemedia.com/	1970-01-20 10:55:49	Name: CMRUM3 Value: 2762500d670b40&4162500d6705a0&2e62500d6705a0&e662500d672760&1a62500d6705a0&4962500d6705a0&f162500d6705a0&2d62500d672760CAESEHx9toTi79lDR0eXmZoDuAQ
.pubmatic.com/	1970-01-20 02:53:25	Name: KRTBCOOKIE_377 Value: 6810-83a2d2c7-4b8b-40d5-801c-1e95dd3105ce&KRTB&22918-83a2d2c7-4b8b-40d5-801c-1e95dd3105ce&KRTB&23031-83a2d2c7-4b8b-40d5-801c-1e95dd3105ce
.de17a.com/	1970-01-20 10:48:37	Name: guid2 Value: 1.2752972302389155323
.realestate.com.au/	1970-01-25 20:29:45	Name: mid Value: 14200306853079955
.pubmatic.com/	1970-01-20 02:53:25	Name: KRTBCOOKIE_336 Value: 5844-2752972302389155323
.zeotap.com/	1970-01-20 10:55:49	Name: zc Value: e73d1edd-ef90-45d0-5ae4-764d8167d07b
.zeotap.com/	1970-01-20 02:11:39	Name: zsc Value: %CDSI%B7%1B3%9E%EF%07%172%DF%BB%DAT%12%B3%D8%98U%24%87%08%B8m%CF%BD%7B%FC%85%2Bhs%7F%F8%2F%E6%F1%02%C9W%9C%E0%D5dz%9E%A5%A8+%F6EC%EC%C9%94%15%8Ejp%F1%C7%3D6X%C7%06%9D%E2x%2F%FD%1F%3DE%E7%BE%0Fk%D7%BB%D11
.adhigh.net/	1970-01-20 10:55:49	Name: gi_u Value: 6W86yAEpDHh.AikABlGACLReEQ
.adhigh.net/	1970-01-20 10:55:49	Name: bsw_sync Value: jkl
.pubmatic.com/	1970-01-20 02:53:25	Name: KRTBCOOKIE_466 Value: 16530-3933f39e-a207-47cd-a484-f33a661bc697
.pubmatic.com/	1970-01-20 02:53:25	Name: PugT Value: 1649413480
.realestate.com.au/	1970-01-20 10:55:49	Name: External Value: %2FTRIPLELIFT%3D4219474492435069871781%2F_EXP%3D1680949479%2F_exp%3D1680949480
.pubmatic.com/	1970-01-20 02:53:25	Name: SPugT Value: 1649413481

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/(Line 5) Message: <link rel=preload> has an invalid `href` value
network	error	URL: https://www.allsgpromo.com/wp-content/themes/Newspaper-child/js/my-script.js?ver=1.0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/(Line 4) Message: A preload for 'https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7357824870962864' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20220406/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16904606310113557412/DAH_728x90_Hamburg/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network	error	URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=4219474492435069871781 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=4219474492435069871781 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=4219474492435069871781 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=4219474492435069871781 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://c1.adform.net/serving/cookie/match?party=1245&gdpr=1&gdpr_consent= Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://www.allsgpromo.com/kfc-promo-menu-delivery/ Message: The resource https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7357824870962864 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEPiCjMf1SIx9inb10Jr4TdA&google_push=AYg5qPKG9Bba_91ZtSRQVjAZlA2AgTFA5GYPUbqn_7giR4UBmFt76hHnCIP8yeOX1IJ6Y2pOPYih0ahPDO6n-Lpjtj2bdW4ttA&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIBkSNWfZK6DLFacksCmTcI&google_push=AYg5qPL4AeIoSvn8I9TuHJEFzPCvU5TkFoobBPwwNdlnetMZbURLR0jrYPr7gdbcbnso-HBu97XuYDhYop9bmoaidhLUtB6ciNUt&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlANZtc5ecG1qqRyJTqAGwAABFUAAAAB&google_gid=CAESEIAXJ8tdHUJJY6yHSVFTgJg&google_push=AYg5qPJ_f_IFQ8tu7A5LJfJjiemR40JiBxxL0FjOM_GZhkVk8XeiJF6AQaz-isrsxcr5hKruhxqYKdp3Owq_rCQBgozjlJxq8mE&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLyY1QBTC39Bs9-9c5OHJHNhh5BevvOrgFjnxCHwZbniPPHzPOoItuHU28dgFmNzsU2nGJ01VL1T3qZcve59CuKWFNe8NQD Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3bb94e96a08a48369511773e5fda49cf.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
adasia-d.openx.net
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ag.innovid.com
anymind360.com
b1sync.zemanta.com
b1t-eudc1.zemanta.com
bh.contextweb.com
bid.g.doubleclick.net
bttrack.com
buttons-config.sharethis.com
c.bing.com
c1.adform.net
casale-match.dotomi.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
count-server.sharethis.com
csi.gstatic.com
csync.loopme.me
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
google2waycm.netmng.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.3lift.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
kfcdelivery.com.sg
l.sharethis.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.everesttech.net
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
platform-api.sharethis.com
platform-cdn.sharethis.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prg.smartadserver.com
px.adhigh.net
px.ads.linkedin.com
r4---sn-5hnekn7l.c.2mdn.net
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sasinator.realestate.com.au
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.hgrtb.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
tlx.3lift.com
tpc.googlesyndication.com
tr.blismedia.com
triplelift-match.dotomi.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us.creativecdn.com
usersync.getpublica.com
widgets.zemanta.com
www.allsgpromo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.kfc.com.sg
www.storygize.net
x.bidswitch.net
zem.outbrainimg.com
cm.g.doubleclick.net
google2waycm.netmng.com
rtb.adentifi.com
s.amazon-adsystem.com
sync.hgrtb.com
sync.ipredictive.com
sync.srv.stackadapt.com
usersync.getpublica.com
www.storygize.net
13.248.245.213
141.226.228.48
142.250.184.194
142.250.185.162
143.204.98.115
143.204.98.52
143.204.98.73
151.101.114.132
151.101.130.132
151.101.193.108
151.101.66.49
154.59.122.79
169.197.150.8
169.50.137.184
178.162.133.149
178.250.2.146
178.250.2.151
185.184.10.30
185.29.132.245
185.33.220.244
185.33.223.38
185.64.189.110
185.64.189.112
185.64.190.80
192.132.33.46
193.232.150.43
198.148.27.139
198.47.127.19
198.47.127.20
2001:678:cb4:bbbb::11
213.155.156.184
213.19.147.44
213.227.153.223
23.32.59.34
23.88.75.186
2600:9000:2038:7c00:1d:85c3:6640:93a1
2600:9000:2156:7e00:c:abe:f440:93a1
2600:9000:2156:8400:1b:5138:8a40:93a1
2606:4700:10::6816:1857
2606:4700:20::681a:8a9
2606:4700::6812:c05
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:22::14
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:803::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2016
2a00:1450:400c:c0b::9b
2a00:1450:400e:a::9
2a00:1450:4017:80b::2003
2a02:2638::1c
2a02:fa8:8806:16::1400
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:600::645
2a05:d018:d29:3601:4405:fc16:ad1d:f00e
2a05:d01c:1d8:8100:8701:aae2:1118:ca9
2a06:98c1:3121::7
3.121.30.106
3.122.208.3
3.123.205.63
3.126.56.137
3.126.87.72
3.127.31.227
3.33.220.150
34.246.234.200
34.96.105.8
34.98.64.218
35.186.253.211
35.190.0.66
35.213.176.211
37.157.6.242
51.210.112.63
52.29.167.104
52.77.9.191
52.94.223.167
54.155.81.83
54.206.226.14
54.216.37.155
64.202.112.159
66.102.1.154
66.155.71.149
69.173.144.165
69.192.160.199
69.192.160.245
81.17.55.99
85.114.159.118
018c5610d7770f398e198fc787bba85a18a8fbdedb95aa64c3766d610436a9b9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
073351c657bbb62703d3e79b437eb5b7c7a647b2293edd2caab7e7016f3d91fa
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
09f7f477153e084e63b7358a23cf7f7e12ce89c55e124e8767abd074e5087d6e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f8bfec79bef0a7e60cea9a19a496e8c6be6f83ab1433f20a46c7248f48d7860
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1130932ff6d124e7c198d0d38828babe0acc71dc581fc7eb8ac6928e0a98e833
114b59212bd82e0ad5cd21a7c390c4c8a0c96eddbb64e1d98b232319a4580c5d
12c3578c27da2c762273ea03ff88dcf3c87b6203a543273a72e99a43dfb33b79
15f5cf87217c09015273a80344bb19564689373d94af3e4e83700710420a5d84
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a333f48c0f960672f275d26f855262b88b8c6ddaa189e2f975616ef525c2600
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
1d0c242e40e62548f73ad41c48c1e8cb77a89e594c22a20496a66827584d468b
1dd0662413a706f1557f13391648f54cf04c0728bca7054c5bab67daee5796e5
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2031851ae8d54c8de1aad8605596997201dfd6b27fdc0c36464ba25ffcd4c2c2
20c4bb51eb6ef09479e9ca86e447630ae7be53d0565c996776338feffd36d4b6
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
215ad0c70556c67a1466be322992ea25c2285da98e93253ff5a38febe0d57a09
21b6380085b7872383aa47f365d2b919a2c2f1367e5f9d310e8e7c715e842cf1
2220d9b068b7b80b7f4be1e1f9c6fd70792ab4f3ee0df6034cafe7071f0c263e
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
2321264d58ba338457f68a31ce45a1bee00b682e1762d7a148fe852090178f03
23779ca3450704884e8ebec4e87ae1821456ab54961ae8de5d28b33201767c76
24aad7c9688903f80f6b22c21a1c417f0dcc99de20b7eff833db9af5b43b0476
2912611f80b2d3d6d6fb3129005efca9959f7851f57868bc36028ed4e304e9ae
2aaf4834790d845b983715189694e17e3adb575974630bfc83e79ef616ac55b0
2ae24e28cba41dfa0432235bc4d7baf09dd9395cf9773436556cb206ffe04584
2da9c835e375178d8bfaec2335e8f15c5563179dcb2f8114a2e1a2f0b6d3bef8
2dee22a319ee6dc63a27b7bff3a646be3cf58512010b30cb3dd693109f045c51
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
2fd84359cf364d24241132c68c1129ccee8214f2352c916e5f8fab6bbd7795bb
30e7a5e36892cb2b68c26ff4e8352b1106707bd9e589fb07729ef7107539a287
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
336ceb4b8840ce4e45e3f6475c3f16decdbba02ce25fdd54c184db2f39f0e371
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
348315c4386b4a1ee64b946aea378166d8cc348210321fdbb6d19dccb89f14db
351c770059b67522894025a987727eb0b98ed9f8b58f2757dd68086f5e82abbd
35a5cb2b1cac98c6c1b0f5fd601f48d4511533f383310a84c90da166a080bd6e
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36dc02496a0b56bba80de68710f1a070f9e1b5e3bfa9884648c4a4ab22f5aa01
37569d024102d3b4fe238db257d1df719764726a86692aca7168bd92c9393d6f
38a87059d0aabe17ea975569e0c2f1c02918a3ab8e9aa6e2b1c7045b3cddf7d9
3a6cc40ffcf687ad5644518311b11f07b2780278f14ee90f34daca8177f99332
3aaa4a2fd868afee5db9268e5ee173ccaf70906fe21b276196e3e338f20cf37a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c120a2893e28999493141f3aadaae814833818ac498a09cd6de874763d70d49
3cef8b381fff72ad59cd4dbb5752a71f9e4b600a5e84d1788416e1bcdbc695b1
3d0c4c0e977da398ee0bacdf66095b167cce4540db78fa4b482a1d7322d25add
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fd383de2396c56e58e7ca6886438f66b07201f680485783b5794180bafc9e6a
4007f2f1679d321eb40023d03d99d30899145bfd402fc7be5abdd50ad41f4035
401ae8992f4231d8b0c3d056aa8f1a8f4fbf9e500845c2676a95ced2f963d9b8
414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8
41ab23a1587790795ac5fdf093aae7652818d606b97ab2b932a5f773712ccf7a
420a4aae942bf5f8f03c42cec8b89719e652649a61d84050223a2f03aaaef12f
429e67c8702087ee430a8b685c8b1832f2fb949d507a572ab1a871695602d630
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49adad57c43159e3b07daf3f0ae19e1f31d973bc3859ec4dcb647784f0677736
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e07ac69c769c8e081772b87b5f88a134ff6239c33fd4d9e230da69d87375665
4e1f46ab25e5766c609ee647af355f0ef58027337739daaa9b3f28ac160b1114
4e9ff60e99eb7a8a449158073b0cb20b5227d53cd609d1488375ce41aed57649
4ee2291678cb55e4094932bb056d6a4f638f5652db173d0aa9f0806ad4b9fb3c
4f6190530649973d19d29d4949a6e56f25df9aefe200708f21f9072b32eceb07
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
51059ba2306358a4dbc6e0745206a20e73b1dcaa2f17b92a9ab6009d769889a1
5305e5358afc5f5129d897773d195b044ef43f74e72634fef9410ef3c8da1c4c
5381893b44bf25c349f6a4d6d6f7bd95be16f9d3b01957fc6b1809bc5546a3a0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57e54599510ae1c24c8a478da234ca0f0b8808228413314bfff6e41496554339
5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005
584d26291be42d438b2e2cf8ea247e846c3510b34ab050a84483839d4524ebcf
584fb88735c7d0b1c591c56b4e2752aefed84e512a86b5484c2147979825926b
586bf973746401af1109df3611b0b831395b7277f2ba8ee6994e7a33f9bcab4f
58b1924ca507c3b572c2f846a2371d56a8afefa27d8822e4e9f99980e3d08286
58df9f91ae65959c67532063ed408e763cf53cb5d8c71ab8398526b0511aa319
5a4934fe889bc2f975cd69f0c35adc72107079ef0d36a139fa141b5219e0e6b0
5a68049e5184cc74b95460fe324b8dc079af40854352b4b46154fa75cbd450a2
5ac881f7d109972f86ca68dc4cfd626518a7ce22cc7ebb96603997a2eaede676
5b493a90c8877e5f44d67865eff827b7d885dc70385a21fbfbf3ff79393ff76a
5b92e70ed1161211c9c9164b687868ecf8c468228e6206dd411a8ff3279dab00
5c555d3ea105d46af61cdfba31aef06c96b928cb93022555c7cc2e1b295aaff0
5c6fdab80cb86a279695dccc226a1fac50e2c922bea70242edaa28f52b7bad2d
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5d8d788591d0c68b4091d69b90c669bd61443807329363f052dba3b56e4cb996
5dc864af587c997738a2ce74710ba4276cd281b1b9a3724140b90aee7a2f969b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f15f4fd8772df9f8469e085c9dcec9ac2b070009ca290d447898bf5400c4021
6128f352d7f2a159a7907f65da647c78bb3fdd190cdb7b15cae1c571631201af
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d4c22f7fcdc4e758f13a853ea37a188eb3c4829989e592dba94e62fd10d8e9
645109c82e27a1e5b9fb571dc308b0a3c8d652e2208fa55b7a3ecb48997c2f93
6534b0c6765263da1df9c4a4935e353e6e58943768766f9ea2742258f1034613
6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c
6830af53332b9acfc76d6ebbfffd778f4f2475091c283d343219152c2dbf79a8
6884c73e2220dd8fdef43d5e2456a3c5b563a17dede4026eab900536ae06a62b
68ce15c2549626507c8bf48d33e32b24a74a22739520ac696c61e8321e27bded
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c631d9cfbfae4d008be9878ccfbc516dee2dd812828035af2dcfcbed930ee08
6d6ab7a74c1a31174748a0d2bf5cee7b4c29fd2b4568a2fee228a54f572ea1d8
6e981afb38958cbf08f946f4824e8ccf35b39cad3db4c572bda8e36016ebb1f4
70d4778cb2a14b67e556546e2c08d1fade3afc1e4a5a5847a5d815002298e201
71568078dff6e78c47f7990f34955b5ad9a965daca0adc5416a6864dbf8cf1bf
71694d8ed80c586236db505697b3e29535c6bcefbb7b1ce3880e5c4bd5349227
73c73a78933604fd0b0166bd30d9ddd5df2eb4ea29ad66b6fe959e6a2efd18c9
740aa471be292bd80ba5df1a74906025ff4609ac072cd7e61a49e0b85df74377
740ea8dbc2d30e8c268b9728a6e4dbe9a8f6283da8e129f8decc28a2cb707341
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
784140381e8ee53723ce52eb600797f90adbbd5ce54b2ac80b91bf3c73f49856
7aa26d93d44c86b5ab2153d300620aa53e709f699eaa277a15d78736557cd42c
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
7c169a3333ef374ec234430a492559e559a22f88ec7c4f6253d84a57f7055ef1
7c2fb2aac4d50aa268a1fc2720d9188d3fdf0086d7581c9da6700598f85fa7ac
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7ccae7849835d007c7669c6f870e6121d80cd03eca435a254a6aa7372cb249d8
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099
8322cb64ca9df809767967bca15f86f0f4dce327cb843608db4fd0d8a2fbfb19
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
8728583f0c6e5400cc724ed7932c6f6bfb4a94c5cc9f586d6b2d459c4e569c8a
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bddafba43cb3625fa505fe970604fcd060b279975397426db98d091b4db2997
8bdf772d9fc521b1bac964b3e1287466cc5e6497f058ef97112f9a17b2591dfb
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f7894603292731a56692b1348b0b39871cdf248aa9f5b6a4c00e7de41f1a668
902e46e0abe58f5a9fec9f42c37b4426a907361062125af3e82a54ada10607df
92c2a28ee3c5aa3e01481f2db83ec156421bf9f729fd8803c12b5c6f2d275e25
9304ce5a99f364804781837f5cf100e52467b63de15323b805707ad4c55b2468
938f284e01a1deaf4f9840c88c4aa8d9cfa5f6f20018de59cec2f749a7efd3aa
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98fd5b6db882e56e099d4ca1a9941b348fcb6e6cf7a32b913bb98b447c727918
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a5d04f74cf2a5ac395114c141150def9ea2ec79fa5b06febc02cb396d2c88f7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4ed13bfe6e05b6340281394abe265105b1eb916ab1e53e604352525305f7c2
9dfc0ff8819b5be0a6d761a97741ef4a6a92046c96e4cde9fa926320ad2d1fad
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2ae7618c82d691f1be5f93fed7fcb3260796a844220ecbd230f6787e823a635
a3aa51c451dbade6e3969f96817616aeb5642327b44a1b779d60b7fec4e2aa0e
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a42cf1b6ad4a91f0e87cee1b2a1ded7aedf6078711908425e238dc2bb2929764
a498ff47f6c195c0c24239351e085785c76013a34e79e141b0944d60990aa5d1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5a7b426e6216fc4c9c99a1d1cc009bcb14dba64016197de419f5bb445b80b66
a5f70e90e97e6ac1952a1a116dba485b468fa98dca2977853768a946227c7bc0
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a724edf426a0474a486cbe90b5c61562fc56252b00ec524681fab68e17c92800
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8082bbe9151c82282f64f54885639d4887287345a1fd790e7a6be7ed3d205ef
aa6c46abfebdec844846d8e644e7fe0879476d71b931cc3ce09e489f9f327af7
aa7b159c9534ad3f612a6988bd7e39010f3c6fd0240ede7791b08b7a42df5467
aa812c159057599e703484c762b9f385db5e5dc30ee5d71a0a05fbd88a1a97fb
aad69cf5d08b51636277b46c0e2833cab2daf135684fccb873072b3c1176a3c8
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
af5bc7fd6a48854ff031f84585f3130e6d74461d9919fed97843ddb4f393481c
b0e5db0b9fa7b6efeb6150a93b3392913452a0ce99faf8ad5c781d5778626dc5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b268380c7810c5baa3f7e153c7f8153101f965ae8e2ae0d7c67cfa04feedaa43
b270053614364ea0bd75315fc1dae765cbcb054fb886298b187170f391ccec5d
b357d236ad199cd742e1289b24fea42ee1bc40480269c13de8de675556c004ca
b48de5b82cafd0efcd96c16f18c6d69d090cc163192f4f8130b2cd97c35e2445
b5c315ac0e20cd6fa803c642d705216f1db2b775a01d39659ad94357777b64c5
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcd487d7308145c275b6d459f8a3f5daa0271d1d4a71a23bf1401411fafd44d2
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c2598c10349c4efd26f21a74b9fa3258103b6161e701c8f6a21bde1bcdc61441
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c445fe3ef86a23e2c2c3b7843dd782b26bc7e98f8dc72ba18f1c24611cc743b2
c61289dd92e84fc4aacea5e4d2e16fa09aae064d4051bb8cda0ee8906315a6bb
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
c850a2621740716cc4a32fc0f6dfcf28ea75caaa0f3581ecf2d5a8476f453865
c8f452a67982ee40951db3f91c960684568202756b3a36038528e1abb1a913f5
c9332b9320be6c80c3b29a66781aebe0fd6638f661a5502b06056658c5c84180
c953f80cf0bb98945638528f71bafd7e837aac873b241533013b5170535e78fd
cb6554b04a2e5178a3e18dde21b1bb72e0aa5f87aac9cb567844a4fda5990847
cbab134b40516c3b82fcf4ff38e672ffcce14dae999c1df5fe9413c579c3ad07
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa1a73d576567d700fe962e1986080ae825a18a3fa0dc7b719f5b2aad1f760e
cfa956b9f39aec424ed6f9411c71da1f9fbd0c77e4cdccd9089d394a1877d866
d0788c325fb064269e221a854cd4278e54a36a8cdca7df0813089af92a2438b2
d1a321dcc98ee1a0c7a7d260d62d09ea99a618c8f5cfee90fcfc005633980e16
d281c3057af206c0a210770246ef115057cd21081778be6229fd85f4a99d18bb
d300e2428989ba1e2f9efdba0f735895105c2865ab2391d925821a41851c61cd
d5331191a8f894ed182765bed6531dc63e26cb0b1a7a0ad3e43e591e1e199c7d
d57ce93904c06952349358d4c27cab9027d7483d47460e3116ab6229b4050e1f
d7489db91d3309740ceec2578f7c0e50e1d86c984929dfdff479ac972b602d61
d85be025a12bbb9bc1b3070e776389404bc1fed2b43fed80aa6d21a0f340d46f
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dccefb67a62757e50de964e41b94e0631da84ca51e0938d79a9ca2a163f01ad6
de23a7d9aa6e5616a85b17c9390419d6e5ad1ca9c4ca8eb6bd2b246dc57b8dd2
de2c2318c4228f5ccad90c119d3c110623844e92aec0a7f571f77b743c1fc3f2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deee21662411ee0483dd9460a51ddeaffeee830b5a7898fb2ed9d5963e400a20
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e1db913e4389546952fdd6c292443d0464d35e3d2ad3402ba43ae5923a9b6ad7
e1fee231abf6a39eb4a85259dddecdc27fa7b96f5b876757bd3e637c940d9538
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f75cb7f9867b899f72a8928d6d09cb17afbc0cbda8288ddc451b0e04c427bf
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e5dd8d235814a55fe2ac924486fd0e6f21fe48d6c9625dd0ce3ea2e4d2a31ae1
e5fc28a845d8b8a279c9c867cb86cee52b6ddf9df67f91b0c6a15513848fdb29
e5fe386bd2a4a1010a690c8eeb03051b34ddeb014e7c550d10cdc3e67ed3e5c6
e803674adb4f7b8879ce8460300522bcd93a44aca78d979e416a145d45caf4dd
e828a7232d1ec5c6399eb7f6f4beb5e9210d4468a60ee34a16e7f06278c87caf
e831842d5c91b2d38de0b98f14031e00e3f56da5b74ea49d5823b9c726f7bbdb
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e959dd8ec932148a2df2bc3f2d63d9fe02104910a31ed6dab421e96c03692088
e9c46d58343a80c129a905acf8ef264eda8857c1b9bb279084625fa39a7f6889
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ececa11daba0ee1c5bf9c56ec4d40be9e455e69ffe1b61a1e7d08108f4699418
edea5d3d3bcb85769aba86162ba0cba0c1b704613663745c4ecd6408f7a46dce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2fe3596cd5ccbf866d8a20edcbbe61a4663745d39324a72c749192963d75453
f8f805612a9825344bce9d513843e533782a8b8510b24011da7511ddaf9cf4e2
f94fbaa4222578abc40259a8e95510f8aa8c687f94ca5ca7dc56674e835e7ff9
fd1d9485b02fce5894bae0c857d2935dd022b2f6d49c9608332db95523b5b485
fda1e2770ec235492f0cb19651ab5d181eb306d147687ea4577602b41c760985
fe6bd74cf04e22f62c5a56c7a0929b1c6ae1a85d43e5437114980fc5ae97d3ff
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.allsgpromo.com Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

490 Requests

83 %HTTPS

37 %IPv6

76 Domains

119 Subdomains

78 IPs

13 Countries

7136 kBTransfer

14304 kBSize

90 Cookies

19 Outgoing links

Page URL History

Redirected requests

490 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.allsgpromo.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

490
Requests

83 %
HTTPS

37 %
IPv6

76
Domains

119
Subdomains

78
IPs

13
Countries

7136 kB
Transfer

14304 kB
Size

90
Cookies

490 HTTP transactions
16 data transactions