Submitted URL: https://tinyurl.com/125thSuitcase-sg
Effective URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Submission: On December 06 via manual from SG — Scanned from SG

Summary

This website contacted 97 IPs in 10 countries across 86 domains to perform 342 HTTP transactions. The main IP is 188.166.232.115, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is gfieldmoney.com.
TLS certificate: Issued by R3 on December 2nd 2023. Valid for: 3 months.
This is the only time gfieldmoney.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
33 188.166.232.115 14061 (DIGITALOC...)
9 13.227.254.54 16509 (AMAZON-02)
7 2403:e800:e80... 4637 (ASN-TELST...)
3 2404:6800:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
4 6 15.197.193.217 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
7 2a04:4e42:48:... 54113 (FASTLY)
1 2403:e800:e80... 4637 (ASN-TELST...)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 2404:6800:400... 15169 (GOOGLE)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 151.101.2.137 54113 (FASTLY)
3 162.247.243.29 54113 (FASTLY)
3 13.224.154.155 16509 (AMAZON-02)
9 2404:6800:400... 15169 (GOOGLE)
7 13.33.88.68 16509 (AMAZON-02)
7 9 2600:9000:200... 16509 (AMAZON-02)
1 2 2406:2600:7:1... 55569 (CRITEO-AS...)
1 3 13.33.33.36 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 13.33.88.107 16509 (AMAZON-02)
4 5 13.228.126.19 16509 (AMAZON-02)
2 182.161.73.136 55569 (CRITEO-AS...)
1 52.53.40.127 16509 (AMAZON-02)
1 34.209.183.148 16509 (AMAZON-02)
3 3.112.170.251 16509 (AMAZON-02)
1 35.244.193.51 15169 (GOOGLE)
1 54.82.17.205 14618 (AMAZON-AES)
1 54.255.159.219 16509 (AMAZON-02)
1 2600:9000:200... 16509 (AMAZON-02)
14 20 69.173.158.64 26667 (RUBICONPR...)
1 13.226.120.23 16509 (AMAZON-02)
4 35.89.54.138 16509 (AMAZON-02)
1 13.227.254.65 16509 (AMAZON-02)
10 2a04:4e42:400... 54113 (FASTLY)
6 13.33.96.216 16509 (AMAZON-02)
2 52.222.174.13 16509 (AMAZON-02)
1 152.195.62.252 15133 (EDGECAST)
2 2404:6800:400... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.215.46.21 14618 (AMAZON-AES)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a04:4e42:200... 54113 (FASTLY)
1 2600:9000:229... 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
18 52.77.152.198 16509 (AMAZON-02)
18 69.173.158.92 26667 (RUBICONPR...)
6 184.51.97.137 16625 (AKAMAI-AS)
6 104.18.36.155 13335 (CLOUDFLAR...)
6 18.139.43.115 16509 (AMAZON-02)
6 2406:2600:7:1... 55569 (CRITEO-AS...)
6 52.77.74.133 16509 (AMAZON-02)
6 35.213.54.176 15169 (GOOGLE)
1 8 35.186.253.211 15169 (GOOGLE)
6 207.65.33.78 62713 (AS-PUBMATIC)
6 2602:803:c006... 26667 (RUBICONPR...)
2 10 103.43.90.117 29990 (ASN-APPNEX)
6 15.197.196.10 16509 (AMAZON-02)
2 173.237.69.12 7979 (SERVERS-COM)
4 35.73.167.231 16509 (AMAZON-02)
4 44.230.254.37 16509 (AMAZON-02)
5 18.155.68.85 16509 (AMAZON-02)
1 162.19.138.118 16276 (OVH)
1 141.95.98.64 16276 (OVH)
1 2404:6800:400... 15169 (GOOGLE)
1 37.157.2.229 198622 (ADFORM)
3 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 23.44.0.196 16625 (AKAMAI-AS)
1 12 35.244.159.8 396982 (GOOGLE-CL...)
2 2 2001:df2:a300... 6336 (TURN-US-ASN)
1 1 124.146.153.170 2514 (INFOSPHER...)
2 2 13.33.88.20 16509 (AMAZON-02)
7 10 172.217.194.157 15169 (GOOGLE)
1 67.199.150.81 62713 (AS-PUBMATIC)
4 67.199.150.86 62713 (AS-PUBMATIC)
3 3 35.213.12.39 15169 (GOOGLE)
1 1 103.254.153.160 59253 (LEASEWEB-...)
3 5 34.111.113.62 396982 (GOOGLE-CL...)
1 18.139.232.112 16509 (AMAZON-02)
1 2 119.9.108.180 45187 (RACKSPACE...)
3 207.65.33.82 62713 (AS-PUBMATIC)
1 1 35.247.47.28 396982 (GOOGLE-CL...)
1 3 2406:da18:929... 16509 (AMAZON-02)
1 67.199.150.85 3257 (GTT-BACKB...)
3 3 74.118.186.107 6336 (TURN-US-ASN)
1 1 3.0.155.52 16509 (AMAZON-02)
1 1 172.240.155.116 7979 (SERVERS-COM)
1 1 143.244.222.249 14061 (DIGITALOC...)
1 207.65.33.76 62713 (AS-PUBMATIC)
2 2 2a02:fa8:c411... 399104 (CNVR-APAC)
2 2 54.169.193.249 16509 (AMAZON-02)
7 7 67.202.105.24 32748 (STEADFAST)
1 2 67.202.105.31 32748 (STEADFAST)
1 1 104.69.39.62 16625 (AKAMAI-AS)
2 184.51.97.92 16625 (AKAMAI-AS)
1 1 98.98.134.242 21859 (ZEN-ECN)
4 34.117.239.71 396982 (GOOGLE-CL...)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 54.191.47.182 16509 (AMAZON-02)
1 1 8.43.72.98 26667 (RUBICONPR...)
2 4 52.46.128.147 16509 (AMAZON-02)
2 3 67.220.228.202 16509 (AMAZON-02)
2 2 54.249.237.55 16509 (AMAZON-02)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
1 2 209.191.163.152 32475 (SINGLEHOP...)
1 131.153.206.101 59210 (PHOENIXNA...)
1 52.77.135.86 16509 (AMAZON-02)
1 42.99.140.152 4637 (ASN-TELST...)
2 2 18.136.5.195 16509 (AMAZON-02)
2 2 151.101.194.49 54113 (FASTLY)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 18.177.11.95 16509 (AMAZON-02)
1 35.79.54.179 16509 (AMAZON-02)
1 1 54.209.207.92 14618 (AMAZON-AES)
1 220.150.223.50 ()
342 97
Apex Domain
Subdomains
Transfer
48 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 788
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
54 KB
33 gfieldmoney.com
gfieldmoney.com
2 MB
26 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1931
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 3029
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
5 KB
20 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
u.openx.net — Cisco Umbrella Rank: 672
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 15595
4 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
168 KB
18 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image2.pubmatic.com — Cisco Umbrella Rank: 859
image4.pubmatic.com — Cisco Umbrella Rank: 1224
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
27 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
78 KB
16 adthrive.com
ads.adthrive.com — Cisco Umbrella Rank: 5361
logger.adthrive.com — Cisco Umbrella Rank: 5456
391 KB
12 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1596
ssc-cms.33across.com — Cisco Umbrella Rank: 904
events-ssc.33across.com — Cisco Umbrella Rank: 1493
dp1.33across.com — Cisco Umbrella Rank: 7877
5 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
direct.adsrvr.org — Cisco Umbrella Rank: 3147
5 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
7 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
bidder.criteo.com — Cisco Umbrella Rank: 776
2 KB
10 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2808
entitlements.jwplayer.com — Cisco Umbrella Rank: 3715
29 KB
9 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1196
x.bidswitch.net — Cisco Umbrella Rank: 336
4 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
f0ce2fb8d209ce1e41c989fc9eefb626.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
56 KB
8 typekit.net
use.typekit.net — Cisco Umbrella Rank: 446
p.typekit.net — Cisco Umbrella Rank: 559
139 KB
7 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3965
673 KB
7 packhacker.com
cdn.packhacker.com — Cisco Umbrella Rank: 456358
47 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
3 KB
6 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 2719
3 KB
6 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
3 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1466
3 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
5 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3939
3 KB
5 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2994
273 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
369 KB
4 postrelease.com
exchange.postrelease.com — Cisco Umbrella Rank: 4927
2 KB
4 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1524
4 KB
4 ccgateway.net
pb-ing.ccgateway.net — Cisco Umbrella Rank: 10472
586 B
4 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3016
launchpad.privacymanager.io — Cisco Umbrella Rank: 2702
geo.privacymanager.io — Cisco Umbrella Rank: 2070
60 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
3 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1354
sync.colossusssp.com — Cisco Umbrella Rank: 1503
1001 B
3 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2268
rp.liadm.com — Cisco Umbrella Rank: 1632
rp4.liadm.com — Cisco Umbrella Rank: 6685
1 KB
3 flashtalking.com
d9.flashtalking.com — Cisco Umbrella Rank: 1842
12 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
5 KB
3 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
617 B
2 w55c.net
i.w55c.net — Cisco Umbrella Rank: 1431
pm.w55c.net — Cisco Umbrella Rank: 818
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 835
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
534 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1577
hde.tynt.com — Cisco Umbrella Rank: 4170
4 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 666
829 B
2 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 1982
826 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1234
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
959 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
35 KB
2 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2417
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1567
141 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
1 KB
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 21062
38 B
1 r-ad.ne.jp
bk.r-ad.ne.jp — Cisco Umbrella Rank: 31561
548 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1618
173 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
646 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
279 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
451 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
608 B
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2045
447 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
546 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
551 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
659 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 2837
473 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
850 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1211
106 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
275 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 3121
202 B
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 4287
43 KB
1 agkn.com
fid.agkn.com — Cisco Umbrella Rank: 2826
686 B
1 rkdms.com
prebid.sv.rkdms.com — Cisco Umbrella Rank: 18588
287 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 590
29 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 89 Failed
250 KB
1 gstatic.com
fonts.gstatic.com
126 KB
1 memberful.com
js.memberful.com — Cisco Umbrella Rank: 31066
23 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
30 KB
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 15082
588 B
0 nex8.net Failed
cs.nex8.net Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
342 86
Domain Requested by
33 gfieldmoney.com gfieldmoney.com
18 prebid-server.rubiconproject.com gfieldmoney.com
u.openx.net
ads.pubmatic.com
hde.tynt.com
14 pixel.rubiconproject.com 9 redirects hde.tynt.com
12 c2shb.pubgw.yahoo.com gfieldmoney.com
10 cm.g.doubleclick.net 7 redirects u.openx.net
hde.tynt.com
9 ib.adnxs.com 2 redirects gfieldmoney.com
hde.tynt.com
9 cdn.jwplayer.com 7 redirects gfieldmoney.com
9 securepubads.g.doubleclick.net gfieldmoney.com
9 ads.adthrive.com gfieldmoney.com
8 rtb.openx.net 1 redirects gfieldmoney.com
us-u.openx.net
7 us-u.openx.net u.openx.net
hde.tynt.com
us-u.openx.net
7 assets-jpcust.jwpsrv.com
7 logger.adthrive.com gfieldmoney.com
7 cdn.packhacker.com gfieldmoney.com
7 use.typekit.net gfieldmoney.com
use.typekit.net
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 ssc-cms.33across.com 6 redirects
6 direct.adsrvr.org gfieldmoney.com
6 fastlane.rubiconproject.com gfieldmoney.com
6 hbopenbid.pubmatic.com gfieldmoney.com
6 c2shb.ssp.yahoo.com gfieldmoney.com
6 grid.bidswitch.net gfieldmoney.com
6 tlx.3lift.com gfieldmoney.com
6 bidder.criteo.com gfieldmoney.com
6 krk2.kargo.com gfieldmoney.com
6 htlb.casalemedia.com gfieldmoney.com
6 a.teads.tv gfieldmoney.com
6 aax.amazon-adsystem.com gfieldmoney.com
6 match.adsrvr.org 4 redirects gfieldmoney.com
5 pixel.tapad.com 3 redirects hde.tynt.com
5 hb.undertone.com gfieldmoney.com
5 pagead2.googlesyndication.com imasdk.googleapis.com
gfieldmoney.com
tpc.googlesyndication.com
5 ssl.p.jwpcdn.com gfieldmoney.com
5 ups.analytics.yahoo.com 4 redirects gfieldmoney.com
4 s.amazon-adsystem.com 2 redirects hde.tynt.com
4 events-ssc.33across.com hde.tynt.com
us-u.openx.net
4 simage2.pubmatic.com ads.pubmatic.com
4 exchange.postrelease.com gfieldmoney.com
4 g2.gumgum.com gfieldmoney.com
4 pb-ing.ccgateway.net gfieldmoney.com
3 aax-eu.amazon-adsystem.com 2 redirects hde.tynt.com
3 px.ads.linkedin.com 1 redirects hde.tynt.com
3 pr-bh.ybp.yahoo.com 1 redirects us-u.openx.net
3 image2.pubmatic.com
3 x.bidswitch.net 3 redirects
3 jp-u.openx.net u.openx.net
us-u.openx.net
3 tpc.googlesyndication.com gfieldmoney.com
3 d9.flashtalking.com gfieldmoney.com
3 sb.scorecardresearch.com 1 redirects gfieldmoney.com
3 c.amazon-adsystem.com gfieldmoney.com
3 bam.nr-data.net gfieldmoney.com
3 fonts.googleapis.com gfieldmoney.com
2 sync-tm.everesttech.net 2 redirects
2 ce.lijit.com 1 redirects hde.tynt.com
2 capi.connatix.com 1 redirects hde.tynt.com
2 match.prod.bidr.io 2 redirects
2 dpm.demdex.net 2 redirects
2 eus.rubiconproject.com hde.tynt.com
eus.rubiconproject.com
2 ad.360yield.com 2 redirects
2 prebid-match.dotomi.com 2 redirects
2 sync.1rx.io 2 redirects
2 uipglob.semasio.net 1 redirects
2 cr-p3.ladsp.com 2 redirects
2 ad.turn.com 2 redirects
2 u.openx.net 1 redirects gfieldmoney.com
2 ads.pubmatic.com gfieldmoney.com
2 colossusssp.com gfieldmoney.com
2 imasdk.googleapis.com gfieldmoney.com
2 geo.privacymanager.io gfieldmoney.com
2 mug.criteo.com
2 cdn.confiant-integrations.net gfieldmoney.com
2 gum.criteo.com 1 redirects
2 connect.facebook.net gfieldmoney.com
1 sync-dsp.ad-m.asia us-u.openx.net
1 sync.srv.stackadapt.com 1 redirects
1 dps.jp.cinarra.com us-u.openx.net
1 bk.r-ad.ne.jp 1 redirects
1 tr.blismedia.com us-u.openx.net
1 pm.w55c.net 1 redirects
1 i.w55c.net 1 redirects
1 hb.yahoo.net hde.tynt.com
1 match.sharethrough.com hde.tynt.com
1 prebid.a-mo.net hde.tynt.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 secure.adnxs.com hde.tynt.com
1 dp1.33across.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 hde.tynt.com gfieldmoney.com
1 de.tynt.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 sync.resetdigital.co 1 redirects
1 sync.colossusssp.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 image4.pubmatic.com
1 um.simpli.fi 1 redirects
1 sync.crwdcntrl.net
1 sync.aralego.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 tg.socdm.com 1 redirects
1 www.google.com gfieldmoney.com
1 cm.adform.net
1 f0ce2fb8d209ce1e41c989fc9eefb626.safeframe.googlesyndication.com gfieldmoney.com
1 id5-sync.com gfieldmoney.com
1 lb.eu-1-id5-sync.com gfieldmoney.com
1 s0.2mdn.net gfieldmoney.com
1 prd.jwpltx.com
1 cdn.id5-sync.com gfieldmoney.com
1 rp4.liadm.com
1 rp.liadm.com 1 redirects
1 entitlements.jwplayer.com gfieldmoney.com
1 launchpad.privacymanager.io gfieldmoney.com
1 config.aps.amazon-adsystem.com gfieldmoney.com
1 content.jwplatform.com gfieldmoney.com
1 id.crwdcntrl.net gfieldmoney.com
1 idx.liadm.com gfieldmoney.com
1 lexicon.33across.com gfieldmoney.com
1 fid.agkn.com gfieldmoney.com
1 prebid.sv.rkdms.com gfieldmoney.com
1 launchpad-wrapper.privacymanager.io gfieldmoney.com
1 js-agent.newrelic.com gfieldmoney.com
1 www.facebook.com gfieldmoney.com
1 i.ytimg.com gfieldmoney.com
1 p.typekit.net use.typekit.net
1 fonts.gstatic.com fonts.googleapis.com
1 js.memberful.com gfieldmoney.com
1 code.jquery.com gfieldmoney.com
1 tinyurl.com 1 redirects
0 cs.nex8.net Failed us-u.openx.net
0 sync.mathtag.com Failed ads.pubmatic.com
0 api.rlcdn.com Failed gfieldmoney.com
342 132

This site contains links to these domains. Also see Links.

Domain
www.avantlink.com
packha.kr
us14.campaign-archive.com
Subject Issuer Validity Valid
gfieldmoney.com
R3
2023-12-02 -
2024-03-01
3 months crt.sh
*.adthrive.com
Amazon RSA 2048 M01
2023-05-06 -
2024-06-03
a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-21 -
2024-10-21
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
memberful.com
Cloudflare Inc ECC CA-3
2023-03-31 -
2024-03-30
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
images-integration.instamotor.com
Certainly Intermediate R1
2023-11-30 -
2023-12-30
a month crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-14 -
2023-12-13
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-04-13 -
2024-05-14
a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-29 -
2024-10-01
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02
2023-10-27 -
2024-11-23
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-15 -
2023-12-28
a year crt.sh
confiant-integrations.net
GTS CA 1P5
2023-11-19 -
2024-02-17
3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M01
2023-07-27 -
2024-08-24
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
rkdms.com
Amazon RSA 2048 M03
2023-10-30 -
2024-11-27
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh
tag.device9.com
Go Daddy Secure Certificate Authority - G2
2023-07-19 -
2024-08-19
a year crt.sh
lexicon.33across.com
GTS CA 1D4
2023-11-27 -
2024-02-25
3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02
2023-08-31 -
2024-09-28
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03
2023-10-08 -
2024-11-06
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
ccgateway.net
R3
2023-11-20 -
2024-02-18
3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-30 -
2024-09-30
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1
2023-04-11 -
2024-05-11
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-07 -
2024-05-06
a year crt.sh
jwpltx.com
Amazon RSA 2048 M03
2023-10-12 -
2024-11-09
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-10-17 -
2024-04-10
6 months crt.sh
teads.tv
R3
2023-11-03 -
2024-02-01
3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.dev.kargo.com
Amazon RSA 2048 M01
2023-02-03 -
2024-01-18
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2
2023-09-08 -
2024-10-09
a year crt.sh
jp-ad-exch-prd-two-eks.prd.eks.jp.adexchange.gumgum.com
Amazon RSA 2048 M01
2023-08-31 -
2024-09-28
a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02
2023-08-30 -
2024-09-28
a year crt.sh
*.undertone.com
Amazon RSA 2048 M02
2023-08-03 -
2024-08-30
a year crt.sh
*.eu-1-id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
*.id5-sync.com
R3
2023-11-01 -
2024-01-30
3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-25 -
2024-06-18
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-29 -
2024-02-21
6 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-05 -
2024-09-30
a year crt.sh
events-ssc.33across.com
GTS CA 1D4
2023-10-25 -
2024-01-23
3 months crt.sh
tr.blismedia.com
GTS CA 1D4
2023-12-02 -
2024-03-01
3 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA
2023-05-17 -
2024-06-16
a year crt.sh
sync-dsp.ad-m.asia
ZeroSSL RSA Domain Secure Site CA
2023-11-27 -
2024-02-25
3 months crt.sh

This page contains 17 frames:

Primary Page: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Frame ID: 5DA6BD1ACE05B4FB00B6AE39D026C495
Requests: 259 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/19998d0/html/i.html
Frame ID: 23DF4CC933F5656D46AAF5F15EAAD3F7
Requests: 1 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/19998d0/html/rnf.html
Frame ID: 47E5CAA25E1C27DC2B8F04DD7172BA79
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Frame ID: B12DE945632B7D37D802BD4B2C4763E8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C00E694EC7F363D3ABDACCAF89FA5D1B
Requests: 1 HTTP requests in this frame

Frame: https://f0ce2fb8d209ce1e41c989fc9eefb626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5B949E633D7B213941A59AE3029BDD13
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 158D8ECA53B9C10DB6987995657DFC1D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 533885D7E557CE7221A993ADC9A61012
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 0ABCAC51303E6E3DF75441194A529FD9
Requests: 14 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: B055E1E756F0AB5737FE61F2C9A23D9E
Requests: 8 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 00F198CC90837230DD5949436FB2DE59
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4625678882631691475&gdpr=0&gdpr_consent=
Frame ID: 08E9F1EC941505439B980E199214BC72
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fdcda54b-47b1-4c2c-ae08-30e3ed8e2872&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: FA7D02C2B2B1C4728023D56296A0EB32
Requests: 1 HTTP requests in this frame

Frame: https://prebid-server.rubiconproject.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=96DECE01-6CC4-4980-845E-7FC80B277327
Frame ID: 022DC88DCAB1F8A31AE874B5E2FB2053
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Frame ID: B9F030D686EC9A722D8E49E085B9CD84
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Frame ID: C7EA847806BDDFD32D9C63528D1B4EAB
Requests: 20 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
Frame ID: 90420E379675F9CE4F90F0D1E7DA9EC1
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Matador Transit30 2.0 Packable Duffel Review | Pack Hacker

Page URL History Show full URLs

  1. https://tinyurl.com/125thSuitcase-sg HTTP 301
    https://gfieldmoney.com/travel-gear/matador/transit30-2-0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

342
Requests

81 %
HTTPS

28 %
IPv6

86
Domains

132
Subdomains

97
IPs

10
Countries

4904 kB
Transfer

9689 kB
Size

126
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinyurl.com/125thSuitcase-sg HTTP 301
    https://gfieldmoney.com/travel-gear/matador/transit30-2-0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgfieldmoney.com%2F&domain=gfieldmoney.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Wm2H1XxFQ2FRQzNiV0tUT3lubGFqVkVXUVFhbE1qVURjb3cvd0N3VUgvZ01WeWJBR0VlR2xvVzhUUkdQTnNzNzRYSXlESGRBYzRpVGpQNUF3d1JVUFNwMVNyU2ZBTlBqVUdVS0M3N01XcVRjVXN4aGt6aEROME1pZHJ6akk3NjJieFowSmVTNUhKeTA5Tit3N1JReXN5ZXdUVWVnMFlmdmVoNktjZ0JsTEt1allSVGhwNFRMbkJoS244OEc4Ymd2WVcxcVFTTUNxeTFjbWxZdEx0UC9jcGMzVlYyZnpUcFJmeUZWbGdmNjBXaHB5U1dJPXw&cppv=2
Request Chain 106
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_it=b9&cv=4.4.0%2B2311211132&ns__t=1701832864016&ns_c=UTF-8&cs_cfg=100&cs_ucfr=1&c7=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&c8=Matador%20Transit30%202.0%20Packable%20Duffel%20Review%20%7C%20Pack%20Hacker&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b9&cv=4.4.0%2B2311211132&ns__t=1701832864016&ns_c=UTF-8&cs_cfg=100&cs_ucfr=1&c7=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&c8=Matador%20Transit30%202.0%20Packable%20Duffel%20Review%20%7C%20Pack%20Hacker&c9=
Request Chain 126
  • https://rp.liadm.com/j?dtstmp=1701832864421&se=e30&duid=554e01b63a9f--01hgyj9c5ey4ghxgdw9serm474&pu=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&wpn=prebid HTTP 302
  • https://rp4.liadm.com/j?se=e30&duid=554e01b63a9f--01hgyj9c5ey4ghxgdw9serm474&dtstmp=1701832864421&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&i6=MjAwMTpkZjE6ODAwOmEwMGE6MTI6Ojk%3D
Request Chain 129
  • https://cdn.jwplayer.com/strips/N7dniXtO-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/N7dniXtO-120.vtt
Request Chain 132
  • https://cdn.jwplayer.com/v2/media/N7dniXtO/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/a99qib5s-720.jpg
Request Chain 133
  • https://cdn.jwplayer.com/v2/media/N7dniXtO/poster.jpg?width=1280 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/a99qib5s-1280.jpg
Request Chain 137
  • https://cdn.jwplayer.com/strips/q9Akigoq-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/q9Akigoq-120.vtt
Request Chain 138
  • https://cdn.jwplayer.com/v2/media/q9Akigoq/poster.jpg?width=1280 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/c9ncqh61-1280.jpg
Request Chain 246
  • https://cdn.jwplayer.com/strips/N7dniXtO-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/N7dniXtO-120.jpg
Request Chain 248
  • https://cdn.jwplayer.com/v2/media/fkLe1nvh/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/t6k3kmre-120.jpg
Request Chain 265
  • https://id5-sync.com/i/367/8.gif?id5id=ID5*uZPYG95BxbOthVpK5fSR0N1mtlCDxA7YGkBBIDESDtpzHG36rMSuOxPInYS2zLJJcx3vq2zBUtXagUapOKCpiA&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=437452d1-aafd-4446-a1b7-f65bb0385bb9&ttl=%%TTL%% HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/367/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F367%2F2%2F6%2F3.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/367/2/6/3.gif?puid=4625678882631691475&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F123%2F5%2F4.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F123%2F5%2F4.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/367/123/5/4.gif?puid=18c3d24bd63-5529000001085eb7&gdpr=0&gdpr_consent= HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=LPT7CI83-28-CAV0&gdpr=0 HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=714caaa269c421d3&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/822.gif?puid=AAAMBFIjQpowwwMTZQEiAAAAAAA&expiration=1701919268&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F826%2F2%2F7.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F826%2F2%2F7.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347%26partner_url%3Dhttps%253A%252F%252Fid5-sync.com%252Fc%252F367%252F826%252F2%252F7.gif%253Fpuid%253D376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F826%2F2%2F7.gif%3Fpuid%3D376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/367/826/2/7.gif?puid=376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F821%2F1%2F8.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 307
  • https://id5-sync.com/c/367/821/1/8.gif?puid=4d7de81e-1aec-4868-b362-e804e2838037&gdpr=0&gdpr_consent=
Request Chain 268
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Request Chain 270
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7030539413985883288&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 271
  • https://match.adsrvr.org/track/cmf/openx?oxid=be29eeef-8066-33e3-749e-69c24978e531&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=437452d1-aafd-4446-a1b7-f65bb0385bb9&ttd_puid=be29eeef-8066-33e3-749e-69c24978e531&gdpr=0&gdpr_consent=
Request Chain 272
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZW-oo8Co8YEAAI3NKWIAAAAA
Request Chain 273
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfrFeoNixIyyks8AEDt7NyLGDc8AAAGMPSS_MQ
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDNl3ns8qeJ-ErmszecXCgc&google_cver=1
Request Chain 279
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4625678882631691475&gdpr=0&gdpr_consent=
Request Chain 280
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fdcda54b-47b1-4c2c-ae08-30e3ed8e2872&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=41e1c376-f691-3dd1-91c7-60bb7b0bbbc0&ssp=pubmatic&bsw_param=fdcda54b-47b1-4c2c-ae08-30e3ed8e2872 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fdcda54b-47b1-4c2c-ae08-30e3ed8e2872&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lt7OAWzESYCEXn_ICydzJw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 283
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=96DECE01-6CC4-4980-845E-7FC80B277327 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=96DECE01-6CC4-4980-845E-7FC80B277327 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=437452d1-aafd-4446-a1b7-f65bb0385bb9&ttd_puid=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2%2C%2C
Request Chain 285
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=96DECE01-6CC4-4980-845E-7FC80B277327&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=96DECE01-6CC4-4980-845E-7FC80B277327&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 286
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTZERUNFMDEtNkNDNC00OTgwLTg0NUUtN0ZDODBCMjc3MzI3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHXzLjOgiDL0d_MMMdtDuiQ&google_cver=1
Request Chain 288
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:DF7D98AD37DE49BAACD4E305048507FA
Request Chain 290
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=437452d1-aafd-4446-a1b7-f65bb0385bb9&gdpr=0&gdpr_consent=
Request Chain 291
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4004401939369620632&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 292
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=96DECE01-6CC4-4980-845E-7FC80B277327&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XFO9X3xE2uXFcrDzCT_IH1ApT6QVRFg-~A&gdpr=0
Request Chain 294
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1YNY&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D&cb=1701832867977&us_privacy=1YNY HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-80a750f4-6bea-4e56-99ae-0b3841f104dd-004?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3DRX-80a750f4-6bea-4e56-99ae-0b3841f104dd-004 HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=RX-80a750f4-6bea-4e56-99ae-0b3841f104dd-004
Request Chain 295
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1YNY&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3zh8t6m223mx0YnAhFmy&gdpr=&gdpr_consent=&us_privacy=1YNY
Request Chain 296
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=1YNY&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=9be3d123-b6c3-4a4f-a6f3-c5d1fe4aab47
Request Chain 297
  • https://sync.resetdigital.co/csync?pid=rubicon&puid={Publisher%20UID}&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dresetdigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24USER_ID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=00000120B545EA51
Request Chain 299
  • https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=&gdpr_consent= HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yahooAds&uid=y-u420zRdE2uF1K2QuyhU7rJxOcAl3Pqs8~A
Request Chain 300
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=225699c9d43a1ee2&is_secure=true&version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=AAAK-M0vzWLxogNbjB7YAAAAAAA&expiration=1701919269
Request Chain 301
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=c5f5b3ba-7434-4dee-9538-0ce1142f2087
Request Chain 302
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Request Chain 303
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1YNY HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Request Chain 304
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&ts=1701832871536.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
Request Chain 305
  • https://ssc-cms.33across.com/ps/?_=1701832871536.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=212368127857613
Request Chain 306
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=1YNY&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1YNY%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&xi=45&xu=376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347&ts=1701832871&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Request Chain 307
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&ts=1701832871536.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=1YNY&bidder_id=90&external_user_id=4625678882631691475
Request Chain 308
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=LOlMT2Vv6KcEKS0Nb2rLoQ%3D%3D&us_privacy=1YNY&_rand=1701832871536.6 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=LOlMT2Vv6KcEKS0Nb2rLoQ%3D%3D&us_privacy=1YNY&_rand=1701832871536.6&expected_cookie=cd5f1ad5-fef9-45c2-b2dd-bbc6b7867e98
Request Chain 309
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=LOlMT2Vv6KcEKS0Nb2rLoQ%3D%3D&us_privacy=1YNY&random=1701832871536.7&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D0e6f2c76-0700-4bee-8fe0-4c3de0855ec2%252C%252C HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D0e6f2c76-0700-4bee-8fe0-4c3de0855ec2%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=41354556178144488982024293871141119278&pt=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2%2C%2C
Request Chain 310
  • https://dp1.33across.com/ps/?pid=669&uid=LOlMT2Vv6KcEKS0Nb2rLoQ%3D%3D&us_privacy=1YNY&random=1701832871536.8&pu= HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212368127857613&seg_code=33x&random=1701832871
Request Chain 313
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1YNY&us_privacy=1YNY&khaos=LPT7CI83-28-CAV0 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LPT7CI83-28-CAV0&us_privacy=1YNY HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LPT7CI83-28-CAV0&ts=1701832872&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Request Chain 314
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1YNY HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPT7CI83-28-CAV0&ex=d-rubiconproject.com&status=ok&us_privacy=1YNY
Request Chain 315
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YNY HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YNY&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=yHpxc-6QQrSvWoBSQjDM3Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=yHpxc-6QQrSvWoBSQjDM3Q
Request Chain 316
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=437452d1-aafd-4446-a1b7-f65bb0385bb9&gdpr=0&gdpr_consent=&expires=30
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIbA3kXbR9LdDBVbu6DWGv4&google_cver=1
Request Chain 318
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1YNY HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPT7CI83-28-CAV0&us_privacy=1YNY
Request Chain 319
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBUN0NJODMtMjgtQ0FWMA==&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE1-m6UUqGDzgDhUve-6CDU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBUN0NJODMtMjgtQ0FWMA==&google_push=
Request Chain 320
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNY HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/4a21DdUTQpm8R-ldX0pqVMn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1YNY HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dsN7RVxE2oJNMVGPoLAmPhyL0CIsp5WEDXQA.A--~A
Request Chain 321
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWMwM2ZkN2Q0OTYwOWM2NTY0Y2QwZDUzZTcyYzEyNzdjNjkxZWU1NA&us_privacy=1YNY
Request Chain 322
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1YNY HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1YNY&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Op0llqb0TxuEStEaKxN5KA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Op0llqb0TxuEStEaKxN5KA
Request Chain 323
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1YNY HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1YNY&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFC607K39EAABPcoP8UnA&expires=30
Request Chain 324
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1YNY HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPT7CI83-28-CAV0&us_privacy=1YNY
Request Chain 325
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1YNY HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPT7CI83-28-CAV0&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNY HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPT7CI83-28-CAV0&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNY&final=true
Request Chain 326
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&us_privacy=1YNY HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LPT7CI83-28-CAV0&us_privacy=1YNY HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LPT7CI83-28-CAV0&us_privacy=1YNY&dnr=1
Request Chain 327
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1YNY HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LPT7CI83-28-CAV0&us_privacy=1YNY
Request Chain 328
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1YNY HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPT7CI83-28-CAV0&us_privacy=1YNY
Request Chain 329
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1YNY HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPT7CI83-28-CAV0&redir=true&us_privacy=1YNY HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPT7CI83-28-CAV0&redir=true&us_privacy=1YNY HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yMHpnTXBaRTJ1RjFxa0RpLlc2VDdyRHZTRHZQZTd4aX5B&ovsid=LPT7CI83-28-CAV0&us_privacy=1YNY&dpid=58160
Request Chain 331
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=bku868F41RaIth5
Request Chain 332
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZW-oqAAE0D5fBgBd HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZW-oqAAE0D5fBgBd&_test=ZW-oqAAE0D5fBgBd
Request Chain 334
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=57h3LC00KBDAK007eOCw
Request Chain 336
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=amdrqhAUW0tSTvAgqRUw-tE6otA
Request Chain 339
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=YX9k0yngis2S6iV1mmHfiw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

342 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request transit30-2-0
gfieldmoney.com/travel-gear/matador/
Redirect Chain
  • https://tinyurl.com/125thSuitcase-sg
  • https://gfieldmoney.com/travel-gear/matador/transit30-2-0
5 KB
5 KB
Document
General
Full URL
https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
4273aea034582a2e6cef054d47b03462f4bd4f4d50b7b03317a04e79eea9645e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-type
text/html; charset=utf-8
date
Wed, 06 Dec 2023 03:21:01 GMT
referrer-policy
no-referrer
server
nginx/1.17.0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
cf-cache-status
DYNAMIC
cf-ray
8311656dce51491e-SIN
content-type
text/html; charset=UTF-8
date
Wed, 06 Dec 2023 03:21:00 GMT
location
https://gfieldmoney.com/travel-gear/matador/transit30-2-0
referrer-policy
unsafe-url
server
cloudflare
x-content-type-options
nosniff
x-robots-tag
noindex
x-tinyurl-redirect
eyJpdiI6Iko5MU4zSmZuNXA3NmphVUNYVVlPL0E9PSIsInZhbHVlIjoiMlBpUXdJdlMxdG1tK0VNRkJtRGxxYUIzejhmL3YyaVhwOUQ4UkFYbU9NdE84VVZ4WHpQdVNPK0xCV2VxU0JxWXNYdm9lMXdUSTZpSUpzdlI2ZHFzeEE9PSIsIm1hYyI6IjUyNTAwNjVkMzZlNDE5OGZiOGZmOGM5M2IyZmViNzZjYzZjYTI1ZDJlZThiN2NhYTA1YjgyY2JjZDJiMWY5MjQiLCJ0YWciOiIifQ==
x-tinyurl-redirect-type
redirect
x-xss-protection
1; mode=block
_fp.js
gfieldmoney.com/
19 KB
19 KB
Script
General
Full URL
https://gfieldmoney.com/_fp.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
81069b8419f2bb6bd37ff87adb1b6048413b6af7c7cd4db5fbcac429d1da7147

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
19421
content-type
application/javascript; charset=utf-8
luminati.json
gfieldmoney.com/
19 B
88 B
XHR
General
Full URL
https://gfieldmoney.com/luminati.json
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
x-content-type-options
nosniff
server
nginx/1.17.0
content-length
19
content-type
text/plain; charset=utf-8
6sb1OkDSR
gfieldmoney.com/_previsit/
100 B
219 B
XHR
General
Full URL
https://gfieldmoney.com/_previsit/6sb1OkDSR
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
4e1c389e38c3965b7b3d567fae553fac8f7438b2d878b8160d1e9f245b9ed309

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://gfieldmoney.com
access-control-expose-headers
Struct-Response
date
Wed, 06 Dec 2023 03:21:01 GMT
access-control-allow-credentials
true
server
nginx/1.17.0
content-length
100
content-type
application/json
transit30-2-0
gfieldmoney.com/travel-gear/matador/
264 KB
264 KB
XHR
General
Full URL
https://gfieldmoney.com/travel-gear/matador/transit30-2-0?pvlid=6sb1OkDSR
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
ec245260727869feb65ca13feb5ff20adb523a30adee032bd1d601f7d47589ae

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 20:40:10 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
269936
content-type
text/html; charset=UTF-8
ads.min.js
ads.adthrive.com/sites/5e0fcd6517a8be5a76a36c71/
90 KB
25 KB
Script
General
Full URL
https://ads.adthrive.com/sites/5e0fcd6517a8be5a76a36c71/ads.min.js?referrer=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&cb=74
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-54.sin52.r.cloudfront.net
Software
CloudFront /
Resource Hash
4d615cf83189a5e66e6a8bfd9f260c1bb5120ec053b9f937d2f5cd7ef37f77c6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

adthrive-bucket
prod
date
Wed, 06 Dec 2023 02:26:15 GMT
content-encoding
gzip
via
1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
adthrive-deployment
stable
x-amz-cf-pop
SIN52-C3
age
3286
adthrive-commit
19998d0
x-cache
Hit from cloudfront
content-length
25277
adthrive-gdpr
false
pragma
no-cache
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, must-revalidate, s-maxage=28800
x-amz-cf-id
sezHwR0PfQeGIdHfSNxXlIebpSyvecQlLlS3YU9IP2u18qU-NdwEbw==
expires
0
style.min.css
gfieldmoney.com/wp/wp-includes/css/dist/block-library/
102 KB
102 KB
Stylesheet
General
Full URL
https://gfieldmoney.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
104484
content-type
text/css; charset=utf-8
styles.css
gfieldmoney.com/app/plugins/contact-form-7/includes/css/
3 KB
3 KB
Stylesheet
General
Full URL
https://gfieldmoney.com/app/plugins/contact-form-7/includes/css/styles.css?ver=5.8
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2859
content-type
text/css; charset=utf-8
comments.css
gfieldmoney.com/app/plugins/wp-discourse/css/
3 KB
3 KB
Stylesheet
General
Full URL
https://gfieldmoney.com/app/plugins/wp-discourse/css/comments.css?ver=1671823930
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
b2253002327c27269ac628a7e5c0a660c7c9ec037c4efeaac4697d2408d9b3ac

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2836
content-type
text/css; charset=utf-8
jquery.lazyloadxt.spinner.css
gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/
311 B
362 B
Stylesheet
General
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 18:56:59 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
311
content-type
text/css; charset=utf-8
a3_lazy_load.min.css
gfieldmoney.com/app/uploads/sass/
130 B
158 B
Stylesheet
General
Full URL
https://gfieldmoney.com/app/uploads/sass/a3_lazy_load.min.css?ver=1561556818
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
2e1ffb8e59b678f4e1666b92fb500a9b3517edcd5dd8ccc19fad362c514d2558

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 18:56:59 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
130
content-type
text/css; charset=utf-8
main.dd52339edb0f439ecb10.css
gfieldmoney.com/app/themes/packhacker/dist/
312 KB
313 KB
Stylesheet
General
Full URL
https://gfieldmoney.com/app/themes/packhacker/dist/main.dd52339edb0f439ecb10.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
3bf3b38a977d2ffec49384e7d5ebd60bc638fd3624d7560492e69164776d06d0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
319995
content-type
text/css; charset=utf-8
mlw2neq.css
use.typekit.net/
3 KB
995 B
Stylesheet
General
Full URL
https://use.typekit.net/mlw2neq.css
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2403:e800:e80b::2a63:8cb9 , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
Software
nginx /
Resource Hash
a984459c9d158c78d042f7c9d63ee0b8dba30e713bf4826abc92e5c1032fb308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 06 Dec 2023 03:21:02 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
772
icon
fonts.googleapis.com/
569 B
775 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Dec 2023 03:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 03:21:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Dec 2023 03:21:01 GMT
lazy_placeholder.gif
gfieldmoney.com/app/plugins/a3-lazy-load/assets/images/
42 B
78 B
Image
General
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 20:40:14 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
42
content-type
image/gif
index.js
gfieldmoney.com/app/plugins/contact-form-7/includes/swv/js/
11 KB
11 KB
Script
General
Full URL
https://gfieldmoney.com/app/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 18:56:28 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
10770
content-type
application/javascript; charset=utf-8
index.js
gfieldmoney.com/app/plugins/contact-form-7/includes/js/
13 KB
13 KB
Script
General
Full URL
https://gfieldmoney.com/app/plugins/contact-form-7/includes/js/index.js?ver=5.8
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 18:56:28 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
12943
content-type
application/javascript; charset=utf-8
jquery-3.5.1.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3378174
x-cache
HIT, HIT
content-length
30879
x-served-by
cache-lga13628-LGA, cache-hkg17927-HKG
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701832862.878450,VS0,VE0
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
35, 796546
jquery.lazyloadxt.extra.min.js
gfieldmoney.com/app/plugins/a3-lazy-load/assets/js/
3 KB
3 KB
Script
General
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.7.0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 18:57:01 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
3015
content-type
application/javascript; charset=utf-8
jquery.lazyloadxt.srcset.min.js
gfieldmoney.com/app/plugins/a3-lazy-load/assets/js/
2 KB
2 KB
Script
General
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.7.0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 18:57:01 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
1573
content-type
application/javascript; charset=utf-8
jquery.lazyloadxt.extend.js
gfieldmoney.com/app/plugins/a3-lazy-load/assets/js/
1 KB
1 KB
Script
General
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.7.0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 18:57:01 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
1045
content-type
application/javascript; charset=utf-8
main.a49eef3114d1b6e2112f.js
gfieldmoney.com/app/themes/packhacker/dist/
114 KB
114 KB
Script
General
Full URL
https://gfieldmoney.com/app/themes/packhacker/dist/main.a49eef3114d1b6e2112f.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
8dea0241508d4d6d02f462e78f3bd2691df01b0c83181ba1de16481ccadeeba0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 18:56:19 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
116719
content-type
application/javascript; charset=utf-8
comment-reply.min.js
gfieldmoney.com/wp/wp-includes/js/
3 KB
3 KB
Script
General
Full URL
https://gfieldmoney.com/wp/wp-includes/js/comment-reply.min.js?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/_fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 20:40:14 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2981
content-type
application/javascript; charset=utf-8
rid
match.adsrvr.org/track/
109 B
566 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=iowij76&fmt=json
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
68e7f4df4ef8dbdfd3600e9c0d0386b627a0ccba7687aadc097d4603368a96ae

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 05 Jan 2024 03:21:01 GMT
marmalade
ads.adthrive.com/api/v1/
5 KB
2 KB
Fetch
General
Full URL
https://ads.adthrive.com/api/v1/marmalade?siteid=5e0fcd6517a8be5a76a36c71&url=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&deliveryFeatures=rubiconFloors,recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-54.sin52.r.cloudfront.net
Software
/
Resource Hash
619f4d380f6eb1f2b22dff76a7fe21cd37201e09d569102db38228b35c76b627

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
adthrive-is-ios
0
content-encoding
br
via
1.1 c57dcf725f15a754ea7be2a7d262cec2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
x-amzn-requestid
e6afe37d-63f7-445f-8476-c81aada29f68
x-amzn-trace-id
Root=1-656fe89e-2e511add1061d50e5da6a242;Sampled=0;lineage=e948d84a:0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-apigw-id
PgFIzEMVoAMEdww=
x-amz-cf-id
H95xPYn17Oi_qqFujN3n-y6sDmoZ5UAWrW10tm-z-nhlaUg7bkrDUw==
adthrive-is-chrome
1
5e0fcd6517a8be5a76a36c71
ads.adthrive.com/api/v2/raptiveFloors/
42 KB
6 KB
XHR
General
Full URL
https://ads.adthrive.com/api/v2/raptiveFloors/5e0fcd6517a8be5a76a36c71
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-54.sin52.r.cloudfront.net
Software
/
Resource Hash
4120c8272d3655febe8e8525eedd3c8bd01730efbb47121f9e840abd047ec9cc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:30:45 GMT
content-encoding
br
via
1.1 c57dcf725f15a754ea7be2a7d262cec2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
42616
x-amzn-trace-id
Root=1-656f4225-7a587ffa3ea70a7569b20a3d;Sampled=0;lineage=e7e36c41:0
x-amzn-requestid
6ed6c624-0cb3-449b-b329-4e3d7c25d494
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
PedF2H3UIAMEAqQ=
x-amz-cf-id
3nY2FxxtQnwDEsIHZPo936fD88yNYRs1wT0DRBrhd8QT3q3Hx6P4ew==
adthrive.min.js
ads.adthrive.com/builds/core/19998d0/es2018/js/
734 KB
189 KB
Script
General
Full URL
https://ads.adthrive.com/builds/core/19998d0/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=rubiconFloors,recencyFrequency,ttdSync,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr&siteid=5e0fcd6517a8be5a76a36c71
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-54.sin52.r.cloudfront.net
Software
CloudFront /
Resource Hash
6cbf315237c59e8a642c01a67cf4848835ffbd8c71ace7dc6df5d7994761f84e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 01:00:30 GMT
content-encoding
gzip
via
1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN52-C3
age
8431
etag
"50f03c79a39b3724ba0ae83e42ed28da"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, s-maxage=86400
content-length
192795
x-amz-cf-id
bf4fPRqenC0nPByI3zk31mZ-lmegYKGDPw23hOF9N243r25JTQhozg==
embed.js
js.memberful.com/
43 KB
23 KB
Script
General
Full URL
https://js.memberful.com/embed.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:447d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d82bd41ab6773bfd2f4a32472a0b8a8b854ddb6367ba8a96cde336673baabe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
content-encoding
gzip
via
1.1 vegur
strict-transport-security
max-age=15552000
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status
HIT
age
379
content-length
22840
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1701832482&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=TmRcsmwHmVCZoWmOZ2tOfMZZ%2F5amlZln3vJAq%2Fggsgg%3D
last-modified
Wed, 06 Dec 2023 02:45:13 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701832482&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=TmRcsmwHmVCZoWmOZ2tOfMZZ%2F5amlZln3vJAq%2Fggsgg%3D"}]}
content-type
application/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8311657abf7a3f8c-SIN
truncated
/
167 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7749d51538cf227c122ba4e71a9884089a78f096abcd633cc76e63575a6b3f26

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
164 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b2a59b11c090b44ea663de249fd50c1468be68260a23b65f8f8e337c0c13815

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
loading.gif
gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/
2 KB
2 KB
Image
General
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/loading.gif
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.3.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sat, 02 Dec 2023 20:40:14 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
1690
content-type
image/gif
icon-display-email@2x.png
gfieldmoney.com/app/themes/packhacker/assets/images/decorative/
7 KB
8 KB
Image
General
Full URL
https://gfieldmoney.com/app/themes/packhacker/assets/images/decorative/icon-display-email@2x.png
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
36977efa22b73cb7b43f0a5c0ac9ee539d80af495f0d89b84c4d57ec2485c0ba

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gfieldmoney.com/travel-gear/matador/transit30-2-0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:01 GMT
last-modified
Sun, 03 Dec 2023 05:33:02 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
7613
content-type
image/png
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gfieldmoney.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:34:12 GMT
x-content-type-options
nosniff
age
172009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 03:34:12 GMT
matador-transit30-2.jpg
cdn.packhacker.com/2019/03/
2 KB
2 KB
Image
General
Full URL
https://cdn.packhacker.com/2019/03/matador-transit30-2.jpg?auto=compress&auto=format&w=350&h=233&fit=crop
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:48::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
86f5532a457854b01c679d9381383dbee8a00b25174d46ab295f6c64f407177d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
x-content-type-options
nosniff
age
1453315
x-cache
HIT, MISS
x-imgix-id
a82f8c914745734d9c20a02b2c241fd0f67b069d
cross-origin-resource-policy
cross-origin
content-length
1872
x-served-by
cache-sjc10034-SJC, cache-qpg1221-QPG
x-imgix-render-farm
02.139816
last-modified
Sun, 19 Nov 2023 07:39:06 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=mlw2neq&ht=tk&f=5022.5178.5310.24355&a=319241&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mlw2neq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2403:e800:e80b::2a63:8c98 , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
last-modified
Fri, 14 Jul 2023 12:41:34 GMT
server
nginx
etag
"64b1427e-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
l
use.typekit.net/af/3058a4/0000000000000000773599a9/30/
38 KB
38 KB
Font
General
Full URL
https://use.typekit.net/af/3058a4/0000000000000000773599a9/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mlw2neq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2403:e800:e80b::2a63:8cb9 , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
Software
nginx /
Resource Hash
48a65b54ac1a5135f0684958f16fd517109b2d20784872044727a7e56fc1d8cf

Request headers

Referer
https://use.typekit.net/mlw2neq.css
Origin
https://gfieldmoney.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
server
nginx
etag
"a8ee95f6a0441cd36fd0f7c8e0cb6398f0fcec8a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
38548
l
use.typekit.net/af/6c50f4/00000000000000007735a544/30/
18 KB
18 KB
Font
General
Full URL
https://use.typekit.net/af/6c50f4/00000000000000007735a544/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mlw2neq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2403:e800:e80b::2a63:8cb9 , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
Software
nginx /
Resource Hash
0580e9e816da1883ab597af4ed3ea8e25d5325f39a64bc8951c2aa03045ca229

Request headers

Referer
https://use.typekit.net/mlw2neq.css
Origin
https://gfieldmoney.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
server
nginx
etag
"bd36aa533bb1fdd3f69db9026cbb8450c993a3ee"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18008
l
use.typekit.net/af/ccb3f3/000000000000000077359996/30/
39 KB
39 KB
Font
General
Full URL
https://use.typekit.net/af/ccb3f3/000000000000000077359996/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mlw2neq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2403:e800:e80b::2a63:8cb9 , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
Software
nginx /
Resource Hash
d3854f9aef9bb56a35fc2862f04a164db1fd159f7c8187d9263018e204527408

Request headers

Referer
https://use.typekit.net/mlw2neq.css
Origin
https://gfieldmoney.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
server
nginx
etag
"115128beab300af3f36b409d3b4fcb0ae9306785"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
39752
l
use.typekit.net/af/7ed1f6/0000000000000000773599aa/30/
41 KB
41 KB
Font
General
Full URL
https://use.typekit.net/af/7ed1f6/0000000000000000773599aa/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mlw2neq.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2403:e800:e80b::2a63:8cb9 , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
Software
nginx /
Resource Hash
470e416b7026a5a21fde14111f63b45f166c6ab1b033392a42375a45a72d2efe

Request headers

Referer
https://use.typekit.net/mlw2neq.css
Origin
https://gfieldmoney.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
server
nginx
etag
"741db7fba066404c306d32d5ca0b051e83b295b3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
42140
abd.js
ads.adthrive.com/abd/
1 KB
1 KB
XHR
General
Full URL
https://ads.adthrive.com/abd/abd.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-54.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
x-amz-version-id
os8MwQFHVWjrrk14iP4Ip4gSDo8pMj4I
content-encoding
br
last-modified
Tue, 06 Sep 2022 21:10:57 GMT
server
AmazonS3
via
1.1 c57dcf725f15a754ea7be2a7d262cec2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
etag
W/"1a1900d242621b126237113a25ab0ab3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
khz4QJRSV1xkArU7ZECuBdwAWjl3yBbAzpU5pNeoUmzmO_7rr_n7fQ==
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 06 Dec 2023 03:21:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
ts1bgMNIj92Bu1hMnp0KdNQNtJfb/mBr/5FkKevtPXSiL8kpiiPNyBq2Fp5chH1Vk3AcUtOZLcl13lDGs974SA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
style.min.css
gfieldmoney.com/wp/wp-includes/css/dist/block-library/
102 KB
102 KB
XHR
General
Full URL
https://gfieldmoney.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
tracestate
2352831@nr=0-1-2352831-1120222496-c14072f7c64a5cd9----1701832862293
traceparent
00-85eddd39e5922148e98a171fc6144b00-c14072f7c64a5cd9-01
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6ImMxNDA3MmY3YzY0YTVjZDkiLCJ0ciI6Ijg1ZWRkZDM5ZTU5MjIxNDhlOThhMTcxZmM2MTQ0YjAwIiwidGkiOjE3MDE4MzI4NjIyOTN9fQ==

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
104484
content-type
text/css; charset=utf-8
styles.css
gfieldmoney.com/app/plugins/contact-form-7/includes/css/
3 KB
3 KB
XHR
General
Full URL
https://gfieldmoney.com/app/plugins/contact-form-7/includes/css/styles.css?ver=5.8
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
tracestate
2352831@nr=0-1-2352831-1120222496-19a8ca53799cb20f----1701832862294
traceparent
00-ae25a70071f604a871762dc3e4f07700-19a8ca53799cb20f-01
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjE5YThjYTUzNzk5Y2IyMGYiLCJ0ciI6ImFlMjVhNzAwNzFmNjA0YTg3MTc2MmRjM2U0ZjA3NzAwIiwidGkiOjE3MDE4MzI4NjIyOTR9fQ==

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2859
content-type
text/css; charset=utf-8
comments.css
gfieldmoney.com/app/plugins/wp-discourse/css/
3 KB
3 KB
XHR
General
Full URL
https://gfieldmoney.com/app/plugins/wp-discourse/css/comments.css?ver=1671823930
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
b2253002327c27269ac628a7e5c0a660c7c9ec037c4efeaac4697d2408d9b3ac

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
tracestate
2352831@nr=0-1-2352831-1120222496-47556b0c424cfb7d----1701832862299
traceparent
00-ef0bb8b9568e493a8c654406795a5f00-47556b0c424cfb7d-01
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjQ3NTU2YjBjNDI0Y2ZiN2QiLCJ0ciI6ImVmMGJiOGI5NTY4ZTQ5M2E4YzY1NDQwNjc5NWE1ZjAwIiwidGkiOjE3MDE4MzI4NjIyOTl9fQ==

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2836
content-type
text/css; charset=utf-8
jquery.lazyloadxt.spinner.css
gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/
311 B
336 B
XHR
General
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
tracestate
2352831@nr=0-1-2352831-1120222496-bb66115d652ec0aa----1701832862299
traceparent
00-ac21e9de51ebc300cc901e5ec0260400-bb66115d652ec0aa-01
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6ImJiNjYxMTVkNjUyZWMwYWEiLCJ0ciI6ImFjMjFlOWRlNTFlYmMzMDBjYzkwMWU1ZWMwMjYwNDAwIiwidGkiOjE3MDE4MzI4NjIyOTl9fQ==

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
last-modified
Sat, 02 Dec 2023 18:56:59 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
311
content-type
text/css; charset=utf-8
a3_lazy_load.min.css
gfieldmoney.com/app/uploads/sass/
130 B
155 B
XHR
General
Full URL
https://gfieldmoney.com/app/uploads/sass/a3_lazy_load.min.css?ver=1561556818
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
2e1ffb8e59b678f4e1666b92fb500a9b3517edcd5dd8ccc19fad362c514d2558

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
tracestate
2352831@nr=0-1-2352831-1120222496-cdcb6f4907b04948----1701832862300
traceparent
00-01ef2a8ab1e8b8b9037523383a703300-cdcb6f4907b04948-01
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6ImNkY2I2ZjQ5MDdiMDQ5NDgiLCJ0ciI6IjAxZWYyYThhYjFlOGI4YjkwMzc1MjMzODNhNzAzMzAwIiwidGkiOjE3MDE4MzI4NjIzMDB9fQ==

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
last-modified
Sat, 02 Dec 2023 18:56:59 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
130
content-type
text/css; charset=utf-8
main.dd52339edb0f439ecb10.css
gfieldmoney.com/app/themes/packhacker/dist/
312 KB
313 KB
XHR
General
Full URL
https://gfieldmoney.com/app/themes/packhacker/dist/main.dd52339edb0f439ecb10.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
3bf3b38a977d2ffec49384e7d5ebd60bc638fd3624d7560492e69164776d06d0

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
tracestate
2352831@nr=0-1-2352831-1120222496-e0c13b8043322d72----1701832862301
traceparent
00-8e69da4df6bded41cdce39966edcdf00-e0c13b8043322d72-01
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6ImUwYzEzYjgwNDMzMjJkNzIiLCJ0ciI6IjhlNjlkYTRkZjZiZGVkNDFjZGNlMzk5NjZlZGNkZjAwIiwidGkiOjE3MDE4MzI4NjIzMDF9fQ==

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
319995
content-type
text/css; charset=utf-8
mlw2neq.css
use.typekit.net/
3 KB
995 B
XHR
General
Full URL
https://use.typekit.net/mlw2neq.css
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2403:e800:e80b::2a63:8cb9 , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
Software
nginx /
Resource Hash
a984459c9d158c78d042f7c9d63ee0b8dba30e713bf4826abc92e5c1032fb308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 06 Dec 2023 03:21:02 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
772
icon
fonts.googleapis.com/
569 B
775 B
XHR
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Dec 2023 03:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 03:21:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Dec 2023 03:21:02 GMT
matador-transit30-2.0-in-use-detroit-2.jpg
cdn.packhacker.com/2019/01/
10 KB
10 KB
Image
General
Full URL
https://cdn.packhacker.com/2019/01/matador-transit30-2.0-in-use-detroit-2.jpg?w=0.5&fit=crop&crop=entropy&px=16&blur=600&auto=format
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:48::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
b1edc627a8fa70c40e757823ca7305c37a02abefbac590bbcc343fd64ce0f6b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
x-content-type-options
nosniff
age
419196
x-cache
HIT, HIT
x-imgix-id
a0bf992d7fc699f4cd7f97879137550c491942fb
cross-origin-resource-policy
cross-origin
content-length
9729
x-served-by
cache-sjc10052-SJC, cache-qpg1221-QPG
x-imgix-render-farm
01.140328
last-modified
Fri, 01 Dec 2023 06:54:26 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
matador-transit30-2.0-details.jpg
cdn.packhacker.com/2019/01/
8 KB
8 KB
Image
General
Full URL
https://cdn.packhacker.com/2019/01/matador-transit30-2.0-details.jpg?w=0.5&fit=crop&crop=entropy&px=16&blur=600&auto=format
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:48::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
94256c5e6cae82ac1afd01e30f2c3efbf5732106d70fc6f59e5d8e607be4083e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
x-content-type-options
nosniff
age
1143862
x-cache
HIT, HIT
x-imgix-id
1c65a71040e6c97d5056de9acf1b46cb3607deae
cross-origin-resource-policy
cross-origin
content-length
8256
x-served-by
cache-sjc10079-SJC, cache-qpg1221-QPG
x-imgix-render-farm
01.140328
last-modified
Wed, 22 Nov 2023 21:36:39 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
matador-transit30-2.0-in-use-detroit-button.jpg
cdn.packhacker.com/2019/01/
10 KB
10 KB
Image
General
Full URL
https://cdn.packhacker.com/2019/01/matador-transit30-2.0-in-use-detroit-button.jpg?w=0.5&fit=crop&crop=entropy&px=16&blur=600&auto=format
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:48::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
65509c79d0f33cbe29beddad49e831982dc5678905fc352e92244b1ff3674652
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
x-content-type-options
nosniff
age
113333
x-cache
HIT, MISS
x-imgix-id
bcc90636a326853819e8c11ade3872ce7fb240e6
cross-origin-resource-policy
cross-origin
content-length
9813
x-served-by
cache-sjc10081-SJC, cache-qpg1221-QPG
x-imgix-render-farm
01.140328
last-modified
Mon, 04 Dec 2023 19:52:09 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
matador-transit30-2.0-in-use-detroit-3.jpg
cdn.packhacker.com/2019/01/
8 KB
8 KB
Image
General
Full URL
https://cdn.packhacker.com/2019/01/matador-transit30-2.0-in-use-detroit-3.jpg?w=0.5&fit=crop&crop=entropy&px=16&blur=600&auto=format
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:48::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
3d6ad5d824553790eb481f692dc407d88b5a6ddafbb319d90293a7543b0ddb68
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
x-content-type-options
nosniff
age
1720891
x-cache
HIT, HIT
x-imgix-id
4bc4e294d983fde10780a0e01a42fe10b8e8242d
cross-origin-resource-policy
cross-origin
content-length
8428
x-served-by
cache-sjc10038-SJC, cache-qpg1221-QPG
x-imgix-render-farm
01.140328
last-modified
Thu, 16 Nov 2023 05:19:30 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
matador-transit30-2.0-in-use-detroit-4.jpg
cdn.packhacker.com/2019/01/
8 KB
8 KB
Image
General
Full URL
https://cdn.packhacker.com/2019/01/matador-transit30-2.0-in-use-detroit-4.jpg?w=0.5&fit=crop&crop=entropy&px=16&blur=600&auto=format
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:48::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
159c7c68f316adca7da499cc642915e8b007665d012d31ef109b47d77d12181a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
x-content-type-options
nosniff
age
1501948
x-cache
HIT, HIT
x-imgix-id
db0ae8d10d1737804c59f7c2db346d165329aaab
cross-origin-resource-policy
cross-origin
content-length
8407
x-served-by
cache-sjc10074-SJC, cache-qpg1221-QPG
x-imgix-render-farm
02.139816
last-modified
Sat, 18 Nov 2023 18:08:33 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
tom-avi-pack-hacker.jpg
cdn.packhacker.com/2018/05/
454 B
712 B
Image
General
Full URL
https://cdn.packhacker.com/2018/05/tom-avi-pack-hacker.jpg?auto=compress&auto=format&w=150&h=150&fit=crop?w=0.5&fit=crop&crop=entropy&px=16&blur=600&auto=format
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:48::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1e9a7e37cc4b24fc950faf35c5a2964d4ca1c70baf5c90902e37c65bc113427f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
x-content-type-options
nosniff
age
1796767
x-cache
HIT, HIT
x-imgix-id
9290adc5233b6435ec6e11624747a82241aa87d7
cross-origin-resource-policy
cross-origin
content-length
454
x-served-by
cache-sjc10034-SJC, cache-qpg1221-QPG
x-imgix-render-farm
01.140328
last-modified
Wed, 15 Nov 2023 08:14:54 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
maxresdefault.jpg
i.ytimg.com/vi/-UrblOSv38k/
0
0

style.min.css
gfieldmoney.com/wp/wp-includes/css/dist/block-library/
102 KB
102 KB
XHR
General
Full URL
https://gfieldmoney.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
tracestate
2352831@nr=0-1-2352831-1120222496-983b250d09710c56----1701832862329
traceparent
00-a769158c81df6731b07f813855ce0900-983b250d09710c56-01
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6Ijk4M2IyNTBkMDk3MTBjNTYiLCJ0ciI6ImE3NjkxNThjODFkZjY3MzFiMDdmODEzODU1Y2UwOTAwIiwidGkiOjE3MDE4MzI4NjIzMjl9fQ==

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
104484
content-type
text/css; charset=utf-8
styles.css
gfieldmoney.com/app/plugins/contact-form-7/includes/css/
3 KB
3 KB
XHR
General
Full URL
https://gfieldmoney.com/app/plugins/contact-form-7/includes/css/styles.css?ver=5.8
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
tracestate
2352831@nr=0-1-2352831-1120222496-1f06c0c29820aa89----1701832862329
traceparent
00-5c15cd6538016eda825588a2ffc38300-1f06c0c29820aa89-01
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjFmMDZjMGMyOTgyMGFhODkiLCJ0ciI6IjVjMTVjZDY1MzgwMTZlZGE4MjU1ODhhMmZmYzM4MzAwIiwidGkiOjE3MDE4MzI4NjIzMjl9fQ==

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2859
content-type
text/css; charset=utf-8
comments.css
gfieldmoney.com/app/plugins/wp-discourse/css/
3 KB
3 KB
XHR
General
Full URL
https://gfieldmoney.com/app/plugins/wp-discourse/css/comments.css?ver=1671823930
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
b2253002327c27269ac628a7e5c0a660c7c9ec037c4efeaac4697d2408d9b3ac

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
tracestate
2352831@nr=0-1-2352831-1120222496-8d6c8ba46fd84cc4----1701832862330
traceparent
00-8d294f1a356b15a6edea0d65757d3300-8d6c8ba46fd84cc4-01
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjhkNmM4YmE0NmZkODRjYzQiLCJ0ciI6IjhkMjk0ZjFhMzU2YjE1YTZlZGVhMGQ2NTc1N2QzMzAwIiwidGkiOjE3MDE4MzI4NjIzMzB9fQ==

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
2836
content-type
text/css; charset=utf-8
jquery.lazyloadxt.spinner.css
gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/
311 B
336 B
XHR
General
Full URL
https://gfieldmoney.com/app/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
tracestate
2352831@nr=0-1-2352831-1120222496-7b8a911893d8594b----1701832862331
traceparent
00-b8887372345e1d0099ce2fc95f8b9400-7b8a911893d8594b-01
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjdiOGE5MTE4OTNkODU5NGIiLCJ0ciI6ImI4ODg3MzcyMzQ1ZTFkMDA5OWNlMmZjOTVmOGI5NDAwIiwidGkiOjE3MDE4MzI4NjIzMzF9fQ==

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
last-modified
Sat, 02 Dec 2023 18:56:59 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
311
content-type
text/css; charset=utf-8
a3_lazy_load.min.css
gfieldmoney.com/app/uploads/sass/
130 B
155 B
XHR
General
Full URL
https://gfieldmoney.com/app/uploads/sass/a3_lazy_load.min.css?ver=1561556818
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
2e1ffb8e59b678f4e1666b92fb500a9b3517edcd5dd8ccc19fad362c514d2558

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
tracestate
2352831@nr=0-1-2352831-1120222496-8425b5d039802974----1701832862331
traceparent
00-f4672ff8e7925960f3924c732c98eb00-8425b5d039802974-01
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6Ijg0MjViNWQwMzk4MDI5NzQiLCJ0ciI6ImY0NjcyZmY4ZTc5MjU5NjBmMzkyNGM3MzJjOThlYjAwIiwidGkiOjE3MDE4MzI4NjIzMzF9fQ==

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
last-modified
Sat, 02 Dec 2023 18:56:59 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
130
content-type
text/css; charset=utf-8
main.dd52339edb0f439ecb10.css
gfieldmoney.com/app/themes/packhacker/dist/
312 KB
313 KB
XHR
General
Full URL
https://gfieldmoney.com/app/themes/packhacker/dist/main.dd52339edb0f439ecb10.css?ver=6.3.1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.232.115 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.0 /
Resource Hash
3bf3b38a977d2ffec49384e7d5ebd60bc638fd3624d7560492e69164776d06d0

Request headers

X-NewRelic-ID
VgUCU15QCRABVFRUAQIPUlEG
Referer
tracestate
2352831@nr=0-1-2352831-1120222496-148da2d56d84dbc1----1701832862332
traceparent
00-a3f991c8812840d79e23b1b9b8a06e00-148da2d56d84dbc1-01
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjIzNTI4MzEiLCJhcCI6IjExMjAyMjI0OTYiLCJpZCI6IjE0OGRhMmQ1NmQ4NGRiYzEiLCJ0ciI6ImEzZjk5MWM4ODEyODQwZDc5ZTIzYjFiOWI4YTA2ZTAwIiwidGkiOjE3MDE4MzI4NjIzMzJ9fQ==

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
last-modified
Sat, 02 Dec 2023 18:56:27 GMT
server
nginx/1.17.0
accept-ranges
bytes
content-length
319995
content-type
text/css; charset=utf-8
mlw2neq.css
use.typekit.net/
3 KB
995 B
XHR
General
Full URL
https://use.typekit.net/mlw2neq.css
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2403:e800:e80b::2a63:8cb9 , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
Software
nginx /
Resource Hash
a984459c9d158c78d042f7c9d63ee0b8dba30e713bf4826abc92e5c1032fb308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 06 Dec 2023 03:21:02 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
772
icon
fonts.googleapis.com/
569 B
366 B
XHR
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Dec 2023 03:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 03:21:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Dec 2023 03:21:02 GMT
maxresdefault.jpg
i.ytimg.com/vi/-UrblOSv38k/
249 KB
250 KB
Image
General
Full URL
https://i.ytimg.com/vi/-UrblOSv38k/maxresdefault.jpg
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::77 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e9f00469400af5fe895c45dcb2702cd90f85cd4817c7eabd97689a76753833e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gfieldmoney.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255075
x-xss-protection
0
server
sffe
etag
"1544545984"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 06 Dec 2023 05:21:02 GMT
truncated
/
487 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5632d6922f4a7d1bc81da245da6f013de7096d012675ae4927e96ceea1b8164a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
849021339931776
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/849021339931776?v=2.9.138&r=stable&domain=gfieldmoney.com
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc64894efbd3ac1933c5b3d8b99f68e7bb2bca8dbcf74ad7c7e309fdc41a5c68
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 06 Dec 2023 03:21:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
JPJBQdgTmME7F0m1kEimmhgz6Bangum0rphefhEBIGm/LfMUz8ilO8OKc2LruZjx+xPj38le3BZO7sHxHSyj6Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=849021339931776&ev=PageView&dl=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&rl=&if=false&ts=1701832862787&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701832862786.2095198718&ler=empty&it=1701832862461&coo=false&rqm=GET
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 06 Dec 2023 03:21:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
nr-spa-1.248.0.min.js
js-agent.newrelic.com/
87 KB
29 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1.248.0.min.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
Origin
https://gfieldmoney.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
WdicPIzDGJD8og5dR8sXZo1iUf3RkEzi
content-encoding
br
via
1.1 varnish
date
Wed, 06 Dec 2023 03:21:02 GMT
strict-transport-security
max-age=300
x-amz-request-id
YXBB5PAD9RGW8F3G
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
29446
x-amz-id-2
Dy0jdXMi6Vw40/YCkSS29JfK5fMT/vc8gtVdm1LpGEVjEsHrs/NFZmSoWrmBdTghyqFW8fOkr9U=
x-served-by
cache-qpg1223-QPG
last-modified
Thu, 16 Nov 2023 17:54:54 GMT
server
AmazonS3
x-timer
S1701832863.830381,VS0,VE0
etag
"9aea0ff91a800a354637269e96e31dac"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
2844289
d9f96d0186
bam.nr-data.net/1/
40 B
395 B
XHR
General
Full URL
https://bam.nr-data.net/1/d9f96d0186?a=1056638457&v=1.248.0&to=NgZRbRZUXERYAUZeCQ9MZksNGltZXQdKGRYJEw%3D%3D&rst=3076&ck=0&s=ddebcef94fd05144&ref=https://gfieldmoney.com/travel-gear/matador/transit30-2-0&af=err,xhr,stn,ins,spa&ap=6&be=1661&fe=28&dc=26&at=GkFSG15OT0o%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1701832859779,%22n%22:0,%22f%22:591,%22dn%22:761,%22dne%22:761,%22c%22:761,%22s%22:765,%22ce%22:772,%22rq%22:772,%22rp%22:1661,%22rpe%22:1662,%22di%22:1687,%22ds%22:1687,%22de%22:1687,%22dc%22:1688,%22l%22:1688,%22le%22:1689%7D,%22navigation%22:%7B%7D%7D&fp=1693&fcp=2184
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:03 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-qpg1245-QPG
i.html
ads.adthrive.com/builds/core/19998d0/html/ Frame 23DF
3 KB
1 KB
Document
General
Full URL
https://ads.adthrive.com/builds/core/19998d0/html/i.html
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-54.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50279807da7663e6143156926fd8ca89d7e6dfdc98320ae5a2751dcdb910e7dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
2836
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Wed, 06 Dec 2023 03:20:00 GMT
etag
W/"63c161ccf2bd2f7a6682bae21c10e5be"
last-modified
Tue, 05 Dec 2023 17:54:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
x-amz-cf-id
SPzap92tpxxqYcRl1lToZcusctHrtBiM7OOFLUst-eebluV8A2erZQ==
x-amz-cf-pop
SIN52-C3
x-amz-server-side-encryption
AES256
x-amz-version-id
v6Yrqyg_acXjgAihGxFb18xoqwfPfgva
x-cache
Hit from cloudfront
rnf.html
ads.adthrive.com/builds/core/19998d0/html/ Frame 47E5
6 KB
3 KB
Document
General
Full URL
https://ads.adthrive.com/builds/core/19998d0/html/rnf.html
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-54.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e4e5bc4fd94e7a563fb8e5e985e9d756db4fcd1dbd5ca50bc79b26daaf1a9fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
1235
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Wed, 06 Dec 2023 03:20:00 GMT
etag
W/"bb10152399c150ba0b254cc74d5f9425"
last-modified
Tue, 05 Dec 2023 17:54:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
x-amz-cf-id
FyMF4sSMiIOG5to-Z1oH76pLH8BAMWnzCcFrnC4RESfQXBd4DChz6g==
x-amz-cf-pop
SIN52-C3
x-amz-server-side-encryption
AES256
x-amz-version-id
tkAmSHhRNrWkzNHIKriQdpDchviXVRkV
x-cache
Hit from cloudfront
prebid.min.js
ads.adthrive.com/builds/core/19998d0/vendor/prebid/es2018/
606 KB
160 KB
Script
General
Full URL
https://ads.adthrive.com/builds/core/19998d0/vendor/prebid/es2018/prebid.min.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-54.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09800294edfb86dd8c2e55df303183f7907663282a42f84a4f621fa71190adb1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
CToqbThZw8xJCrz9O1a0nWOMav6uAoXR
content-encoding
br
via
1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
date
Wed, 06 Dec 2023 03:02:41 GMT
last-modified
Tue, 05 Dec 2023 17:54:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
1234
x-amz-server-side-encryption
AES256
etag
W/"84983b9929fcdba98e454a9b006afa58"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
7W18BOetQOQuCWEMZSxMEsUG6ZFlkVzH2-fpQ7bhSxc82jOq8D90zA==
apstag.js
c.amazon-adsystem.com/aax2/
270 KB
66 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.154.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-154-155.hkg54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:13:11 GMT
content-encoding
gzip
via
1.1 57441ee201b6bfb8ff8be48f8e002574.cloudfront.net (CloudFront), 1.1 137981e5b30a92372048b789c8ef0c66.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 22:47:11 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, HKG54-C1
age
473
x-amz-server-side-encryption
AES256
etag
W/"ccfaf15c322e197d2e6d0d6bd5642adc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
JIqWo-EQk7BzfPNrgiTS4U6bUBRpbaBxu8mEh2QcYY5ILsRRFpA_cw==
gpt.js
securepubads.g.doubleclick.net/tag/js/
91 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85119760d1f8a95542f5707fd9bd9cc61163493a2c05a0a97ba8d90992f663b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29903
x-xss-protection
0
server
cafe
etag
286 / 19697 / 31079946 / config-hash: 3440202233105863466
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 03:21:02 GMT
event
logger.adthrive.com/
21 B
476 B
XHR
General
Full URL
https://logger.adthrive.com/event?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=prod&branch=19998d0&deployment=stable&message=MarmaladeBootstrap%3A%3AmarmaladeResponseLoaded&pageurl=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&body=%5B%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-68.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
content-length
21
x-amz-cf-id
-rcFoyZYORtN9el7ukuXQ26uy3NR6OMX2lXdBHilxiyL6KmU_sDiJw==
event
logger.adthrive.com/
21 B
481 B
XHR
General
Full URL
https://logger.adthrive.com/event?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=prod&branch=19998d0&deployment=stable&message=RecencyAndFrequencyIFrameManager%3A%3ArecencyFrequencyIframeAdded%20Found%201%20data%20elements&pageurl=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&body=%5B%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-68.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
content-length
21
x-amz-cf-id
O3M1TaP2RuU-IoLnkBuwvT-XcOqq4DWRpCocGBuyuTUqKr3sQuwkVA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.154.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-154-155.hkg54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 d45e7d7d8103c27c11136d671059c638.cloudfront.net (CloudFront)
x-amz-cf-pop
HKG54-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
i-qkihTQ6O9Jq9k_c0mYXMJ3TPDoO-hXzB6IwUSEu8ACB5OiJ1NQYA==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/
431 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079946
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 11:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
56668
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138089
x-xss-protection
0
server
cafe
etag
6648938400208870771
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 04 Dec 2024 11:36:35 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
75 B
79 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gfieldmoney.com
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11ccbc0a47ce6ce0995f423ed5d57f0d3674f15ab0b9df147ea39e6122d0b11c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55
x-xss-protection
0
expires
Wed, 06 Dec 2023 03:21:03 GMT
zul2AaSz
cdn.jwplayer.com/v2/playlists/
156 KB
15 KB
Fetch
General
Full URL
https://cdn.jwplayer.com/v2/playlists/zul2AaSz?max_resolution=1280
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:2800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
131ea1ac0fa68e312d3dae5f45b743d4c544aae770fcbc91d3b887626d080e57

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
via
1.1 55c8386ba54fbe8ac7d89b90344d4344.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
14484
x-amz-cf-id
B5jzi8hFW3bQLNy-d1NRefTyXL8JnumQ2mJth9N-3gb21BJctlkfeQ==
expires
Wed, 06 Dec 2023 03:24:04
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgfieldmoney.com%2F&domain=gfieldmoney.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 06 Dec 2023 03:21:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
213465
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
beacon.js
sb.scorecardresearch.com/
10 KB
4 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-36.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63a03df903030d78749fa647494b5c18c248cd464a95eb768e972278d885f9df

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 12:41:01 GMT
content-encoding
gzip
via
1.1 bdcb0966d6e5d28eb31a406298268896.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 11:54:11 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
52802
x-amz-server-side-encryption
AES256
etag
W/"96bc3a581f40e4dbb6739b063c8dcb9b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
xMhgXDYCxbBM8CeDjms9GsCoXR-sD0u9PIR_ZQaA009iRMMj1OY2Mg==
config.js
cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/
306 KB
64 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2df4ce40d9a7ffbf31d8e8dacf191836f8ce7553e9819921fb087ac59ecbf516

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Dec 2023 10:14:48 GMT
server
cloudflare
x-amz-request-id
P1EH7TP854AQ6943
age
158
etag
W/"8c843e01ec6b6c270454b178a5cdde69"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
831165878d3089a6-SIN
alt-svc
h3=":443"; ma=86400
x-amz-id-2
AX2AQwSmKUxBBdYX2opplwTauESTvckTOQgNzDniDNJ7M2rPsxKmXbyLBdEYChu2NjUGAgdsOjj2GgZAveZVsbSJgScOWzW5kBIGRM7Fmwo=
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/
273 KB
34 KB
Script
General
Full URL
https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-107.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f13cdbf91c29d4b2370068222179233633d7922313fbe315ff2ed2b0c1fc1e0e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 21:44:43 GMT
x-amz-version-id
OqAxgyZ5SvrtTnWsEK5nr4rey5Kh.3hL
content-encoding
gzip
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
20181
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Mon, 23 Oct 2023 20:37:41 GMT
server
AmazonS3
etag
W/"51e5766ceaa2422d0288fec39e4fde2a"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
r-LITkmu7QFh2wFB4zZGhHlpakIdWQ_spzYKurK1aMa0FPO0IY8RXA==
fed
ups.analytics.yahoo.com/ups/58404/
0
362 B
XHR
General
Full URL
https://ups.analytics.yahoo.com/ups/58404/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://gfieldmoney.com/travel-gear/matador/transit30-2-0&pixelId=58404
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.228.126.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://gfieldmoney.com
content-type
application/json
access-control-allow-credentials
true
content-length
0
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgfieldmoney.com%2F&domain=gfieldmoney.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Wm2H1XxFQ2FRQzNiV0tUT3lubGFqVkVXUVFhbE1qVURjb3cvd0N3VUgvZ01WeWJBR0VlR2xvVzhUUkdQTnNzNzRYSXlESGRBYzRpVGpQNUF3d1JVUFNwMVNyU2ZBTlBqVUdVS0M3N01XcVRjVXN4aGt6aEROME1pZHJ6ak...
357 B
663 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=Wm2H1XxFQ2FRQzNiV0tUT3lubGFqVkVXUVFhbE1qVURjb3cvd0N3VUgvZ01WeWJBR0VlR2xvVzhUUkdQTnNzNzRYSXlESGRBYzRpVGpQNUF3d1JVUFNwMVNyU2ZBTlBqVUdVS0M3N01XcVRjVXN4aGt6aEROME1pZHJ6akk3NjJieFowSmVTNUhKeTA5Tit3N1JReXN5ZXdUVWVnMFlmdmVoNktjZ0JsTEt1allSVGhwNFRMbkJoS244OEc4Ymd2WVcxcVFTTUNxeTFjbWxZdEx0UC9jcGMzVlYyZnpUcFJmeUZWbGdmNjBXaHB5U1dJPXw&cppv=2
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
1b49fbe7186dca142ac34d0f4261ac34b78e676f7a479438d3fc80a70f87a8a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
443631
expires
0

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://gfieldmoney.com
location
https://mug.criteo.com/sid?cpp=Wm2H1XxFQ2FRQzNiV0tUT3lubGFqVkVXUVFhbE1qVURjb3cvd0N3VUgvZ01WeWJBR0VlR2xvVzhUUkdQTnNzNzRYSXlESGRBYzRpVGpQNUF3d1JVUFNwMVNyU2ZBTlBqVUdVS0M3N01XcVRjVXN4aGt6aEROME1pZHJ6akk3NjJieFowSmVTNUhKeTA5Tit3N1JReXN5ZXdUVWVnMFlmdmVoNktjZ0JsTEt1allSVGhwNFRMbkJoS244OEc4Ymd2WVcxcVFTTUNxeTFjbWxZdEx0UC9jcGMzVlYyZnpUcFJmeUZWbGdmNjBXaHB5U1dJPXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
275878
content-length
0
expires
0
envelope
api.rlcdn.com/api/identity/
0
0

/
prebid.sv.rkdms.com/identity/
15 B
287 B
XHR
General
Full URL
https://prebid.sv.rkdms.com/identity/?sv_domain=gfieldmoney.com&sv_pubid=9262&ssp_ids=534404531
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.53.40.127 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-40-127.us-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
4b82e5c4363493733c9b4923a0de07058c40ce15e093727e4db91f106f31d754

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:04 GMT
access-control-allow-credentials
true
server
awselb/2.0
content-length
15
vary
Accept-Encoding
content-type
application/json
rid
match.adsrvr.org/track/
108 B
564 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=iowij76&fmt=json
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
f859d204dbc258b8ca1d025a137b200cc214324b047c5e3caa2451211d016b2f

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:03 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 05 Jan 2024 03:21:03 GMT
f
fid.agkn.com/
151 B
686 B
XHR
General
Full URL
https://fid.agkn.com/f?apiKey=2215608639&r=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.209.183.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-183-148.us-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
a91eb43e6064dc315c54f3219a0682534db0c8ec61d95eb4766e47940bac6a8e

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
d9core
d9.flashtalking.com/
11 KB
11 KB
Script
General
Full URL
https://d9.flashtalking.com/d9core
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.112.170.251 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-112-170-251.ap-northeast-1.compute.amazonaws.com
Software
Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash
28fc1f59f2f76edbaa8a413242078783e7055aa2a1a894ddc0352124e46419ae

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 03:21:04 GMT
Server
Apache/2.4.56 () OpenSSL/1.0.2k-fips
ETag
5bc31bf7d4a298e1bef9d35fce222bfc
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
d9.flashtalking.com
Content-Type
application/javascript;charset=utf-8
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
10814
envelope
lexicon.33across.com/v1/
49 B
250 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001i0fyfAAA&gdpr=0&src=pbjs&ver=8.5.0&coppa=0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:03 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
any
idx.liadm.com/idex/unknown/
0
371 B
XHR
General
Full URL
https://idx.liadm.com/idex/unknown/any?duid=554e01b63a9f--01hgyj9c5ey4ghxgdw9serm474&resolve=nonId&resolve=uid2&resolve=medianet&resolve=bidswitch&resolve=magnite&resolve=index&resolve=pubmatic
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.17.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-17-205.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
10
access-control-allow-origin
https://gfieldmoney.com
cache-control
max-age=3599, private
access-control-allow-credentials
true
trace-id
1aef88820e0a709d
expires
Wed, 06 Dec 2023 04:21:04 GMT
id
id.crwdcntrl.net/
75 B
823 B
XHR
General
Full URL
https://id.crwdcntrl.net/id?c=17297
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.159.219 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-159-219.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
aec0ce914b57456c5566dc76ae9378f0f27f4b65dbad438e32ec2b26775d0f31

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:03 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache
x-server
10.42.27.17
access-control-allow-credentials
true
content-length
75
expires
0
A9dOLzcW.js
content.jwplatform.com/libraries/
117 KB
43 KB
Script
General
Full URL
https://content.jwplatform.com/libraries/A9dOLzcW.js?version_override=8.30.0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:b200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
d44e29a00235ccf2eb4a2a2d4ad81372c67949d848c8607dbf1405440411b2f0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:20:20 GMT
content-encoding
gzip
via
1.1 e458de70cfe2237c659d4e5f2ae84564.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
SIN52-C3
age
42
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
43791
x-amz-cf-id
omV8IQtQ01qSHJwdMV1lFqc3301nipLNRvh2thBDcvwxCERx_BG9tQ==
event
logger.adthrive.com/
21 B
471 B
XHR
General
Full URL
https://logger.adthrive.com/event?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=prod&branch=19998d0&deployment=stable&message=BaseDynamicAdsInjector%3A%3A_logDensityInfo&pageurl=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&body=%5B%7B%22onePerViewport%22%3Afalse%2C%22combinedMax%22%3A9%2C%22targetDensityUnits%22%3A4%2C%22targetDensityPercentage%22%3A0.99%2C%22mainContentHeight%22%3A6207%2C%22recipeCount%22%3A0%2C%22numberOfEls%22%3A4%7D%2C%7B%22abgroup%22%3A%7B%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22off%4075%22%2C%22mto%22%3A%224%4025%22%2C%22flrml1%22%3A%22cm%4010%22%2C%22fto%22%3A%224%4025%22%2C%22allbho%22%3A%5B%22off%400%22%5D%2C%22loglev%22%3A%22off%4099%22%2C%22hbho%22%3A%5B%2233across%4025%22%2C%22concert%405%22%2C%22resetdigital%4090%22%5D%2C%22optd%22%3A%22off%40100%22%2C%22idho%22%3A%5B%22FTrackId%22%5D%2C%22pbs2s%22%3A%5B%2233across%40100%22%2C%22conversant%40100%22%2C%22improve_ss%40100%22%2C%22pubm_ss%40100%22%2C%22resetdigital%40100%22%2C%22under_ss%40100%22%2C%22unruly%40100%22%2C%22yieldmo%40100%22%2C%22adform%40100%22%5D%2C%22adt2%22%3A%22500%4085%22%2C%22s2sparam%22%3A%22on%4099%22%2C%22multirefauc%22%3A%2220s%4010%22%2C%22coldr%22%3A%22both%40100%22%2C%22krgodr%22%3A%22client%4095%22%2C%22opnxdr%22%3A%22both%4098%22%2C%22magnitedr%22%3A%22both%4098%22%2C%22tripleliftdr%22%3A%22both%4098%22%2C%22yahoodr1%22%3A%22both%4098%22%2C%22ito_ds%22%3A%222700%4015%22%2C%223pho%22%3A%22none%4095%22%2C%22vbho%22%3A%5B%22resetdigital%4090%22%2C%2233across%40100%22%5D%2C%22optv%22%3A%22off%40100%22%2C%22cbt%22%3A%226s%405%22%2C%22vasttoisv%22%3A%2215s%4060%22%2C%22vasttoosv%22%3A%225s%4060%22%2C%22proto%22%3A%22all%4055%22%2C%22pbm%22%3A%22on%22%2C%22addur%22%3A%22off%4097%22%2C%22adlifecyc%22%3A%22off%4090%22%2C%22reqTo%22%3A%2215%4060%22%2C%22vadv%22%3A%22on%22%2C%22osp%22%3A%222%40100%22%2C%22dofre%22%3A%22off%4099%22%2C%22soblp%22%3A%22off%4095%22%2C%22csp%22%3A%22on%40100%22%2C%22vmaxdur%22%3A%2230%4098%22%2C%22jwpv%22%3A%228.30.0%4099%22%2C%22smhd100%22%3A%22off%22%2C%22conmax99%22%3A%22off%22%2C%22dcsll_ss2%22%3A%225.10%4010%22%2C%22ainv2%22%3A%221000%40100%22%2C%22scre%22%3A%22on%22%2C%22pbsflr1%22%3A%22off%4095%22%2C%22s2sbuff%22%3A%22300%4025%22%2C%22csync_lim%22%3A%220%4025%22%2C%22rpbs%22%3A%22off%4090%22%2C%22rmos1%22%3A%22off%4099%22%2C%22socon%22%3A%221%4033%22%2C%22rtbf%22%3A%22on%40100%22%2C%22dco%22%3A%22relaxed%40100%22%2C%22dajto%22%3A%22on%40100%22%2C%22jwb%22%3A%22on%4095%22%2C%22fldg%22%3A%22on%4050%22%2C%22vpred_1%22%3A%220.9%4096%22%2C%22crtvmon%22%3A%22off%4090%22%2C%22oxli%22%3A%22off%40100%22%2C%22pba%22%3A%22none%4099%22%2C%22amzn_hold_disp%22%3A%22off%4050%22%2C%22addens%22%3A%22off%4075%22%2C%22bmetrics%22%3A%22off%401%22%2C%22spa%22%3A%22off%400%22%2C%22fcp%22%3A%22topLeft%40100%22%2C%22confiant1%22%3A%22off%4090%22%2C%22scae%22%3A%22on%22%2C%22essa%22%3A%22on%22%2C%22dssmh%22%3A%222100%4010%22%2C%22dssc%22%3A%2225%4025%22%2C%22rrc%22%3A%22off%22%2C%22refsoflr%22%3A%220%4080%22%2C%22ssff%22%3A%22on%40100%22%2C%22jtte%22%3A%22on%40100%22%2C%22logcls%22%3A%22off%4090%22%2C%22mgncrbn%22%3A%22on%4025%22%2C%22nlsentrckr%22%3A%22off%40100%22%2C%22rebuildslot%22%3A%22on%4095%22%2C%22sre%22%3A%22off%40100%22%2C%22upl%22%3A%22off%4075%22%2C%22datapriv%22%3A%22off%4090%22%2C%22vcsu%22%3A%22on%40100%22%2C%22ssau%22%3A%22off%40100%22%2C%22pale%22%3A%22off%4099%22%2C%22dsle%22%3A%5B%22Continuing%20without%20bids%4099%22%2C%22xhr%20timeout%20after%4099%22%5D%2C%22mgtdtw%22%3A%220%4080%22%7D%2C%22pubab%22%3A%7B%7D%2C%22sess%22%3A%2201HGYJ9C2S8FZW2KY5GRZM37PC%22%2C%22pvk%22%3A%2201HGYJ9C2S3Q99MGV4DS2PTBNT%22%2C%22hbho%22%3A%5B%2233across%22%2C%22concert%22%2C%22resetdigital%22%5D%2C%22vbho%22%3A%5B%22resetdigital%22%2C%2233across%22%5D%2C%22spa%22%3Afalse%2C%22lmdv%22%3A%221.47.0%22%2C%22clsBranch%22%3A%223fe49da%22%2C%22clsBucket%22%3A%22prod%22%7D%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-68.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
0
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
Zdoy9NNfBgJjIsJeAelvzkJ22pvbGr0ctbtrzmt3RTRtdgqdwaD4Pw==
event
logger.adthrive.com/
21 B
473 B
XHR
General
Full URL
https://logger.adthrive.com/event?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=prod&branch=19998d0&deployment=stable&message=BaseDynamicAdsInjector%3A%3A_logDensityInfo&pageurl=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&body=%5B%7B%22onePerViewport%22%3Afalse%2C%22combinedMax%22%3A9%2C%22targetDensityUnits%22%3A4%2C%22targetDensityPercentage%22%3A0.99%2C%22mainContentHeight%22%3A6207%2C%22recipeCount%22%3A0%2C%22numberOfEls%22%3A4%7D%2C%7B%22abgroup%22%3A%7B%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22off%4075%22%2C%22mto%22%3A%224%4025%22%2C%22flrml1%22%3A%22cm%4010%22%2C%22fto%22%3A%224%4025%22%2C%22allbho%22%3A%5B%22off%400%22%5D%2C%22loglev%22%3A%22off%4099%22%2C%22hbho%22%3A%5B%2233across%4025%22%2C%22concert%405%22%2C%22resetdigital%4090%22%5D%2C%22optd%22%3A%22off%40100%22%2C%22idho%22%3A%5B%22FTrackId%22%5D%2C%22pbs2s%22%3A%5B%2233across%40100%22%2C%22conversant%40100%22%2C%22improve_ss%40100%22%2C%22pubm_ss%40100%22%2C%22resetdigital%40100%22%2C%22under_ss%40100%22%2C%22unruly%40100%22%2C%22yieldmo%40100%22%2C%22adform%40100%22%5D%2C%22adt2%22%3A%22500%4085%22%2C%22s2sparam%22%3A%22on%4099%22%2C%22multirefauc%22%3A%2220s%4010%22%2C%22coldr%22%3A%22both%40100%22%2C%22krgodr%22%3A%22client%4095%22%2C%22opnxdr%22%3A%22both%4098%22%2C%22magnitedr%22%3A%22both%4098%22%2C%22tripleliftdr%22%3A%22both%4098%22%2C%22yahoodr1%22%3A%22both%4098%22%2C%22ito_ds%22%3A%222700%4015%22%2C%223pho%22%3A%22none%4095%22%2C%22vbho%22%3A%5B%22resetdigital%4090%22%2C%2233across%40100%22%5D%2C%22optv%22%3A%22off%40100%22%2C%22cbt%22%3A%226s%405%22%2C%22vasttoisv%22%3A%2215s%4060%22%2C%22vasttoosv%22%3A%225s%4060%22%2C%22proto%22%3A%22all%4055%22%2C%22pbm%22%3A%22on%22%2C%22addur%22%3A%22off%4097%22%2C%22adlifecyc%22%3A%22off%4090%22%2C%22reqTo%22%3A%2215%4060%22%2C%22vadv%22%3A%22on%22%2C%22osp%22%3A%222%40100%22%2C%22dofre%22%3A%22off%4099%22%2C%22soblp%22%3A%22off%4095%22%2C%22csp%22%3A%22on%40100%22%2C%22vmaxdur%22%3A%2230%4098%22%2C%22jwpv%22%3A%228.30.0%4099%22%2C%22smhd100%22%3A%22off%22%2C%22conmax99%22%3A%22off%22%2C%22dcsll_ss2%22%3A%225.10%4010%22%2C%22ainv2%22%3A%221000%40100%22%2C%22scre%22%3A%22on%22%2C%22pbsflr1%22%3A%22off%4095%22%2C%22s2sbuff%22%3A%22300%4025%22%2C%22csync_lim%22%3A%220%4025%22%2C%22rpbs%22%3A%22off%4090%22%2C%22rmos1%22%3A%22off%4099%22%2C%22socon%22%3A%221%4033%22%2C%22rtbf%22%3A%22on%40100%22%2C%22dco%22%3A%22relaxed%40100%22%2C%22dajto%22%3A%22on%40100%22%2C%22jwb%22%3A%22on%4095%22%2C%22fldg%22%3A%22on%4050%22%2C%22vpred_1%22%3A%220.9%4096%22%2C%22crtvmon%22%3A%22off%4090%22%2C%22oxli%22%3A%22off%40100%22%2C%22pba%22%3A%22none%4099%22%2C%22amzn_hold_disp%22%3A%22off%4050%22%2C%22addens%22%3A%22off%4075%22%2C%22bmetrics%22%3A%22off%401%22%2C%22spa%22%3A%22off%400%22%2C%22fcp%22%3A%22topLeft%40100%22%2C%22confiant1%22%3A%22off%4090%22%2C%22scae%22%3A%22on%22%2C%22essa%22%3A%22on%22%2C%22dssmh%22%3A%222100%4010%22%2C%22dssc%22%3A%2225%4025%22%2C%22rrc%22%3A%22off%22%2C%22refsoflr%22%3A%220%4080%22%2C%22ssff%22%3A%22on%40100%22%2C%22jtte%22%3A%22on%40100%22%2C%22logcls%22%3A%22off%4090%22%2C%22mgncrbn%22%3A%22on%4025%22%2C%22nlsentrckr%22%3A%22off%40100%22%2C%22rebuildslot%22%3A%22on%4095%22%2C%22sre%22%3A%22off%40100%22%2C%22upl%22%3A%22off%4075%22%2C%22datapriv%22%3A%22off%4090%22%2C%22vcsu%22%3A%22on%40100%22%2C%22ssau%22%3A%22off%40100%22%2C%22pale%22%3A%22off%4099%22%2C%22dsle%22%3A%5B%22Continuing%20without%20bids%4099%22%2C%22xhr%20timeout%20after%4099%22%5D%2C%22mgtdtw%22%3A%220%4080%22%7D%2C%22pubab%22%3A%7B%7D%2C%22sess%22%3A%2201HGYJ9C2S8FZW2KY5GRZM37PC%22%2C%22pvk%22%3A%2201HGYJ9C2S3Q99MGV4DS2PTBNT%22%2C%22hbho%22%3A%5B%2233across%22%2C%22concert%22%2C%22resetdigital%22%5D%2C%22vbho%22%3A%5B%22resetdigital%22%2C%2233across%22%5D%2C%22spa%22%3Afalse%2C%22lmdv%22%3A%221.47.0%22%2C%22clsBranch%22%3A%223fe49da%22%2C%22clsBucket%22%3A%22prod%22%7D%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-68.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
0
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
3BBOzy1_DKOTivxqZYBcXhpYbdVBHdBtDynsFBhE4ofBfrpK8wkRvg==
ads.min.css
ads.adthrive.com/sites/5e0fcd6517a8be5a76a36c71/
1 KB
766 B
Stylesheet
General
Full URL
https://ads.adthrive.com/sites/5e0fcd6517a8be5a76a36c71/ads.min.css
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-54.sin52.r.cloudfront.net
Software
CloudFront /
Resource Hash
176e3e9e46d4e9976af862e271cfcea2ec2db8661100c0c2be6318955bd93306

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 19:01:54 GMT
content-encoding
gzip
via
1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN52-C3
age
29949
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600, s-maxage=86400
content-length
452
x-amz-cf-id
FpOCMBSMrpAhu6cDAwOrHfgGZlivPkynujEGMQqO33F1BgXbcyoMaA==
event
logger.adthrive.com/
21 B
471 B
XHR
General
Full URL
https://logger.adthrive.com/event?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=prod&branch=19998d0&deployment=stable&message=HealthReporter%3A%3Alog&pageurl=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&body=%5B%7B%22CLSReporter%22%3A%7B%22details%22%3A%5B%7B%22metric%22%3A%22clsType%22%2C%22value%22%3A%22plugin%22%7D%2C%7B%22metric%22%3A%22clsSlots%22%2C%22value%22%3A6%7D%5D%7D%7D%2C%7B%22abgroup%22%3A%7B%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22off%4075%22%2C%22mto%22%3A%224%4025%22%2C%22flrml1%22%3A%22cm%4010%22%2C%22fto%22%3A%224%4025%22%2C%22allbho%22%3A%5B%22off%400%22%5D%2C%22loglev%22%3A%22off%4099%22%2C%22hbho%22%3A%5B%2233across%4025%22%2C%22concert%405%22%2C%22resetdigital%4090%22%5D%2C%22optd%22%3A%22off%40100%22%2C%22idho%22%3A%5B%22FTrackId%22%5D%2C%22pbs2s%22%3A%5B%2233across%40100%22%2C%22conversant%40100%22%2C%22improve_ss%40100%22%2C%22pubm_ss%40100%22%2C%22resetdigital%40100%22%2C%22under_ss%40100%22%2C%22unruly%40100%22%2C%22yieldmo%40100%22%2C%22adform%40100%22%5D%2C%22adt2%22%3A%22500%4085%22%2C%22s2sparam%22%3A%22on%4099%22%2C%22multirefauc%22%3A%2220s%4010%22%2C%22coldr%22%3A%22both%40100%22%2C%22krgodr%22%3A%22client%4095%22%2C%22opnxdr%22%3A%22both%4098%22%2C%22magnitedr%22%3A%22both%4098%22%2C%22tripleliftdr%22%3A%22both%4098%22%2C%22yahoodr1%22%3A%22both%4098%22%2C%22ito_ds%22%3A%222700%4015%22%2C%223pho%22%3A%22none%4095%22%2C%22vbho%22%3A%5B%22resetdigital%4090%22%2C%2233across%40100%22%5D%2C%22optv%22%3A%22off%40100%22%2C%22cbt%22%3A%226s%405%22%2C%22vasttoisv%22%3A%2215s%4060%22%2C%22vasttoosv%22%3A%225s%4060%22%2C%22proto%22%3A%22all%4055%22%2C%22pbm%22%3A%22on%22%2C%22addur%22%3A%22off%4097%22%2C%22adlifecyc%22%3A%22off%4090%22%2C%22reqTo%22%3A%2215%4060%22%2C%22vadv%22%3A%22on%22%2C%22osp%22%3A%222%40100%22%2C%22dofre%22%3A%22off%4099%22%2C%22soblp%22%3A%22off%4095%22%2C%22csp%22%3A%22on%40100%22%2C%22vmaxdur%22%3A%2230%4098%22%2C%22jwpv%22%3A%228.30.0%4099%22%2C%22smhd100%22%3A%22off%22%2C%22conmax99%22%3A%22off%22%2C%22dcsll_ss2%22%3A%225.10%4010%22%2C%22ainv2%22%3A%221000%40100%22%2C%22scre%22%3A%22on%22%2C%22pbsflr1%22%3A%22off%4095%22%2C%22s2sbuff%22%3A%22300%4025%22%2C%22csync_lim%22%3A%220%4025%22%2C%22rpbs%22%3A%22off%4090%22%2C%22rmos1%22%3A%22off%4099%22%2C%22socon%22%3A%221%4033%22%2C%22rtbf%22%3A%22on%40100%22%2C%22dco%22%3A%22relaxed%40100%22%2C%22dajto%22%3A%22on%40100%22%2C%22jwb%22%3A%22on%4095%22%2C%22fldg%22%3A%22on%4050%22%2C%22vpred_1%22%3A%220.9%4096%22%2C%22crtvmon%22%3A%22off%4090%22%2C%22oxli%22%3A%22off%40100%22%2C%22pba%22%3A%22none%4099%22%2C%22amzn_hold_disp%22%3A%22off%4050%22%2C%22addens%22%3A%22off%4075%22%2C%22bmetrics%22%3A%22off%401%22%2C%22spa%22%3A%22off%400%22%2C%22fcp%22%3A%22topLeft%40100%22%2C%22confiant1%22%3A%22off%4090%22%2C%22scae%22%3A%22on%22%2C%22essa%22%3A%22on%22%2C%22dssmh%22%3A%222100%4010%22%2C%22dssc%22%3A%2225%4025%22%2C%22rrc%22%3A%22off%22%2C%22refsoflr%22%3A%220%4080%22%2C%22ssff%22%3A%22on%40100%22%2C%22jtte%22%3A%22on%40100%22%2C%22logcls%22%3A%22off%4090%22%2C%22mgncrbn%22%3A%22on%4025%22%2C%22nlsentrckr%22%3A%22off%40100%22%2C%22rebuildslot%22%3A%22on%4095%22%2C%22sre%22%3A%22off%40100%22%2C%22upl%22%3A%22off%4075%22%2C%22datapriv%22%3A%22off%4090%22%2C%22vcsu%22%3A%22on%40100%22%2C%22ssau%22%3A%22off%40100%22%2C%22pale%22%3A%22off%4099%22%2C%22dsle%22%3A%5B%22Continuing%20without%20bids%4099%22%2C%22xhr%20timeout%20after%4099%22%5D%2C%22mgtdtw%22%3A%220%4080%22%7D%2C%22pubab%22%3A%7B%7D%2C%22sess%22%3A%2201HGYJ9C2S8FZW2KY5GRZM37PC%22%2C%22pvk%22%3A%2201HGYJ9C2S3Q99MGV4DS2PTBNT%22%2C%22hbho%22%3A%5B%2233across%22%2C%22concert%22%2C%22resetdigital%22%5D%2C%22vbho%22%3A%5B%22resetdigital%22%2C%2233across%22%5D%2C%22spa%22%3Afalse%2C%22lmdv%22%3A%221.47.0%22%2C%22clsBranch%22%3A%223fe49da%22%2C%22clsBucket%22%3A%22prod%22%7D%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-68.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
0
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
J3WWxGY1iMD1LNEQ67too0VQuakO0LN6oZ5X0-865mtwontExTk3mw==
token
pixel.rubiconproject.com/
0
654 B
Image
General
Full URL
https://pixel.rubiconproject.com/token?pid=49096&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
4fbba76f-7987-4fa2-9733-c27eb3a2170b
config.aps.amazon-adsystem.com/configs/
537 B
803 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.120.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-23.hkg62.r.cloudfront.net
Software
CloudFront /
Resource Hash
2f4ca8e94fd219ef68dd057a0c262b68a52e525edac4d1f8799e761709d7f5b2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 02:44:36 GMT
via
1.1 104ea624e4f70962cafa61b5caab7622.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
HKG62-C1
age
2188
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
JHR7_uyxC57UZNVV1wLEvOSSWQ-lSQ84tZTSl6vt1PAcPsaa2hEjNA==
config
c.amazon-adsystem.com/cdn/prod/
762 B
1 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgfieldmoney.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.154.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-154-155.hkg54.r.cloudfront.net
Software
Server /
Resource Hash
531197442133e35509840be3ccf5a772fcc0a2f974ab1b4fb9c6fcaf213196b0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:03 GMT
via
1.1 137981e5b30a92372048b789c8ef0c66.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
HKG54-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
762
x-amz-cf-id
_iLV-dXFzYLxpKGTxk3AZpFS9dT2d4W9EvjEAFnHP8QmPUJSTxvicA==
page_load
pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/
60 B
367 B
Fetch
General
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/page_load
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.89.54.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-89-54-138.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
38a219bf88a26b001555e6e09f53d7a457c9b99696cc8c86020358bb3786a75a

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:05 GMT
access-control-allow-credentials
true
content-length
60
vary
Origin
content-type
application/json; charset=utf-8
page_load
pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/ Frame
0
0
Preflight
General
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/page_load
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.89.54.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-89-54-138.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://gfieldmoney.com
access-control-max-age
86400
date
Wed, 06 Dec 2023 03:21:04 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=Wm2H1XxFQ2FRQzNiV0tUT3lubGFqVkVXUVFhbE1qVURjb3cvd0N3VUgvZ01WeWJBR0VlR2xvVzhUUkdQTnNzNzRYSXlESGRBYzRpVGpQNUF3d1JVUFNwMVNyU2ZBTlBqVUdVS0M3N01XcVRjVXN4aGt6aEROME1pZHJ6akk3NjJieFowSmVTNUhKeTA5Tit3N1JReXN5ZXdUVWVnMFlmdmVoNktjZ0JsTEt1allSVGhwNFRMbkJoS244OEc4Ymd2WVcxcVFTTUNxeTFjbWxZdEx0UC9jcGMzVlYyZnpUcFJmeUZWbGdmNjBXaHB5U1dJPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 06 Dec 2023 03:21:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
318606
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
error
logger.adthrive.com/
21 B
480 B
XHR
General
Full URL
https://logger.adthrive.com/error?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=prod&branch=19998d0&deployment=stable&message=PrebidAuctionManager%3A%3A_logAuctionDebug%20auctionDebug&pageurl=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&body=%5B%7B%22type%22%3A%22ERROR%22%2C%22arguments%22%3A%7B%220%22%3A%22connectId%20module%3A%20ID%20fetch%20encountered%20an%20error%22%2C%221%22%3A%22%22%7D%7D%2C%7B%22abgroup%22%3A%7B%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22off%4075%22%2C%22mto%22%3A%224%4025%22%2C%22flrml1%22%3A%22cm%4010%22%2C%22fto%22%3A%224%4025%22%2C%22allbho%22%3A%5B%22off%400%22%5D%2C%22loglev%22%3A%22off%4099%22%2C%22hbho%22%3A%5B%2233across%4025%22%2C%22concert%405%22%2C%22resetdigital%4090%22%5D%2C%22optd%22%3A%22off%40100%22%2C%22idho%22%3A%5B%22FTrackId%22%5D%2C%22pbs2s%22%3A%5B%2233across%40100%22%2C%22conversant%40100%22%2C%22improve_ss%40100%22%2C%22pubm_ss%40100%22%2C%22resetdigital%40100%22%2C%22under_ss%40100%22%2C%22unruly%40100%22%2C%22yieldmo%40100%22%2C%22adform%40100%22%5D%2C%22adt2%22%3A%22500%4085%22%2C%22s2sparam%22%3A%22on%4099%22%2C%22multirefauc%22%3A%2220s%4010%22%2C%22coldr%22%3A%22both%40100%22%2C%22krgodr%22%3A%22client%4095%22%2C%22opnxdr%22%3A%22both%4098%22%2C%22magnitedr%22%3A%22both%4098%22%2C%22tripleliftdr%22%3A%22both%4098%22%2C%22yahoodr1%22%3A%22both%4098%22%2C%22ito_ds%22%3A%222700%4015%22%2C%223pho%22%3A%22none%4095%22%2C%22vbho%22%3A%5B%22resetdigital%4090%22%2C%2233across%40100%22%5D%2C%22optv%22%3A%22off%40100%22%2C%22cbt%22%3A%226s%405%22%2C%22vasttoisv%22%3A%2215s%4060%22%2C%22vasttoosv%22%3A%225s%4060%22%2C%22proto%22%3A%22all%4055%22%2C%22pbm%22%3A%22on%22%2C%22addur%22%3A%22off%4097%22%2C%22adlifecyc%22%3A%22off%4090%22%2C%22reqTo%22%3A%2215%4060%22%2C%22vadv%22%3A%22on%22%2C%22osp%22%3A%222%40100%22%2C%22dofre%22%3A%22off%4099%22%2C%22soblp%22%3A%22off%4095%22%2C%22csp%22%3A%22on%40100%22%2C%22vmaxdur%22%3A%2230%4098%22%2C%22jwpv%22%3A%228.30.0%4099%22%2C%22smhd100%22%3A%22off%22%2C%22conmax99%22%3A%22off%22%2C%22dcsll_ss2%22%3A%225.10%4010%22%2C%22ainv2%22%3A%221000%40100%22%2C%22scre%22%3A%22on%22%2C%22pbsflr1%22%3A%22off%4095%22%2C%22s2sbuff%22%3A%22300%4025%22%2C%22csync_lim%22%3A%220%4025%22%2C%22rpbs%22%3A%22off%4090%22%2C%22rmos1%22%3A%22off%4099%22%2C%22socon%22%3A%221%4033%22%2C%22rtbf%22%3A%22on%40100%22%2C%22dco%22%3A%22relaxed%40100%22%2C%22dajto%22%3A%22on%40100%22%2C%22jwb%22%3A%22on%4095%22%2C%22fldg%22%3A%22on%4050%22%2C%22vpred_1%22%3A%220.9%4096%22%2C%22crtvmon%22%3A%22off%4090%22%2C%22oxli%22%3A%22off%40100%22%2C%22pba%22%3A%22none%4099%22%2C%22amzn_hold_disp%22%3A%22off%4050%22%2C%22addens%22%3A%22off%4075%22%2C%22bmetrics%22%3A%22off%401%22%2C%22spa%22%3A%22off%400%22%2C%22fcp%22%3A%22topLeft%40100%22%2C%22confiant1%22%3A%22off%4090%22%2C%22scae%22%3A%22on%22%2C%22essa%22%3A%22on%22%2C%22dssmh%22%3A%222100%4010%22%2C%22dssc%22%3A%2225%4025%22%2C%22rrc%22%3A%22off%22%2C%22refsoflr%22%3A%220%4080%22%2C%22ssff%22%3A%22on%40100%22%2C%22jtte%22%3A%22on%40100%22%2C%22logcls%22%3A%22off%4090%22%2C%22mgncrbn%22%3A%22on%4025%22%2C%22nlsentrckr%22%3A%22off%40100%22%2C%22rebuildslot%22%3A%22on%4095%22%2C%22sre%22%3A%22off%40100%22%2C%22upl%22%3A%22off%4075%22%2C%22datapriv%22%3A%22off%4090%22%2C%22vcsu%22%3A%22on%40100%22%2C%22ssau%22%3A%22off%40100%22%2C%22pale%22%3A%22off%4099%22%2C%22dsle%22%3A%5B%22Continuing%20without%20bids%4099%22%2C%22xhr%20timeout%20after%4099%22%5D%2C%22mgtdtw%22%3A%220%4080%22%7D%2C%22pubab%22%3A%7B%7D%2C%22sess%22%3A%2201HGYJ9C2S8FZW2KY5GRZM37PC%22%2C%22pvk%22%3A%2201HGYJ9C2S3Q99MGV4DS2PTBNT%22%2C%22hbho%22%3A%5B%2233across%22%2C%22concert%22%2C%22resetdigital%22%5D%2C%22vbho%22%3A%5B%22resetdigital%22%2C%2233across%22%5D%2C%22spa%22%3Afalse%2C%22lmdv%22%3A%221.47.0%22%2C%22clsBranch%22%3A%223fe49da%22%2C%22clsBucket%22%3A%22prod%22%7D%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-68.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 16:17:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
content-length
21
x-amz-cf-id
1V-tb-2UFMGkXYvVLG4wnbrfDMM01dGafkokwAzh3dYuOd_jrP6Lpw==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_it=b9&cv=4.4.0%2B2311211132&ns__t=1701832864016&ns_c=UTF-8&cs_cfg=100&cs_ucfr=1&c7=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftra...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b9&cv=4.4.0%2B2311211132&ns__t=1701832864016&ns_c=UTF-8&cs_cfg=100&cs_ucfr=1&c7=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftr...
0
224 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b9&cv=4.4.0%2B2311211132&ns__t=1701832864016&ns_c=UTF-8&cs_cfg=100&cs_ucfr=1&c7=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&c8=Matador%20Transit30%202.0%20Packable%20Duffel%20Review%20%7C%20Pack%20Hacker&c9=
Protocol
H2
Server
13.33.33.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-36.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
via
1.1 bdcb0966d6e5d28eb31a406298268896.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SIN2-P1
x-amz-cf-id
wyVeoR4_i5c_Es9QKuoGPhHfQZ0GPc9C-LxGrFLEIe961Y0jD6FOLg==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 06 Dec 2023 03:21:04 GMT
via
1.1 bdcb0966d6e5d28eb31a406298268896.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=20567959&cs_it=b9&cv=4.4.0%2B2311211132&ns__t=1701832864016&ns_c=UTF-8&cs_cfg=100&cs_ucfr=1&c7=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&c8=Matador%20Transit30%202.0%20Packable%20Duffel%20Review%20%7C%20Pack%20Hacker&c9=
content-length
0
x-amz-cf-id
mmSKl79lrzhcgmIMy5ki_2qmet8x0zBJobpzAYy0YZXP6IKVFiV61A==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202307190925/
251 KB
77 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jul 2023 13:26:13 GMT
server
cloudflare
x-amz-request-id
ZA4EF8K4P0GD6GFM
age
455385
etag
W/"6c476793b39193c54a91ff561ef3a8e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
831165884e1389a6-SIN
alt-svc
h3=":443"; ma=86400
x-amz-id-2
vRLyregVWvX5qml7cKju1iW7Ud8MZ+JcPCyqSDx+NuL8SwFpEKVjnwCO62Y2xD+H9ywwG+w83KHfabCw6dUFcA==
launchpad.bundle.js
launchpad.privacymanager.io/latest/
126 KB
26 KB
Script
General
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-65.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51707ab5853e0c972604927c9eb91a5e7590d2037e33eeb636ab4204495d028c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
RqxhuEqCNd1s7.WeOk9hr4eUawsbzlx2
content-encoding
br
via
1.1 1d57d3cbfc5a5b868b460784e4cd7888.cloudfront.net (CloudFront)
date
Wed, 06 Dec 2023 02:52:21 GMT
last-modified
Thu, 30 Nov 2023 15:24:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
1724
x-amz-server-side-encryption
AES256
etag
W/"2c168941d7d5456860d15b9fc8c8d4e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
w6tCDCFBQ177wuFfyqx0YKf02O8HIc4pwxDo2egi-i1SwjHqk0_q0g==
googima.js
ssl.p.jwpcdn.com/player/v/8.30.0/
74 KB
22 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.0/googima.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79317f11dcdac37b3a021fd1e7a44aba3d372832c7aa1f6675178ac1d5e6cd48

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
via
1.1 varnish
age
9706
x-cache
HIT
content-length
22441
x-served-by
cache-hkg17934-HKG
last-modified
Mon, 23 Oct 2023 15:56:32 GMT
server
AmazonS3
x-timer
S1701832864.246046,VS0,VE0
etag
"a88261d323c729e1484aaf704131e34f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
1626
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.30.0/
64 KB
19 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.0/jwpsrv.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c45c8d7d2e9d3669de7a6c0fd986213fe7286afbf144c717cb0445faa515ae4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
via
1.1 varnish
age
590
x-cache
HIT
content-length
19644
x-served-by
cache-hkg17934-HKG
last-modified
Wed, 01 Nov 2023 21:28:51 GMT
server
AmazonS3
x-timer
S1701832864.245769,VS0,VE0
etag
"6f0ff3b48f406194043122212d1f49a8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
127
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.30.0/
318 KB
83 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.0/jwplayer.core.controls.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b8419f63bb4186ae86a73a201c75de3a4bbbcc1c2b7910443b02261a4b29174

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
via
1.1 varnish
age
3722157
x-cache
HIT
content-length
85289
x-served-by
cache-hkg17934-HKG
last-modified
Mon, 23 Oct 2023 15:56:26 GMT
server
AmazonS3
x-timer
S1701832864.246135,VS0,VE0
etag
"f71a099576f74e3ec9b82257622dea2c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
152565
zul2AaSz
cdn.jwplayer.com/v2/playlists/
87 KB
12 KB
XHR
General
Full URL
https://cdn.jwplayer.com/v2/playlists/zul2AaSz?max_resolution=1280&page_domain=gfieldmoney.com
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:2800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
2e6a78f506f274a2446d95daff9c9d5fcd149b8211bb84a0c99b8fb480d76c0d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
via
1.1 55c8386ba54fbe8ac7d89b90344d4344.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
11403
x-amz-cf-id
CIKjftnVGATl5lQq5B4MOLa4iAZvaOgRrGtnUtJP6w7rNupC1P7OsA==
expires
Wed, 06 Dec 2023 03:24:04
bid
aax.amazon-adsystem.com/e/dtb/
64 B
395 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&pid=5pv4Gb0cnQrJ7&cb=0&ws=1600x1200&v=23.1129.2055&t=2500&slots=%5B%7B%22sd%22%3A%22AdThrive_Footer_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5e0fcd6517a8be5a76a36c71%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%2C%22adRefresh%22%3A%220%22%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22language%22%3A%22en%22%7D%2C%22cat%22%3A%5B%22IAB20%22%5D%2C%22pagecat%22%3A%5B%22IAB20%22%5D%2C%22privacypolicy%22%3A1%2C%22mobile%22%3A1%2C%22cattax%22%3A1%2C%22ext%22%3A%7B%22data%22%3A%7B%22mcmp%22%3A%5B%22BA_RDTR1%22%2C%22iaba_719%22%5D%2C%22site_code%22%3A%5B%22AFOI_2020%22%2C%22ATZN_2020%22%2C%22EXFP_2020%22%2C%22EXHFCE_2021%22%2C%22GLDM_2021%22%2C%22GLU_2023%22%2C%22HUSA_2023%22%2C%22LBM_LS_2020%22%2C%22MIQWO_2022%22%2C%22MRLOI_22%22%2C%22NSTLE_22%22%2C%22REI_2021%22%2C%22SCPE_2023%22%2C%22TGNAF_21%22%2C%22TRGT_022020%22%2C%22TRVL_2021%22%2C%22TYS_062019%22%2C%22VITFM_21%22%5D%2C%22sens%22%3A%5B%22alc%22%2C%22ast%22%2C%22cbd%22%2C%22dat%22%2C%22gamv%22%2C%22pol%22%2C%22ssr%22%2C%22srh%22%2C%22wtl%22%5D%2C%22site_id%22%3A%5B%225e0fcd6517a8be5a76a36c71%22%5D%2C%22verticals%22%3A%5B%22Travel%22%5D%2C%22pmp_elig%22%3A%5Btrue%5D%7D%7D%7D%2C%22user%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%22719%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A4%7D%7D%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C5e0fcd6517a8be5a76a36c71%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.96.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-96-216.sin2.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:03 GMT
via
1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
2v4llx1KRWWMNiLkq6jAxc5jeoBdLUIJnaFoZFa_Cc0sWWheEx4Wcg==
bid
aax.amazon-adsystem.com/e/dtb/
64 B
396 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&pid=5pv4Gb0cnQrJ7&cb=1&ws=1600x1200&v=23.1129.2055&t=2500&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_9_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%2C%22120x240%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F5e0fcd6517a8be5a76a36c71%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%2C%22adRefresh%22%3A%220%22%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22language%22%3A%22en%22%7D%2C%22cat%22%3A%5B%22IAB20%22%5D%2C%22pagecat%22%3A%5B%22IAB20%22%5D%2C%22privacypolicy%22%3A1%2C%22mobile%22%3A1%2C%22cattax%22%3A1%2C%22ext%22%3A%7B%22data%22%3A%7B%22mcmp%22%3A%5B%22BA_RDTR1%22%2C%22iaba_719%22%5D%2C%22site_code%22%3A%5B%22AFOI_2020%22%2C%22ATZN_2020%22%2C%22EXFP_2020%22%2C%22EXHFCE_2021%22%2C%22GLDM_2021%22%2C%22GLU_2023%22%2C%22HUSA_2023%22%2C%22LBM_LS_2020%22%2C%22MIQWO_2022%22%2C%22MRLOI_22%22%2C%22NSTLE_22%22%2C%22REI_2021%22%2C%22SCPE_2023%22%2C%22TGNAF_21%22%2C%22TRGT_022020%22%2C%22TRVL_2021%22%2C%22TYS_062019%22%2C%22VITFM_21%22%5D%2C%22sens%22%3A%5B%22alc%22%2C%22ast%22%2C%22cbd%22%2C%22dat%22%2C%22gamv%22%2C%22pol%22%2C%22ssr%22%2C%22srh%22%2C%22wtl%22%5D%2C%22site_id%22%3A%5B%225e0fcd6517a8be5a76a36c71%22%5D%2C%22verticals%22%3A%5B%22Travel%22%5D%2C%22pmp_elig%22%3A%5Btrue%5D%7D%7D%7D%2C%22user%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%22719%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A4%7D%7D%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C5e0fcd6517a8be5a76a36c71%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.96.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-96-216.sin2.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
via
1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
49x4G83SbmeQcVgy4SXotQmw6xMS1bpPe4RhXBgqHdyos80xbHQ6kQ==
bid
aax.amazon-adsystem.com/e/dtb/
64 B
397 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&pid=5pv4Gb0cnQrJ7&cb=2&ws=1600x1200&v=23.1129.2055&t=2500&slots=%5B%7B%22sd%22%3A%22AdThrive_Content_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Content_1%2F5e0fcd6517a8be5a76a36c71%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%2C%22adRefresh%22%3A%220%22%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22language%22%3A%22en%22%7D%2C%22cat%22%3A%5B%22IAB20%22%5D%2C%22pagecat%22%3A%5B%22IAB20%22%5D%2C%22privacypolicy%22%3A1%2C%22mobile%22%3A1%2C%22cattax%22%3A1%2C%22ext%22%3A%7B%22data%22%3A%7B%22mcmp%22%3A%5B%22BA_RDTR1%22%2C%22iaba_719%22%5D%2C%22site_code%22%3A%5B%22AFOI_2020%22%2C%22ATZN_2020%22%2C%22EXFP_2020%22%2C%22EXHFCE_2021%22%2C%22GLDM_2021%22%2C%22GLU_2023%22%2C%22HUSA_2023%22%2C%22LBM_LS_2020%22%2C%22MIQWO_2022%22%2C%22MRLOI_22%22%2C%22NSTLE_22%22%2C%22REI_2021%22%2C%22SCPE_2023%22%2C%22TGNAF_21%22%2C%22TRGT_022020%22%2C%22TRVL_2021%22%2C%22TYS_062019%22%2C%22VITFM_21%22%5D%2C%22sens%22%3A%5B%22alc%22%2C%22ast%22%2C%22cbd%22%2C%22dat%22%2C%22gamv%22%2C%22pol%22%2C%22ssr%22%2C%22srh%22%2C%22wtl%22%5D%2C%22site_id%22%3A%5B%225e0fcd6517a8be5a76a36c71%22%5D%2C%22verticals%22%3A%5B%22Travel%22%5D%2C%22pmp_elig%22%3A%5Btrue%5D%7D%7D%7D%2C%22user%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%22719%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A4%7D%7D%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C5e0fcd6517a8be5a76a36c71%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.96.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-96-216.sin2.r.cloudfront.net
Software
Server /
Resource Hash
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:03 GMT
via
1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
3S0k7Av8kGlA2PQg5Ao9CKM-1MAxN3xxbhCJuiaYM7o3_RXKyHhYWQ==
bid
aax.amazon-adsystem.com/e/dtb/
64 B
397 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&pid=5pv4Gb0cnQrJ7&cb=3&ws=1600x1200&v=23.1129.2055&t=2500&slots=%5B%7B%22sd%22%3A%22AdThrive_Content_2_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Content_2%2F5e0fcd6517a8be5a76a36c71%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%2C%22adRefresh%22%3A%220%22%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22language%22%3A%22en%22%7D%2C%22cat%22%3A%5B%22IAB20%22%5D%2C%22pagecat%22%3A%5B%22IAB20%22%5D%2C%22privacypolicy%22%3A1%2C%22mobile%22%3A1%2C%22cattax%22%3A1%2C%22ext%22%3A%7B%22data%22%3A%7B%22mcmp%22%3A%5B%22BA_RDTR1%22%2C%22iaba_719%22%5D%2C%22site_code%22%3A%5B%22AFOI_2020%22%2C%22ATZN_2020%22%2C%22EXFP_2020%22%2C%22EXHFCE_2021%22%2C%22GLDM_2021%22%2C%22GLU_2023%22%2C%22HUSA_2023%22%2C%22LBM_LS_2020%22%2C%22MIQWO_2022%22%2C%22MRLOI_22%22%2C%22NSTLE_22%22%2C%22REI_2021%22%2C%22SCPE_2023%22%2C%22TGNAF_21%22%2C%22TRGT_022020%22%2C%22TRVL_2021%22%2C%22TYS_062019%22%2C%22VITFM_21%22%5D%2C%22sens%22%3A%5B%22alc%22%2C%22ast%22%2C%22cbd%22%2C%22dat%22%2C%22gamv%22%2C%22pol%22%2C%22ssr%22%2C%22srh%22%2C%22wtl%22%5D%2C%22site_id%22%3A%5B%225e0fcd6517a8be5a76a36c71%22%5D%2C%22verticals%22%3A%5B%22Travel%22%5D%2C%22pmp_elig%22%3A%5Btrue%5D%7D%7D%7D%2C%22user%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%22719%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A4%7D%7D%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C5e0fcd6517a8be5a76a36c71%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.96.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-96-216.sin2.r.cloudfront.net
Software
Server /
Resource Hash
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:03 GMT
via
1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
yWfOVyWzZnzvi2caOJ0BfUBI_p3hLjKeKvVoSYZJS_ylLMqXz3ZctQ==
bid
aax.amazon-adsystem.com/e/dtb/
64 B
396 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&pid=5pv4Gb0cnQrJ7&cb=4&ws=1600x1200&v=23.1129.2055&t=2500&slots=%5B%7B%22sd%22%3A%22AdThrive_Content_3_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Content_3%2F5e0fcd6517a8be5a76a36c71%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%2C%22adRefresh%22%3A%220%22%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22language%22%3A%22en%22%7D%2C%22cat%22%3A%5B%22IAB20%22%5D%2C%22pagecat%22%3A%5B%22IAB20%22%5D%2C%22privacypolicy%22%3A1%2C%22mobile%22%3A1%2C%22cattax%22%3A1%2C%22ext%22%3A%7B%22data%22%3A%7B%22mcmp%22%3A%5B%22BA_RDTR1%22%2C%22iaba_719%22%5D%2C%22site_code%22%3A%5B%22AFOI_2020%22%2C%22ATZN_2020%22%2C%22EXFP_2020%22%2C%22EXHFCE_2021%22%2C%22GLDM_2021%22%2C%22GLU_2023%22%2C%22HUSA_2023%22%2C%22LBM_LS_2020%22%2C%22MIQWO_2022%22%2C%22MRLOI_22%22%2C%22NSTLE_22%22%2C%22REI_2021%22%2C%22SCPE_2023%22%2C%22TGNAF_21%22%2C%22TRGT_022020%22%2C%22TRVL_2021%22%2C%22TYS_062019%22%2C%22VITFM_21%22%5D%2C%22sens%22%3A%5B%22alc%22%2C%22ast%22%2C%22cbd%22%2C%22dat%22%2C%22gamv%22%2C%22pol%22%2C%22ssr%22%2C%22srh%22%2C%22wtl%22%5D%2C%22site_id%22%3A%5B%225e0fcd6517a8be5a76a36c71%22%5D%2C%22verticals%22%3A%5B%22Travel%22%5D%2C%22pmp_elig%22%3A%5Btrue%5D%7D%7D%7D%2C%22user%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%22719%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A4%7D%7D%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C5e0fcd6517a8be5a76a36c71%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.96.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-96-216.sin2.r.cloudfront.net
Software
Server /
Resource Hash
13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:03 GMT
via
1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
4j8s32y7VL_4_MOnij0u5pkNFC2psoVVLQSgMVF5cRBhYH4tHhPJ3w==
bid
aax.amazon-adsystem.com/e/dtb/
64 B
397 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&pid=5pv4Gb0cnQrJ7&cb=5&ws=1600x1200&v=23.1129.2055&t=2500&slots=%5B%7B%22sd%22%3A%22AdThrive_Content_4_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Content_4%2F5e0fcd6517a8be5a76a36c71%22%7D%5D&pj=%7B%22us_privacy%22%3A%221YNY%22%2C%22adRefresh%22%3A%220%22%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22language%22%3A%22en%22%7D%2C%22cat%22%3A%5B%22IAB20%22%5D%2C%22pagecat%22%3A%5B%22IAB20%22%5D%2C%22privacypolicy%22%3A1%2C%22mobile%22%3A1%2C%22cattax%22%3A1%2C%22ext%22%3A%7B%22data%22%3A%7B%22mcmp%22%3A%5B%22BA_RDTR1%22%2C%22iaba_719%22%5D%2C%22site_code%22%3A%5B%22AFOI_2020%22%2C%22ATZN_2020%22%2C%22EXFP_2020%22%2C%22EXHFCE_2021%22%2C%22GLDM_2021%22%2C%22GLU_2023%22%2C%22HUSA_2023%22%2C%22LBM_LS_2020%22%2C%22MIQWO_2022%22%2C%22MRLOI_22%22%2C%22NSTLE_22%22%2C%22REI_2021%22%2C%22SCPE_2023%22%2C%22TGNAF_21%22%2C%22TRGT_022020%22%2C%22TRVL_2021%22%2C%22TYS_062019%22%2C%22VITFM_21%22%5D%2C%22sens%22%3A%5B%22alc%22%2C%22ast%22%2C%22cbd%22%2C%22dat%22%2C%22gamv%22%2C%22pol%22%2C%22ssr%22%2C%22srh%22%2C%22wtl%22%5D%2C%22site_id%22%3A%5B%225e0fcd6517a8be5a76a36c71%22%5D%2C%22verticals%22%3A%5B%22Travel%22%5D%2C%22pmp_elig%22%3A%5Btrue%5D%7D%7D%7D%2C%22user%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%22719%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A4%7D%7D%5D%7D%7D%7D&schain=1.0%2C1!cafemedia.com%2C5e0fcd6517a8be5a76a36c71%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.96.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-96-216.sin2.r.cloudfront.net
Software
Server /
Resource Hash
0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:03 GMT
via
1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
agw34nsspUyy-gx9vtXJuTELqYQwnCXrkYDKPwpwju0pz5leOsQ9SQ==
error
logger.adthrive.com/
21 B
476 B
XHR
General
Full URL
https://logger.adthrive.com/error?siteId=5e0fcd6517a8be5a76a36c71&siteName=Pack%20Hacker&bucket=prod&branch=19998d0&deployment=stable&message=PrebidAuctionManager%3A%3A_logAuctionDebug%20auctionDebug&pageurl=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&body=%5B%7B%22type%22%3A%22ERROR%22%2C%22arguments%22%3A%7B%220%22%3A%2233acrossId%3A%20Unsuccessful%20response%20Country%20not%20allowed%22%7D%7D%2C%7B%22abgroup%22%3A%7B%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22off%4075%22%2C%22mto%22%3A%224%4025%22%2C%22flrml1%22%3A%22cm%4010%22%2C%22fto%22%3A%224%4025%22%2C%22allbho%22%3A%5B%22off%400%22%5D%2C%22loglev%22%3A%22off%4099%22%2C%22hbho%22%3A%5B%2233across%4025%22%2C%22concert%405%22%2C%22resetdigital%4090%22%5D%2C%22optd%22%3A%22off%40100%22%2C%22idho%22%3A%5B%22FTrackId%22%5D%2C%22pbs2s%22%3A%5B%2233across%40100%22%2C%22conversant%40100%22%2C%22improve_ss%40100%22%2C%22pubm_ss%40100%22%2C%22resetdigital%40100%22%2C%22under_ss%40100%22%2C%22unruly%40100%22%2C%22yieldmo%40100%22%2C%22adform%40100%22%5D%2C%22adt2%22%3A%22500%4085%22%2C%22s2sparam%22%3A%22on%4099%22%2C%22multirefauc%22%3A%2220s%4010%22%2C%22coldr%22%3A%22both%40100%22%2C%22krgodr%22%3A%22client%4095%22%2C%22opnxdr%22%3A%22both%4098%22%2C%22magnitedr%22%3A%22both%4098%22%2C%22tripleliftdr%22%3A%22both%4098%22%2C%22yahoodr1%22%3A%22both%4098%22%2C%22ito_ds%22%3A%222700%4015%22%2C%223pho%22%3A%22none%4095%22%2C%22vbho%22%3A%5B%22resetdigital%4090%22%2C%2233across%40100%22%5D%2C%22optv%22%3A%22off%40100%22%2C%22cbt%22%3A%226s%405%22%2C%22vasttoisv%22%3A%2215s%4060%22%2C%22vasttoosv%22%3A%225s%4060%22%2C%22proto%22%3A%22all%4055%22%2C%22pbm%22%3A%22on%22%2C%22addur%22%3A%22off%4097%22%2C%22adlifecyc%22%3A%22off%4090%22%2C%22reqTo%22%3A%2215%4060%22%2C%22vadv%22%3A%22on%22%2C%22osp%22%3A%222%40100%22%2C%22dofre%22%3A%22off%4099%22%2C%22soblp%22%3A%22off%4095%22%2C%22csp%22%3A%22on%40100%22%2C%22vmaxdur%22%3A%2230%4098%22%2C%22jwpv%22%3A%228.30.0%4099%22%2C%22smhd100%22%3A%22off%22%2C%22conmax99%22%3A%22off%22%2C%22dcsll_ss2%22%3A%225.10%4010%22%2C%22ainv2%22%3A%221000%40100%22%2C%22scre%22%3A%22on%22%2C%22pbsflr1%22%3A%22off%4095%22%2C%22s2sbuff%22%3A%22300%4025%22%2C%22csync_lim%22%3A%220%4025%22%2C%22rpbs%22%3A%22off%4090%22%2C%22rmos1%22%3A%22off%4099%22%2C%22socon%22%3A%221%4033%22%2C%22rtbf%22%3A%22on%40100%22%2C%22dco%22%3A%22relaxed%40100%22%2C%22dajto%22%3A%22on%40100%22%2C%22jwb%22%3A%22on%4095%22%2C%22fldg%22%3A%22on%4050%22%2C%22vpred_1%22%3A%220.9%4096%22%2C%22crtvmon%22%3A%22off%4090%22%2C%22oxli%22%3A%22off%40100%22%2C%22pba%22%3A%22none%4099%22%2C%22amzn_hold_disp%22%3A%22off%4050%22%2C%22addens%22%3A%22off%4075%22%2C%22bmetrics%22%3A%22off%401%22%2C%22spa%22%3A%22off%400%22%2C%22fcp%22%3A%22topLeft%40100%22%2C%22confiant1%22%3A%22off%4090%22%2C%22scae%22%3A%22on%22%2C%22essa%22%3A%22on%22%2C%22dssmh%22%3A%222100%4010%22%2C%22dssc%22%3A%2225%4025%22%2C%22rrc%22%3A%22off%22%2C%22refsoflr%22%3A%220%4080%22%2C%22ssff%22%3A%22on%40100%22%2C%22jtte%22%3A%22on%40100%22%2C%22logcls%22%3A%22off%4090%22%2C%22mgncrbn%22%3A%22on%4025%22%2C%22nlsentrckr%22%3A%22off%40100%22%2C%22rebuildslot%22%3A%22on%4095%22%2C%22sre%22%3A%22off%40100%22%2C%22upl%22%3A%22off%4075%22%2C%22datapriv%22%3A%22off%4090%22%2C%22vcsu%22%3A%22on%40100%22%2C%22ssau%22%3A%22off%40100%22%2C%22pale%22%3A%22off%4099%22%2C%22dsle%22%3A%5B%22Continuing%20without%20bids%4099%22%2C%22xhr%20timeout%20after%4099%22%5D%2C%22mgtdtw%22%3A%220%4080%22%7D%2C%22pubab%22%3A%7B%7D%2C%22sess%22%3A%2201HGYJ9C2S8FZW2KY5GRZM37PC%22%2C%22pvk%22%3A%2201HGYJ9C2S3Q99MGV4DS2PTBNT%22%2C%22hbho%22%3A%5B%2233across%22%2C%22concert%22%2C%22resetdigital%22%5D%2C%22vbho%22%3A%5B%22resetdigital%22%2C%2233across%22%5D%2C%22spa%22%3Afalse%2C%22lmdv%22%3A%221.47.0%22%2C%22clsBranch%22%3A%223fe49da%22%2C%22clsBucket%22%3A%22prod%22%7D%5D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-68.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 16:17:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
content-length
21
x-amz-cf-id
3OllDACSqNd2zCxDOUQWR23U8p9ZAhNrtr8pYYrWEIHQBP7owgeRYg==
/
geo.privacymanager.io/ Frame
0
0
Preflight
General
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-13.cdg50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 06 Dec 2023 03:21:05 GMT
via
1.1 38f98563ce0383d146e2eef6f867b714.cloudfront.net (CloudFront), 1.1 a5a1b1bd5c5ec5b1378fad5d0770b5e0.cloudfront.net (CloudFront)
x-amz-apigw-id
PgFJNEpjjoEEkNw=
x-amz-cf-id
jrssKEVlAQPs388v40omKRtDv5s34pnZnQr9aVEagrNeMefKbshF3g==
x-amz-cf-pop
CDG50-C1 CDG50-P2
x-amzn-requestid
a2691722-6884-4eb4-b74f-0c19299705e4
x-cache
Miss from cloudfront
/
geo.privacymanager.io/
28 B
615 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-13.cdg50.r.cloudfront.net
Software
/
Resource Hash
9b421b9b77fb6b30849932d7538f2f051debd7d5c8c36dd9521f8e65a32df895

Request headers

Accept
application/json
Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Dec 2023 17:30:04 GMT
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront), 1.1 a5a1b1bd5c5ec5b1378fad5d0770b5e0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, CDG50-P2
age
35461
x-amzn-requestid
116a214c-25c5-4558-ba1a-eb756e74416d
x-amzn-trace-id
Root=1-656f5e1c-4ad087167fac93626dbbdcd2;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
PeukdExGjoEEbng=
content-length
28
x-amz-cf-id
YHplsgPHqxBk_DPVLNA4f7Co4S6dELhodg5riyQT7gip_RdA5b4T_Q==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
lgc
d9.flashtalking.com/
162 B
769 B
XHR
General
Full URL
https://d9.flashtalking.com/lgc
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.112.170.251 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-112-170-251.ap-northeast-1.compute.amazonaws.com
Software
Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash
32a919ee73aad66bc1e66d70580d66ae49a41230bb00c685d50e1fea8dc972e1

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Wed, 06 Dec 2023 03:21:03 GMT
Server
Apache/2.4.56 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods
GET,POST,SERVER
P3P
policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin
https://gfieldmoney.com
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
162
AyDnpDc8EequjhbLYD__cQ.json
entitlements.jwplayer.com/
70 B
249 B
XHR
General
Full URL
https://entitlements.jwplayer.com/AyDnpDc8EequjhbLYD__cQ.json
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.62.252 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (hkc/BD10) /
Resource Hash
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
last-modified
Wed, 06 Dec 2023 02:57:37 GMT
server
ECAcc (hkc/BD10)
age
1407
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=9840
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/
365 KB
126 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd5b60ffc3ca0727647beaa306e807665623255c6aefc7ec3ce78bde5af14621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128283
x-xss-protection
0
expires
Wed, 06 Dec 2023 03:21:04 GMT
img.png
d9.flashtalking.com/img/
70 B
326 B
Image
General
Full URL
https://d9.flashtalking.com/img/img.png?cnx=cd5b12c2cc1b8a1b480e47b8ebc87e1f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.112.170.251 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-112-170-251.ap-northeast-1.compute.amazonaws.com
Software
Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 03:21:03 GMT
Access-Control-Allow-Credentials
true
Server
Apache/2.4.56 () OpenSSL/1.0.2k-fips
Connection
keep-alive
Content-Length
70
Access-Control-Allow-Methods
GET,POST,SERVER
Content-Type
image/png
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1701832864421&se=e30&duid=554e01b63a9f--01hgyj9c5ey4ghxgdw9serm474&pu=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&wpn=prebid
  • https://rp4.liadm.com/j?se=e30&duid=554e01b63a9f--01hgyj9c5ey4ghxgdw9serm474&dtstmp=1701832864421&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&i6=Mj...
13 B
319 B
XHR
General
Full URL
https://rp4.liadm.com/j?se=e30&duid=554e01b63a9f--01hgyj9c5ey4ghxgdw9serm474&dtstmp=1701832864421&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&i6=MjAwMTpkZjE6ODAwOmEwMGE6MTI6Ojk%3D
Protocol
H2
Server
3.215.46.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-46-21.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
x-pixel-event-id
ba0df7c6-1ef6-49eb-adc4-a79e9679fdcf
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
13

Redirect headers

location
https://rp4.liadm.com/j?se=e30&duid=554e01b63a9f--01hgyj9c5ey4ghxgdw9serm474&dtstmp=1701832864421&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&i6=MjAwMTpkZjE6ODAwOmEwMGE6MTI6Ojk%3D
access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:05 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
id5-api.js
cdn.id5-sync.com/api/1.0/
151 KB
33 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Nov 2023 11:19:25 GMT
server
cloudflare
x-amz-request-id
QCE15SSPNVR0Z3YA
age
2147
etag
W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8311658b083d9fb3-SIN
x-amz-id-2
pPsR7gtUbiYzwsiydf4fK8DJW7pvdlVpWfOPSt/bm47LZfCYbzj/GEQbGNjjWK+mNb8BiJ+H/cPQ1PlqYKnOmg==
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.30.0/
413 KB
123 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.0/provider.hlsjs.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ee7830c5b6fcf588dd338e19cc0f305f8f2fd07d6189f09aa70748023d1ca08

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
via
1.1 varnish
age
3722158
x-cache
HIT
content-length
126154
x-served-by
cache-hkg17934-HKG
last-modified
Mon, 23 Oct 2023 15:56:29 GMT
server
AmazonS3
x-timer
S1701832865.604964,VS0,VE0
etag
"ac8db5646766d8df3efbd6f48ef054bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
133439
N7dniXtO-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/N7dniXtO-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/N7dniXtO-120.vtt
5 KB
1 KB
XHR
General
Full URL
https://assets-jpcust.jwpsrv.com/strips/N7dniXtO-120.vtt
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a6965a81caab08d9527ee2ec7eb81d60e709e308517f5873e2d30ed8b5fa1357

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
42
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
966
x-served-by
cache-iad-kiad7000050-IAD, cache-qpg1228-QPG
last-modified
Thu, 08 Jun 2023 13:22:05 GMT
server
nginx
x-timer
S1701832865.793057,VS0,VE240
etag
"cd8e8b31817fd28484fa85cfabdd267b"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
94454, 1283

Redirect headers

date
Wed, 06 Dec 2023 03:20:22 GMT
via
1.1 55c8386ba54fbe8ac7d89b90344d4344.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
SIN52-C3
age
42
x-cache
Hit from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/N7dniXtO-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
ArROxu2WGdjnWyQ9AaHRqIIuTsAuJocKcGw1CspLcjpEUihkq4gBqQ==
related.js
ssl.p.jwpcdn.com/player/v/8.30.0/
103 KB
25 KB
Script
General
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.0/related.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
250553fd5318233a8fae063430ebde889cca2c4193d7b0e688b80578f9a98ba2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
via
1.1 varnish
age
3724966
x-cache
HIT
content-length
25137
x-served-by
cache-hkg17934-HKG
last-modified
Mon, 23 Oct 2023 15:56:31 GMT
server
AmazonS3
x-timer
S1701832865.729109,VS0,VE0
etag
"eef5502a106c89d71de48accd0ea2e74"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
94198
N7dniXtO.m3u8
cdn.jwplayer.com/manifests/
0
0

a99qib5s-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/N7dniXtO/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/a99qib5s-720.jpg
73 KB
70 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/a99qib5s-720.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
60d51b076550b4ccabccb895caa53d05b3fc837b80577bd022aee573efb2ace5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
592
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
71221
x-served-by
cache-iad-kcgs7200177-IAD, cache-hkg17934-HKG
last-modified
Thu, 08 Jun 2023 13:53:24 GMT
server
nginx
x-timer
S1701832865.786854,VS0,VE222
etag
"fac3ba9f07bc4dfd228a6d6e80e7714a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
172459, 1

Redirect headers

date
Wed, 06 Dec 2023 03:20:22 GMT
via
1.1 cc2beda7b70d44b6ed40dda2c22f45e4.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
SIN52-C3
age
42
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/a99qib5s-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
UwEP4Wn-LHG3HMl9nBmEV98fX2Hw0G3Eto60LYxDTiQTUYaX9Hctwg==
a99qib5s-1280.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/N7dniXtO/poster.jpg?width=1280
  • https://assets-jpcust.jwpsrv.com/thumbnails/a99qib5s-1280.jpg
184 KB
169 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/a99qib5s-1280.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
678b7e15eb9de6ebcde7944fb03591d26312dc2e27fba935ce771c7b2b265a22

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
318
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
172670
x-served-by
cache-iad-kiad7000087-IAD, cache-hkg17934-HKG
last-modified
Thu, 08 Jun 2023 13:53:25 GMT
server
nginx
x-timer
S1701832865.017281,VS0,VE237
etag
"957adc74e2f59512c20ef05c41b1365e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
73897, 1

Redirect headers

date
Wed, 06 Dec 2023 03:21:04 GMT
via
1.1 cc2beda7b70d44b6ed40dda2c22f45e4.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
SIN52-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/a99qib5s-1280.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
5qjyclHstfn0rSdRuIiik8LEmUqR6KzHvzZWDS8JyQmRTIa9NW5M0w==
ping.gif
prd.jwpltx.com/v1/jwplayer6/
0
202 B
Image
General
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1218981537&e=e&n=2461965482629329&abc=0&abt=128_sendDomainToFeedsOn&aid=AyDnpDc8EequjhbLYD__cQ&amp=0&ask=DmULPHgQ&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=3&emi=rziwqsbcrvbd&i=0&id=q9Akigoq&lid=1vje3k6n84ol&lsa=read&mt=1&pbd=1&pbr=1&pgi=1vd7euc1mtc4&ph=1&pid=A9dOLzcW&pii=0&pl=411&plc=30&pli=172shg84wdzo&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Matador%20Transit30%202.0%20Packable%20Duffel%20Review%20%7C%20Pack%20Hacker&pu=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&pv=8.30.0&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=ORTLIEB%20Atrack%20Metrosphere%20Review&tv=3.43.1&vb=0&vi=0&vl=90&wd=730&ab=1&cae=0&cb=0&cdid=zul2AaSz&cme=0&dd=1&fed=zul2AaSz&flc=1&fv=&ga=0&lng=en-US&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2Fq9Akigoq.m3u8%3Fmax_resolution%3D1280&pbc=0&pd=2&pdr=&plng=en-US&plt=1700&pni=0&po=0&sp=0&st=570&sa=1701832864716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:c000:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
via
1.1 475d669d6a669094dfa09def007f90d6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P1
x-amz-cf-id
er93y-yq6Em-_biHWAyzQxY8XWUzP45vBik1yolgrJ2PUvIhePk1ig==
x-cache
Miss from cloudfront
bridge3.607.0_en.html
imasdk.googleapis.com/js/core/ Frame B12D
751 KB
241 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa7c1276f417b6409b5a96ad98272c276421b816c86954a30511f6c4fd9c7156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
104060
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246373
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 22:26:44 GMT
expires
Tue, 03 Dec 2024 22:26:44 GMT
last-modified
Mon, 04 Dec 2023 15:54:30 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::94 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Dec 2023 03:21:04 GMT
q9Akigoq-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/q9Akigoq-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/q9Akigoq-120.vtt
5 KB
1 KB
XHR
General
Full URL
https://assets-jpcust.jwpsrv.com/strips/q9Akigoq-120.vtt
Protocol
H2
Server
2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ea0c1ebfb58d8eaffdbff26055fc64c4177a4a1f97dd6004ef7947bea239022

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
310
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
957
x-served-by
cache-iad-kjyo7100119-IAD, cache-qpg1228-QPG
last-modified
Thu, 13 Apr 2023 08:43:17 GMT
server
nginx
x-timer
S1701832865.139229,VS0,VE244
etag
"3a7d429d56d36ca7918e3d03af648c4a"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
14292, 1

Redirect headers

date
Wed, 06 Dec 2023 03:21:04 GMT
via
1.1 55c8386ba54fbe8ac7d89b90344d4344.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/q9Akigoq-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
U8R2yn4DJN3lPF_viLf3cSNExTmuHP8mHTe0BOv2PyxBlHlGXFKEUQ==
c9ncqh61-1280.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/q9Akigoq/poster.jpg?width=1280
  • https://assets-jpcust.jwpsrv.com/thumbnails/c9ncqh61-1280.jpg
280 KB
263 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/c9ncqh61-1280.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e0c6a562837328cd841d7cd3697b2d5b2262b4b2c10288732b4b6f1ea9758d9a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
308
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
268646
x-served-by
cache-iad-kjyo7100059-IAD, cache-hkg17934-HKG
last-modified
Thu, 13 Apr 2023 12:10:27 GMT
server
nginx
x-timer
S1701832865.018114,VS0,VE225
etag
"803374a9884c7d1f2f599e05dcad54f5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
6, 0

Redirect headers

date
Wed, 06 Dec 2023 03:21:04 GMT
via
1.1 cc2beda7b70d44b6ed40dda2c22f45e4.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
SIN52-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/c9ncqh61-1280.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
G9BdUUKjMdDbOIm5kXQk2wVLrozCuT58ORrctbHz633A_QAYjnchXA==
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C00E
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 06 Dec 2023 04:19:04 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://gfieldmoney.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 06 Dec 2023 03:21:04 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://gfieldmoney.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 06 Dec 2023 03:21:04 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://gfieldmoney.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 06 Dec 2023 03:21:04 GMT
server
ATS/9.1.10.94
cookie_sync
prebid-server.rubiconproject.com/
4 KB
1 KB
XHR
General
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
1029480afeb454e41b9dda46310031459139a88002496050508f4edaf911da9e

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
871
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
393 B
593 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c6a2aa23f6603c40864471994c70ea3cd3ef19cbb5cae88b0279507b692e4989

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.4.0
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
295
Expires
0
bid-request
a.teads.tv/hb/
16 B
614 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.137 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 06 Dec 2023 03:21:04 GMT
pbjs
htlb.casalemedia.com/openrtb/
37 B
550 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185770
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da91e2996489ec8881adad79a4752f6ed1e0dd7b5f3d4b92e4fd6f1f4622b49

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuSoboc%2Bi89AXMRNKBxrCyxEiIg8eDvY8n%2BkLXut4fDFswSdLsowTQqr%2BmbqkOYnzEOXZd9i9d9SFDA4wq8exQUGpiGDiwosew4zy%2BA%2BySiANnIZLdTDTx94SPbqiCH92xSQTziK"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8311658d6ebd4020-SIN
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
krk2.kargo.com/api/v1/
2 B
466 B
XHR
General
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.43.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-43-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
0
194 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=51392229803&lsavail=1&bundle=6SVtKl91cEt2MXJ2OEhmNlliamtvbjBXdVdsZSUyRm1QR1dkZTE4YzVCRlBuOHM3aEpuUGNlWGRnd0RtemlVS0JHNkFMZzBRcm5CZmVPQ1h3Sm9oZWtpS2NHMUJWcHZHS3JnanNrJTJCcmM4MzFWUEZMTDdDNm1VTDlRTlBGNzdWRkdzamk2TE0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:04 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/
19 B
542 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tmax=2700&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.77.74.133 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-74-133.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
accept-ch
sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/
24 B
366 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.54.176 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
176.54.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fa0af46a444925a72ec683af6696e118df01b05b4ea443f85db250ee87e89ab8

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 06 Dec 2023 03:21:05 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebidjs
rtb.openx.net/openrtbb/
53 B
340 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
8e7b8e684af6f31fee678372d462d19545650c6700e6f16876f2b606d45c0a13

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bidRequest
c2shb.ssp.yahoo.com/
62 B
114 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a9694d00177771bcae21c6a7d880025&cmd=bid&sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cwtl&eidcriteo.com=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA&eidpubcid.org=f2197854-45e8-4bc8-be5e-4683d1f7cb55&eidadserver.org=437452d1-aafd-4446-a1b7-f65bb0385bb9&eidneustar.biz=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po&secure=1&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
47c939e8ba93f036a2ce9c64641200090ed807b9d6341322c7925c31947e42b7

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
78
bidRequest
c2shb.ssp.yahoo.com/
62 B
505 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a969d580177771bc13c2046cd280081&cmd=bid&sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cwtl&eidcriteo.com=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA&eidpubcid.org=f2197854-45e8-4bc8-be5e-4683d1f7cb55&eidadserver.org=437452d1-aafd-4446-a1b7-f65bb0385bb9&eidneustar.biz=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po&secure=1&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
83c40ccb11a783f4dc1df01cb8227b7de89dd18763277a4607f378cbdb8141b8

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/
62 B
113 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a9694d00177771bcae2204408520056&cmd=bid&sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cwtl&eidcriteo.com=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA&eidpubcid.org=f2197854-45e8-4bc8-be5e-4683d1f7cb55&eidadserver.org=437452d1-aafd-4446-a1b7-f65bb0385bb9&eidneustar.biz=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po&secure=1&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e7e3fed4ae2d9434bd9cdae2cf3f0f7394995d0a9ca84e236986c0e770ac467c

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
80
translator
hbopenbid.pubmatic.com/
0
113 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
947 B
981 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881416&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117%2C221&p_pos=atf&us_privacy=1YNY&rp_schain=1.0,1!cafemedia.com,5e0fcd6517a8be5a76a36c71,1,,,&eid_criteo.com=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA%5E1&eid_pubcid.org=f2197854-45e8-4bc8-be5e-4683d1f7cb55%5E1&tpid_tdid=437452d1-aafd-4446-a1b7-f65bb0385bb9&eid_adserver.org=437452d1-aafd-4446-a1b7-f65bb0385bb9&eid_neustar.biz=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po%5E1&eid_flashtalking.com=3ab4e59ec3f84877bb77617c70066218%5E1&rf=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tg_v.iab=719&tg_i.domain=gfieldmoney.com&tg_i.page=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tg_i.cat=IAB20&tg_i.pagecat=IAB20&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.site_code=AFOI_2020%2CATZN_2020%2CEXFP_2020%2CEXHFCE_2021%2CGLDM_2021%2CGLU_2023%2CHUSA_2023%2CLBM_LS_2020%2CMIQWO_2022%2CMRLOI_22%2CNSTLE_22%2CREI_2021%2CSCPE_2023%2CTGNAF_21%2CTRGT_022020%2CTRVL_2021%2CTYS_062019%2CVITFM_21&tg_i.sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cwtl&tg_i.site_id=5e0fcd6517a8be5a76a36c71&tg_i.verticals=Travel&tg_i.pmp_elig=true&tg_i.mcmp=BA_RDTR1%2Ciaba_719&tg_i.refresh=false&tg_i.vp=0&tg_i.hvp=80&tg_i.pos=atf&tg_i.pbadslot=%2F18190176%2FAdThrive_Footer_1%2F5e0fcd6517a8be5a76a36c71&tk_flint=pbjs_lite_v8.5.0&x_source.tid=0f6ac7a3-3340-4de3-b61d-cce39ce434b4&l_pb_bid_id=4829fb1ffbe9642&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8c79bf80-f93b-4bd2-8cfe-a1f2e90315b7&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Footer_1%2F5e0fcd6517a8be5a76a36c71&slots=1&rand=0.64839718895547
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b0ec22a65a7cd9b1000a3b65237394669b9af089c3e8b2b3c0f9250b037d5ef6

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
947
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
117 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
02d2d8c28fa50fe67e708e6300ff65169a1f25c204e6022455608da94bd4b282

Request headers

Referer
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
120 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
67374445830fbb1e824a654c7e4c10b29aff6daa205eb538c8e8753d7ff8b318

Request headers

Referer
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
117 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
9cc9ca8396a702a991a820c2b1afa7a8149468aff25984f5e6cdd066854be58e

Request headers

Referer
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
84
prebid
ib.adnxs.com/ut/v3/
139 B
703 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
59c70a11861a4fe80bf815bf63c5954b9000dde7ef42c78416c4451cdd4bf729
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
an-x-request-uuid
a247736b-2fc4-4de3-a08b-ae935ca4d0d9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
209.58.162.208; 209.58.162.208; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cafemedia
direct.adsrvr.org/bid/bidder/
0
399 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.197.196.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae69789f15ba8a942.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
137 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.69.12 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:05 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
imp
g2.gumgum.com/hbid/
2 KB
1 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701832864883&to=-480&aun=AdThrive_Footer_1_desktop&criteoId=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA&pubcid=f2197854-45e8-4bc8-be5e-4683d1f7cb55&tdid=437452d1-aafd-4446-a1b7-f65bb0385bb9&fabrickId=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po&ftrackId=3ab4e59ec3f84877bb77617c70066218&gpid=%2F18190176%2FAdThrive_Footer_1%2F5e0fcd6517a8be5a76a36c71&t=g95nznmj&pi=2&uspConsent=1YNY&schain=1.0%2C1!cafemedia.com%2C5e0fcd6517a8be5a76a36c71%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.5.0%22%7D&ogu=null&ns=10035
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.73.167.231 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-167-231.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
31b84e5bf53d334df59468eb95f0860ffc417b5c6c20eaa15e24027b8a2fd127

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
2 B
329 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701832864884&to=-480&aun=AdThrive_Footer_1_desktop&criteoId=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA&pubcid=f2197854-45e8-4bc8-be5e-4683d1f7cb55&tdid=437452d1-aafd-4446-a1b7-f65bb0385bb9&fabrickId=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po&ftrackId=3ab4e59ec3f84877bb77617c70066218&gpid=%2F18190176%2FAdThrive_Footer_1%2F5e0fcd6517a8be5a76a36c71&t=klpfgzh&pi=2&uspConsent=1YNY&schain=1.0%2C1!cafemedia.com%2C5e0fcd6517a8be5a76a36c71%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.5.0%22%7D&ogu=null&ns=10035
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.73.167.231 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-167-231.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
prebid
exchange.postrelease.com/
0
392 B
XHR
General
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_eid=W3sic291cmNlIjoiY3JpdGVvLmNvbSIsInVpZHMiOlt7ImlkIjoiSnZwVDVWOVBjWGdsTWtJeU1rdEdjVEZHY0ZaWFZtTnJiVE5QUzJjeU0waDJXRkl5TUVsSWJWcGFSa1owTTI1elRYZEZjRU16ZHlVeVFtWktVbWwzUVhaVlVXOWhSRTl2VW1KQmFsRTRlaVV5Um5kWlIweFVaWHBsWkUwM1kyWjFaeVV6UkNVelJBIiwiYXR5cGUiOjF9XX0seyJzb3VyY2UiOiJwdWJjaWQub3JnIiwidWlkcyI6W3siaWQiOiJmMjE5Nzg1NC00NWU4LTRiYzgtYmU1ZS00NjgzZDFmN2NiNTUiLCJhdHlwZSI6MX1dfSx7InNvdXJjZSI6ImFkc2VydmVyLm9yZyIsInVpZHMiOlt7ImlkIjoiNDM3NDUyZDEtYWFmZC00NDQ2LWExYjctZjY1YmIwMzg1YmI5IiwiYXR5cGUiOjEsImV4dCI6eyJydGlQYXJ0bmVyIjoiVERJRCJ9fV19LHsic291cmNlIjoibmV1c3Rhci5iaXoiLCJ1aWRzIjpbeyJpZCI6IkUxOmVOVDFOYmxiN29nSlhEMjhHcVZIQ3dxU0tMblpuUnd3MlBBSHQ3cUw4N1p6LWZvc0R2M29Fa1VBbnBZTFVkWDJobmhCTEhOU0t2Q3d6ZDh5MTVISDdLeUNucU92aGdvTWlmYmhtSV8zUTFJV0hRM0FyTVU0cVVrWWRsUTNDNnBvIiwiYXR5cGUiOjF9XX0seyJzb3VyY2UiOiJmbGFzaHRhbGtpbmcuY29tIiwidWlkcyI6W3siaWQiOiIzYWI0ZTU5ZWMzZjg0ODc3YmI3NzYxN2M3MDA2NjIxOCIsImF0eXBlIjoxLCJleHQiOnsiSEhJRCI6ImIyYjI2MjE3ODY4MTRlMTFhZWY4ZTc2YzgzNjllNjZmIiwiRGV2aWNlSUQiOiIzYWI0ZTU5ZWMzZjg0ODc3YmI3NzYxN2M3MDA2NjIxOCIsIlNpbmdsZURldmljZUlEIjoiM2FiNGU1OWVjM2Y4NDg3N2JiNzc2MTdjNzAwNjYyMTgifX1dfV0=&us_privacy=1YNY&ntv_pbv=v8.5.0&ntv_pb_rid=68ce29c82f36ea4&ntv_ppc=W3siYWRVbml0Q29kZSI6IkFkVGhyaXZlX0Zvb3Rlcl8xX2Rlc2t0b3AiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1s3MjgsOTBdLFszMjAsNTBdLFs5NzAsOTBdLFszMDAsNTBdLFszMjAsMTAwXSxbNDY4LDYwXSxbMSwxXV0sInBvcyI6MX19fV0=&ntv_dbr=eyJBZFRocml2ZV9Gb290ZXJfMV9kZXNrdG9wIjowfQ==&ntv_url=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.254.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-254-37.us-west-2.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://gfieldmoney.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 06 Dec 2023 03:21:04 GMT
server
ATS/9.1.10.94
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://gfieldmoney.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 06 Dec 2023 03:21:04 GMT
server
ATS/9.1.10.94
auction
prebid-server.rubiconproject.com/openrtb2/
393 B
591 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
0d864c1e7978cc37ae4d7ece75871821510659f2f1a4d8ea5dabcb69ea66b2cc

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.4.0
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
293
Expires
0
bid-request
a.teads.tv/hb/
16 B
614 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.137 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 06 Dec 2023 03:21:04 GMT
pbjs
htlb.casalemedia.com/openrtb/
37 B
315 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185795
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b09a554597f0aaaddcf6085a3c1038d4efe58178262797bba0ccf4f1cc73c69

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=733vJKz46B01tfCa54BFOtnblQFVX2%2FHF%2B%2FjVeae8pa3Iw%2BxI4HNEVhES%2FBUBYZ6WARV6%2FXSLtGb06FyeV56G3WoiI%2BHbelTokfYQ1K84joFxA3RSCqPc7YLQz7NAxhNxgWIcUEh"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8311658dbf484020-SIN
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
krk2.kargo.com/api/v1/
2 B
465 B
XHR
General
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.43.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-43-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
0
193 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=4026279454&lsavail=1&bundle=6SVtKl91cEt2MXJ2OEhmNlliamtvbjBXdVdsZSUyRm1QR1dkZTE4YzVCRlBuOHM3aEpuUGNlWGRnd0RtemlVS0JHNkFMZzBRcm5CZmVPQ1h3Sm9oZWtpS2NHMUJWcHZHS3JnanNrJTJCcmM4MzFWUEZMTDdDNm1VTDlRTlBGNzdWRkdzamk2TE0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:04 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/
19 B
541 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tmax=2700&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.77.74.133 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-74-133.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/
25 B
367 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.54.176 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
176.54.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
63e0cbcf779f6e821048704e0e4114eb9acc4508b5dfba4a5d9a8ff3123b2609

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 06 Dec 2023 03:21:05 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
prebidjs
rtb.openx.net/openrtbb/
53 B
220 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
90d463422e0471054884ff260806a04980a9bef2be414b0ecc3b0632e985fe8f

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bidRequest
c2shb.ssp.yahoo.com/
62 B
111 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a969d580177771bc13c2045ff6b0080&cmd=bid&sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cwtl&eidcriteo.com=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA&eidpubcid.org=f2197854-45e8-4bc8-be5e-4683d1f7cb55&eidadserver.org=437452d1-aafd-4446-a1b7-f65bb0385bb9&eidneustar.biz=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po&secure=1&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
b89d1edf5ba44740b482bc38e87f09fee095492b84b2e090b6b9a241b64780e1

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
78
bidRequest
c2shb.ssp.yahoo.com/
62 B
113 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a96918c0177771bc6521c6b5f4e003f&cmd=bid&sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cwtl&eidcriteo.com=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA&eidpubcid.org=f2197854-45e8-4bc8-be5e-4683d1f7cb55&eidadserver.org=437452d1-aafd-4446-a1b7-f65bb0385bb9&eidneustar.biz=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po&secure=1&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
393e72c2e8fa9241b4df79b80a5a95c22b461c52d6bb5ad5c11f9f824766f64e

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
80
translator
hbopenbid.pubmatic.com/
0
57 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
946 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881478&size_id=15&alt_size_ids=14%2C43%2C44%2C48%2C117&p_pos=atf&us_privacy=1YNY&rp_schain=1.0,1!cafemedia.com,5e0fcd6517a8be5a76a36c71,1,,,&eid_criteo.com=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA%5E1&eid_pubcid.org=f2197854-45e8-4bc8-be5e-4683d1f7cb55%5E1&tpid_tdid=437452d1-aafd-4446-a1b7-f65bb0385bb9&eid_adserver.org=437452d1-aafd-4446-a1b7-f65bb0385bb9&eid_neustar.biz=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po%5E1&eid_flashtalking.com=3ab4e59ec3f84877bb77617c70066218%5E1&rf=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tg_v.iab=719&tg_i.domain=gfieldmoney.com&tg_i.page=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tg_i.cat=IAB20&tg_i.pagecat=IAB20&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.site_code=AFOI_2020%2CATZN_2020%2CEXFP_2020%2CEXHFCE_2021%2CGLDM_2021%2CGLU_2023%2CHUSA_2023%2CLBM_LS_2020%2CMIQWO_2022%2CMRLOI_22%2CNSTLE_22%2CREI_2021%2CSCPE_2023%2CTGNAF_21%2CTRGT_022020%2CTRVL_2021%2CTYS_062019%2CVITFM_21&tg_i.sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cwtl&tg_i.site_id=5e0fcd6517a8be5a76a36c71&tg_i.verticals=Travel&tg_i.pmp_elig=true&tg_i.mcmp=BA_RDTR1%2Ciaba_719&tg_i.refresh=false&tg_i.vp=0&tg_i.hvp=70&tg_i.pos=atf&tg_i.pbadslot=%2F18190176%2FAdThrive_Sidebar_9%2F5e0fcd6517a8be5a76a36c71&tk_flint=pbjs_lite_v8.5.0&x_source.tid=b9397e74-dd3d-40ba-b62f-cd03b8f790dc&l_pb_bid_id=1120c99b29d7dac7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b942f24e-abdf-400a-b953-a55d2bef0124&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Sidebar_9%2F5e0fcd6517a8be5a76a36c71&slots=1&rand=0.39041999708225084
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a867e9fbe001835aadb596a02d8f2e87ac56bf845856a012be22e86d1f511b5a

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
946
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
117 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
cbdc55635532ef65c56705045464dcf11c2cc28d86b980baf77e1d5481628bf6

Request headers

Referer
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
117 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
f2172615981c43e01c798717d98555e63347212812d1f9ae3394e8b3dedbceb5

Request headers

Referer
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
84
prebid
ib.adnxs.com/ut/v3/
140 B
704 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f2da8f3a69f111cf43dc0aa98f030f1c7dc9933ea736a88ca232fdf5d7333121
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
an-x-request-uuid
6f25a5dc-97a8-4863-8b98-474d64e96a46
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
209.58.162.208; 209.58.162.208; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cafemedia
direct.adsrvr.org/bid/bidder/
0
399 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.197.196.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae69789f15ba8a942.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/
2 B
138 B
XHR
General
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.237.69.12 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:05 GMT
access-control-allow-credentials
true
server
openresty
content-length
2
content-type
application/json
hb
hb.undertone.com/
0
520 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=2002&domain=gfieldmoney.com&ccpa=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-85.sin52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
via
1.1 a9cfec72cfc71c81978b7bbf79189fdc.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://gfieldmoney.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
-ojuAPzYFAy_qZz61hGHR4e-Zm3VPaHc8RvI4-Kz_zUwDkPq4jmAeQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://gfieldmoney.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 06 Dec 2023 03:21:04 GMT
server
ATS/9.1.10.94
auction
prebid-server.rubiconproject.com/openrtb2/
289 B
534 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a735aaf3e44579c6bc8296bcfcd4ea07d8c90d1d6c470c6f402920581c518b0a

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.4.0
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
236
Expires
0
bid-request
a.teads.tv/hb/
16 B
614 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.137 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 06 Dec 2023 03:21:05 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
523 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185761
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
704eb7a77983841233527735535708aa94bb2173ab466e276b7cb54630a68762

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5qNPMws%2Fz5XGrTRF8ye4OnxilETOQFZgn3RBOp6hJJ3szzxCzjAM3EJFcCmf3zSpiEsKPg2rSCoNcfyA6Cgq%2FpRQieh3xKXc1rya%2FevqXGMZov3gVO3d%2FHpbMQJE3d5uk0eVMlw"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8311658dfba33f4a-SIN
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
krk2.kargo.com/api/v1/
2 B
465 B
XHR
General
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.43.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-43-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
0
193 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=52681921482&lsavail=1&bundle=6SVtKl91cEt2MXJ2OEhmNlliamtvbjBXdVdsZSUyRm1QR1dkZTE4YzVCRlBuOHM3aEpuUGNlWGRnd0RtemlVS0JHNkFMZzBRcm5CZmVPQ1h3Sm9oZWtpS2NHMUJWcHZHS3JnanNrJTJCcmM4MzFWUEZMTDdDNm1VTDlRTlBGNzdWRkdzamk2TE0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:04 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/
19 B
541 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tmax=2700&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.77.74.133 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-74-133.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
accept-ch
sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/
25 B
367 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.54.176 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
176.54.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4a0e963ee7ef39e9219f0c4d66ba7687e8cd11bde4259862e74a3facf2f4a8b9

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 06 Dec 2023 03:21:05 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
640715bfe1cf1889d4596bd23bd71223cced6f44d898a083667af7ad57f77fd7

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bidRequest
c2shb.ssp.yahoo.com/
62 B
113 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a96918c0177771bc65220467ff60092&cmd=bid&sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cwtl&eidcriteo.com=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA&eidpubcid.org=f2197854-45e8-4bc8-be5e-4683d1f7cb55&eidadserver.org=437452d1-aafd-4446-a1b7-f65bb0385bb9&eidneustar.biz=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po&secure=1&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
da522d11df985cb6337ae1daaf0b2faa3a42f331480b2317c81ecac7fc6bd190

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
80
translator
hbopenbid.pubmatic.com/
0
57 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
929 B
963 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881398&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117&us_privacy=1YNY&rp_schain=1.0,1!cafemedia.com,5e0fcd6517a8be5a76a36c71,1,,,&eid_criteo.com=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA%5E1&eid_pubcid.org=f2197854-45e8-4bc8-be5e-4683d1f7cb55%5E1&tpid_tdid=437452d1-aafd-4446-a1b7-f65bb0385bb9&eid_adserver.org=437452d1-aafd-4446-a1b7-f65bb0385bb9&eid_neustar.biz=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po%5E1&eid_flashtalking.com=3ab4e59ec3f84877bb77617c70066218%5E1&rf=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tg_v.iab=719&tg_i.domain=gfieldmoney.com&tg_i.page=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tg_i.cat=IAB20&tg_i.pagecat=IAB20&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.site_code=AFOI_2020%2CATZN_2020%2CEXFP_2020%2CEXHFCE_2021%2CGLDM_2021%2CGLU_2023%2CHUSA_2023%2CLBM_LS_2020%2CMIQWO_2022%2CMRLOI_22%2CNSTLE_22%2CREI_2021%2CSCPE_2023%2CTGNAF_21%2CTRGT_022020%2CTRVL_2021%2CTYS_062019%2CVITFM_21&tg_i.sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cwtl&tg_i.site_id=5e0fcd6517a8be5a76a36c71&tg_i.verticals=Travel&tg_i.pmp_elig=true&tg_i.mcmp=BA_RDTR1%2Ciaba_719&tg_i.refresh=false&tg_i.vp=0&tg_i.hvp=0&tg_i.pbadslot=%2F18190176%2FAdThrive_Content%2F5e0fcd6517a8be5a76a36c71&tk_flint=pbjs_lite_v8.5.0&x_source.tid=d3ad24bd-2879-4892-8715-cb1f58c2ab8b&l_pb_bid_id=166135f9bde329d5&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d88c9be1-190a-4079-849f-55b70ae61504&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Content%2F5e0fcd6517a8be5a76a36c71&slots=1&rand=0.1840764876508285
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ce1a179fbee6c392df0b03b01f246faee929c6e97787b186917e4fb0c602620f

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
929
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
113 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e33999413d635cd73264a68baab5f91bf77d6bc81f36e3787f7ba69572e35d26

Request headers

Referer
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
content-length
80
prebid
ib.adnxs.com/ut/v3/
140 B
703 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
dd65b61e02a09a9fa4ce5868092aa3057c1efea8e0cd2b8dd15b6620e2d6e39b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
an-x-request-uuid
de7791b4-5845-495f-9cc8-1ae049dea97a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
209.58.162.208; 209.58.162.208; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cafemedia
direct.adsrvr.org/bid/bidder/
0
399 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.197.196.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae69789f15ba8a942.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
hb
hb.undertone.com/
0
519 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=2002&domain=gfieldmoney.com&ccpa=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-85.sin52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
via
1.1 a9cfec72cfc71c81978b7bbf79189fdc.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://gfieldmoney.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
IdxVEWdFd5F9hmz9eI29J1ZxIp0KRg9ApHYVVVEVyhTulP92SBjGLg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/
2 KB
1 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701832864964&to=-480&aun=AdThrive_Content_1_desktop&criteoId=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA&pubcid=f2197854-45e8-4bc8-be5e-4683d1f7cb55&tdid=437452d1-aafd-4446-a1b7-f65bb0385bb9&fabrickId=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po&ftrackId=3ab4e59ec3f84877bb77617c70066218&gpid=%2F18190176%2FAdThrive_Content%2F5e0fcd6517a8be5a76a36c71&t=g95nznmj&pi=3&maxw=970&maxh=90&si=913891&bf=728x90%2C320x50%2C970x90%2C300x50%2C320x100%2C468x60&uspConsent=1YNY&schain=1.0%2C1!cafemedia.com%2C5e0fcd6517a8be5a76a36c71%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.5.0%22%7D&ogu=null&ns=10035
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.73.167.231 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-167-231.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9bb72a7f8ed597c1e20b7242370d747af17827b6ee092d4e8e478c8f7f32d204

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
exchange.postrelease.com/
0
392 B
XHR
General
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_eid=W3sic291cmNlIjoiY3JpdGVvLmNvbSIsInVpZHMiOlt7ImlkIjoiSnZwVDVWOVBjWGdsTWtJeU1rdEdjVEZHY0ZaWFZtTnJiVE5QUzJjeU0waDJXRkl5TUVsSWJWcGFSa1owTTI1elRYZEZjRU16ZHlVeVFtWktVbWwzUVhaVlVXOWhSRTl2VW1KQmFsRTRlaVV5Um5kWlIweFVaWHBsWkUwM1kyWjFaeVV6UkNVelJBIiwiYXR5cGUiOjF9XX0seyJzb3VyY2UiOiJwdWJjaWQub3JnIiwidWlkcyI6W3siaWQiOiJmMjE5Nzg1NC00NWU4LTRiYzgtYmU1ZS00NjgzZDFmN2NiNTUiLCJhdHlwZSI6MX1dfSx7InNvdXJjZSI6ImFkc2VydmVyLm9yZyIsInVpZHMiOlt7ImlkIjoiNDM3NDUyZDEtYWFmZC00NDQ2LWExYjctZjY1YmIwMzg1YmI5IiwiYXR5cGUiOjEsImV4dCI6eyJydGlQYXJ0bmVyIjoiVERJRCJ9fV19LHsic291cmNlIjoibmV1c3Rhci5iaXoiLCJ1aWRzIjpbeyJpZCI6IkUxOmVOVDFOYmxiN29nSlhEMjhHcVZIQ3dxU0tMblpuUnd3MlBBSHQ3cUw4N1p6LWZvc0R2M29Fa1VBbnBZTFVkWDJobmhCTEhOU0t2Q3d6ZDh5MTVISDdLeUNucU92aGdvTWlmYmhtSV8zUTFJV0hRM0FyTVU0cVVrWWRsUTNDNnBvIiwiYXR5cGUiOjF9XX0seyJzb3VyY2UiOiJmbGFzaHRhbGtpbmcuY29tIiwidWlkcyI6W3siaWQiOiIzYWI0ZTU5ZWMzZjg0ODc3YmI3NzYxN2M3MDA2NjIxOCIsImF0eXBlIjoxLCJleHQiOnsiSEhJRCI6ImIyYjI2MjE3ODY4MTRlMTFhZWY4ZTc2YzgzNjllNjZmIiwiRGV2aWNlSUQiOiIzYWI0ZTU5ZWMzZjg0ODc3YmI3NzYxN2M3MDA2NjIxOCIsIlNpbmdsZURldmljZUlEIjoiM2FiNGU1OWVjM2Y4NDg3N2JiNzc2MTdjNzAwNjYyMTgifX1dfV0=&us_privacy=1YNY&ntv_pbv=v8.5.0&ntv_pb_rid=177b1678fcd68499&ntv_ppc=W3siYWRVbml0Q29kZSI6IkFkVGhyaXZlX0NvbnRlbnRfMV9kZXNrdG9wIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbNzI4LDkwXSxbMzIwLDUwXSxbOTcwLDkwXSxbMzAwLDUwXSxbMzIwLDEwMF0sWzQ2OCw2MF1dfX19XQ==&ntv_dbr=eyJBZFRocml2ZV9Gb290ZXJfMV9kZXNrdG9wIjowLCJBZFRocml2ZV9Db250ZW50XzFfZGVza3RvcCI6MH0=&ntv_url=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.254.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-254-37.us-west-2.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/
277 B
527 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
664363d957b1c2ca0b27b7be854b406cd3638e85330f1cc4b3016c4984c937e1

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.4.0
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
229
Expires
0
bid-request
a.teads.tv/hb/
16 B
381 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.137 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 06 Dec 2023 03:21:05 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
488 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185762
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd812cde3d6955684b4dc5132fbe09177716162f2f958b554a3c4ecac2c77676

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=554vNs45ZXQ%2BOVVDTSXPV7HtJYkUwhSONWAqPKvRM3KqC9Y8EvwYazC9%2B1etK4Nm77F4m21odjNO%2ByfksXqYI06XPGsdA%2FqD4U50ytT9296%2BS6reUcn262u7BZrgT65c46mPUULU"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8311658e2bcd3f4a-SIN
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
krk2.kargo.com/api/v1/
2 B
465 B
XHR
General
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.43.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-43-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
0
193 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=61474513110&lsavail=1&bundle=6SVtKl91cEt2MXJ2OEhmNlliamtvbjBXdVdsZSUyRm1QR1dkZTE4YzVCRlBuOHM3aEpuUGNlWGRnd0RtemlVS0JHNkFMZzBRcm5CZmVPQ1h3Sm9oZWtpS2NHMUJWcHZHS3JnanNrJTJCcmM4MzFWUEZMTDdDNm1VTDlRTlBGNzdWRkdzamk2TE0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:04 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/
19 B
541 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tmax=2700&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.77.74.133 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-74-133.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:04 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/
25 B
367 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.54.176 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
176.54.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
085df9fc57e9242c6d5a230ecd67311dcd014c42906e5a2c2a1419d8cdc266e8

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 06 Dec 2023 03:21:05 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
478f094a474dbbe83eecaa65c822b13519b20ba35375e3f71264b035919423c7

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/
0
57 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
929 B
986 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881400&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117&us_privacy=1YNY&rp_schain=1.0,1!cafemedia.com,5e0fcd6517a8be5a76a36c71,1,,,&eid_criteo.com=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA%5E1&eid_pubcid.org=f2197854-45e8-4bc8-be5e-4683d1f7cb55%5E1&tpid_tdid=437452d1-aafd-4446-a1b7-f65bb0385bb9&eid_adserver.org=437452d1-aafd-4446-a1b7-f65bb0385bb9&eid_neustar.biz=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po%5E1&eid_flashtalking.com=3ab4e59ec3f84877bb77617c70066218%5E1&rf=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tg_v.iab=719&tg_i.domain=gfieldmoney.com&tg_i.page=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tg_i.cat=IAB20&tg_i.pagecat=IAB20&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.site_code=AFOI_2020%2CATZN_2020%2CEXFP_2020%2CEXHFCE_2021%2CGLDM_2021%2CGLU_2023%2CHUSA_2023%2CLBM_LS_2020%2CMIQWO_2022%2CMRLOI_22%2CNSTLE_22%2CREI_2021%2CSCPE_2023%2CTGNAF_21%2CTRGT_022020%2CTRVL_2021%2CTYS_062019%2CVITFM_21&tg_i.sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cwtl&tg_i.site_id=5e0fcd6517a8be5a76a36c71&tg_i.verticals=Travel&tg_i.pmp_elig=true&tg_i.mcmp=BA_RDTR1%2Ciaba_719&tg_i.refresh=false&tg_i.vp=0&tg_i.hvp=0&tg_i.pbadslot=%2F18190176%2FAdThrive_Content%2F5e0fcd6517a8be5a76a36c71&tk_flint=pbjs_lite_v8.5.0&x_source.tid=191d0866-f84f-4314-b5cc-710d2de51b0d&l_pb_bid_id=216aea4e656ecf4d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=037b7f73-5012-42ad-ae3f-29463dc1c1e9&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Content%2F5e0fcd6517a8be5a76a36c71&slots=1&rand=0.5280718347689386
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1e6ff53e4e2e0416bc300be4c02e7c4c560b1d11118a23a19d880a7c5c70aa0e

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:06 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
929
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
140 B
703 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1da0bff00c0da6debe8540a166f0a25cb904d05a0d20541fc187f4ec2e74fe34
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
an-x-request-uuid
e787946a-66a9-4eea-a7d6-89e032e1c88a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
209.58.162.208; 209.58.162.208; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cafemedia
direct.adsrvr.org/bid/bidder/
0
399 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.197.196.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae69789f15ba8a942.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
hb
hb.undertone.com/
0
518 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=2002&domain=gfieldmoney.com&ccpa=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-85.sin52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
via
1.1 a9cfec72cfc71c81978b7bbf79189fdc.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://gfieldmoney.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
B31D3ebbbiQ_RBMuF1LZt8KXzonlPLXf7maP9bAaGRbt6cPyLwBDdQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/
2 KB
1 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701832864997&to=-480&aun=AdThrive_Content_2_desktop&criteoId=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA&pubcid=f2197854-45e8-4bc8-be5e-4683d1f7cb55&tdid=437452d1-aafd-4446-a1b7-f65bb0385bb9&fabrickId=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po&ftrackId=3ab4e59ec3f84877bb77617c70066218&gpid=%2F18190176%2FAdThrive_Content%2F5e0fcd6517a8be5a76a36c71&t=g95nznmj&pi=3&maxw=970&maxh=90&si=913892&bf=728x90%2C320x50%2C970x90%2C300x50%2C320x100%2C468x60&uspConsent=1YNY&schain=1.0%2C1!cafemedia.com%2C5e0fcd6517a8be5a76a36c71%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.5.0%22%7D&ogu=null&ns=10035
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.73.167.231 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-167-231.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
77de9a9d39b58cc63bb6ceb9386e8031816b18a33ef947c03d19039b166d690d

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
exchange.postrelease.com/
0
392 B
XHR
General
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_eid=W3sic291cmNlIjoiY3JpdGVvLmNvbSIsInVpZHMiOlt7ImlkIjoiSnZwVDVWOVBjWGdsTWtJeU1rdEdjVEZHY0ZaWFZtTnJiVE5QUzJjeU0waDJXRkl5TUVsSWJWcGFSa1owTTI1elRYZEZjRU16ZHlVeVFtWktVbWwzUVhaVlVXOWhSRTl2VW1KQmFsRTRlaVV5Um5kWlIweFVaWHBsWkUwM1kyWjFaeVV6UkNVelJBIiwiYXR5cGUiOjF9XX0seyJzb3VyY2UiOiJwdWJjaWQub3JnIiwidWlkcyI6W3siaWQiOiJmMjE5Nzg1NC00NWU4LTRiYzgtYmU1ZS00NjgzZDFmN2NiNTUiLCJhdHlwZSI6MX1dfSx7InNvdXJjZSI6ImFkc2VydmVyLm9yZyIsInVpZHMiOlt7ImlkIjoiNDM3NDUyZDEtYWFmZC00NDQ2LWExYjctZjY1YmIwMzg1YmI5IiwiYXR5cGUiOjEsImV4dCI6eyJydGlQYXJ0bmVyIjoiVERJRCJ9fV19LHsic291cmNlIjoibmV1c3Rhci5iaXoiLCJ1aWRzIjpbeyJpZCI6IkUxOmVOVDFOYmxiN29nSlhEMjhHcVZIQ3dxU0tMblpuUnd3MlBBSHQ3cUw4N1p6LWZvc0R2M29Fa1VBbnBZTFVkWDJobmhCTEhOU0t2Q3d6ZDh5MTVISDdLeUNucU92aGdvTWlmYmhtSV8zUTFJV0hRM0FyTVU0cVVrWWRsUTNDNnBvIiwiYXR5cGUiOjF9XX0seyJzb3VyY2UiOiJmbGFzaHRhbGtpbmcuY29tIiwidWlkcyI6W3siaWQiOiIzYWI0ZTU5ZWMzZjg0ODc3YmI3NzYxN2M3MDA2NjIxOCIsImF0eXBlIjoxLCJleHQiOnsiSEhJRCI6ImIyYjI2MjE3ODY4MTRlMTFhZWY4ZTc2YzgzNjllNjZmIiwiRGV2aWNlSUQiOiIzYWI0ZTU5ZWMzZjg0ODc3YmI3NzYxN2M3MDA2NjIxOCIsIlNpbmdsZURldmljZUlEIjoiM2FiNGU1OWVjM2Y4NDg3N2JiNzc2MTdjNzAwNjYyMTgifX1dfV0=&us_privacy=1YNY&ntv_pbv=v8.5.0&ntv_pb_rid=225f5cd5a1ee0703&ntv_ppc=W3siYWRVbml0Q29kZSI6IkFkVGhyaXZlX0NvbnRlbnRfMl9kZXNrdG9wIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbNzI4LDkwXSxbMzIwLDUwXSxbOTcwLDkwXSxbMzAwLDUwXSxbMzIwLDEwMF0sWzQ2OCw2MF1dfX19XQ==&ntv_dbr=eyJBZFRocml2ZV9Gb290ZXJfMV9kZXNrdG9wIjowLCJBZFRocml2ZV9Db250ZW50XzFfZGVza3RvcCI6MCwiQWRUaHJpdmVfQ29udGVudF8yX2Rlc2t0b3AiOjB9&ntv_url=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.254.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-254-37.us-west-2.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/
277 B
524 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
5771578403b08f8adb4964399c2e3bd6414129780d936c4b11dc182cec653fac

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.4.0
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
226
Expires
0
bid-request
a.teads.tv/hb/
16 B
381 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.137 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 06 Dec 2023 03:21:05 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
483 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185763
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
676c40b6075652f846a7b4f57a32bf259f739ed5f8e176b9767fdad05240c099

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2F31mBRNou88lMT5FpOkcSLlj3ngywd9C6Jff59ypznQZ3ey2bKN6yfCasjH1jlIiE60yImSdtEdCpYntOAgRBHExEd5CFAzwZ7MQu8qr%2BcmCw4sqMIwsUjwouAaBpiYRilUFELP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8311658e6bff3f4a-SIN
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
krk2.kargo.com/api/v1/
2 B
465 B
XHR
General
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.43.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-43-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
0
193 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=14281921097&lsavail=1&bundle=6SVtKl91cEt2MXJ2OEhmNlliamtvbjBXdVdsZSUyRm1QR1dkZTE4YzVCRlBuOHM3aEpuUGNlWGRnd0RtemlVS0JHNkFMZzBRcm5CZmVPQ1h3Sm9oZWtpS2NHMUJWcHZHS3JnanNrJTJCcmM4MzFWUEZMTDdDNm1VTDlRTlBGNzdWRkdzamk2TE0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:04 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/
19 B
541 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tmax=2700&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.77.74.133 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-74-133.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/
25 B
367 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.54.176 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
176.54.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3648d3f9bc82c05cf48b1569af85b72bf60166646c5bf5c3b411232ee6e9bf08

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 06 Dec 2023 03:21:05 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
c5bcea981f597929ce16f9c575b03c6ea0ec002ffd39c7dee4898c4d1c42e1a4

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/
0
57 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
929 B
963 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881402&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117&us_privacy=1YNY&rp_schain=1.0,1!cafemedia.com,5e0fcd6517a8be5a76a36c71,1,,,&eid_criteo.com=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA%5E1&eid_pubcid.org=f2197854-45e8-4bc8-be5e-4683d1f7cb55%5E1&tpid_tdid=437452d1-aafd-4446-a1b7-f65bb0385bb9&eid_adserver.org=437452d1-aafd-4446-a1b7-f65bb0385bb9&eid_neustar.biz=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po%5E1&eid_flashtalking.com=3ab4e59ec3f84877bb77617c70066218%5E1&rf=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tg_v.iab=719&tg_i.domain=gfieldmoney.com&tg_i.page=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tg_i.cat=IAB20&tg_i.pagecat=IAB20&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.site_code=AFOI_2020%2CATZN_2020%2CEXFP_2020%2CEXHFCE_2021%2CGLDM_2021%2CGLU_2023%2CHUSA_2023%2CLBM_LS_2020%2CMIQWO_2022%2CMRLOI_22%2CNSTLE_22%2CREI_2021%2CSCPE_2023%2CTGNAF_21%2CTRGT_022020%2CTRVL_2021%2CTYS_062019%2CVITFM_21&tg_i.sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cwtl&tg_i.site_id=5e0fcd6517a8be5a76a36c71&tg_i.verticals=Travel&tg_i.pmp_elig=true&tg_i.mcmp=BA_RDTR1%2Ciaba_719&tg_i.refresh=false&tg_i.vp=0&tg_i.hvp=0&tg_i.pbadslot=%2F18190176%2FAdThrive_Content%2F5e0fcd6517a8be5a76a36c71&tk_flint=pbjs_lite_v8.5.0&x_source.tid=ecf78261-13a6-4fc6-b105-ba0812e3b9c6&l_pb_bid_id=262a9bf99b1765b2&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=98e8020e-c456-4c9f-a11d-4411592189e4&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Content%2F5e0fcd6517a8be5a76a36c71&slots=1&rand=0.27570989342863084
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ca20429ea15c6e2ddd64e6ca8d30ad91bfa8adc5904e80b812d08b6acc0a4336

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
929
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
140 B
703 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a71d8723f7a445651f4f6aabd2ad625535b0b419a9be09ab777f9957d86f0ad4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
an-x-request-uuid
e79298f7-35d8-4f10-9953-0d2865c2e67e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
209.58.162.208; 209.58.162.208; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cafemedia
direct.adsrvr.org/bid/bidder/
0
399 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.197.196.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae69789f15ba8a942.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
hb
hb.undertone.com/
0
518 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=2002&domain=gfieldmoney.com&ccpa=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-85.sin52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
via
1.1 a9cfec72cfc71c81978b7bbf79189fdc.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://gfieldmoney.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
DTvisGYPSBAR03FlCVmSz5gr_z0dFbgHoYjN4Q4uvex35BKxiSBQdg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
exchange.postrelease.com/
0
393 B
XHR
General
Full URL
https://exchange.postrelease.com/prebid?ntv_pb_eid=W3sic291cmNlIjoiY3JpdGVvLmNvbSIsInVpZHMiOlt7ImlkIjoiSnZwVDVWOVBjWGdsTWtJeU1rdEdjVEZHY0ZaWFZtTnJiVE5QUzJjeU0waDJXRkl5TUVsSWJWcGFSa1owTTI1elRYZEZjRU16ZHlVeVFtWktVbWwzUVhaVlVXOWhSRTl2VW1KQmFsRTRlaVV5Um5kWlIweFVaWHBsWkUwM1kyWjFaeVV6UkNVelJBIiwiYXR5cGUiOjF9XX0seyJzb3VyY2UiOiJwdWJjaWQub3JnIiwidWlkcyI6W3siaWQiOiJmMjE5Nzg1NC00NWU4LTRiYzgtYmU1ZS00NjgzZDFmN2NiNTUiLCJhdHlwZSI6MX1dfSx7InNvdXJjZSI6ImFkc2VydmVyLm9yZyIsInVpZHMiOlt7ImlkIjoiNDM3NDUyZDEtYWFmZC00NDQ2LWExYjctZjY1YmIwMzg1YmI5IiwiYXR5cGUiOjEsImV4dCI6eyJydGlQYXJ0bmVyIjoiVERJRCJ9fV19LHsic291cmNlIjoibmV1c3Rhci5iaXoiLCJ1aWRzIjpbeyJpZCI6IkUxOmVOVDFOYmxiN29nSlhEMjhHcVZIQ3dxU0tMblpuUnd3MlBBSHQ3cUw4N1p6LWZvc0R2M29Fa1VBbnBZTFVkWDJobmhCTEhOU0t2Q3d6ZDh5MTVISDdLeUNucU92aGdvTWlmYmhtSV8zUTFJV0hRM0FyTVU0cVVrWWRsUTNDNnBvIiwiYXR5cGUiOjF9XX0seyJzb3VyY2UiOiJmbGFzaHRhbGtpbmcuY29tIiwidWlkcyI6W3siaWQiOiIzYWI0ZTU5ZWMzZjg0ODc3YmI3NzYxN2M3MDA2NjIxOCIsImF0eXBlIjoxLCJleHQiOnsiSEhJRCI6ImIyYjI2MjE3ODY4MTRlMTFhZWY4ZTc2YzgzNjllNjZmIiwiRGV2aWNlSUQiOiIzYWI0ZTU5ZWMzZjg0ODc3YmI3NzYxN2M3MDA2NjIxOCIsIlNpbmdsZURldmljZUlEIjoiM2FiNGU1OWVjM2Y4NDg3N2JiNzc2MTdjNzAwNjYyMTgifX1dfV0=&us_privacy=1YNY&ntv_pbv=v8.5.0&ntv_pb_rid=269111c780bd2265&ntv_ppc=W3siYWRVbml0Q29kZSI6IkFkVGhyaXZlX0NvbnRlbnRfM19kZXNrdG9wIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbNzI4LDkwXSxbMzIwLDUwXSxbOTcwLDkwXSxbMzAwLDUwXSxbMzIwLDEwMF0sWzQ2OCw2MF1dfX19XQ==&ntv_dbr=eyJBZFRocml2ZV9Gb290ZXJfMV9kZXNrdG9wIjowLCJBZFRocml2ZV9Db250ZW50XzFfZGVza3RvcCI6MCwiQWRUaHJpdmVfQ29udGVudF8yX2Rlc2t0b3AiOjAsIkFkVGhyaXZlX0NvbnRlbnRfM19kZXNrdG9wIjowfQ==&ntv_url=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.254.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-254-37.us-west-2.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/
279 B
526 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e80da6d6b9bd1163e3e50cd87e3f06efa34e3c015c68f391aba7d671837a1c30

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.4.0
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
228
Expires
0
bid-request
a.teads.tv/hb/
16 B
381 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.137 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 06 Dec 2023 03:21:05 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
484 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185764
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4ca51f5a3fc9a56f254dab3e04bc654f2ee8d27d44e68f018bdd39448991264

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5isWJLmGYtjjdvt7D06oexeed0KMDZu5WQjo2po6fR4KC6H4TDjmUkcApx32ZfVQLmKt%2BUUKnqsQtXFWQ78PgZnyZryKjgogeBeo%2Fzwoe1eeM%2BU1F%2FQsmp94k2OXkVnCieQeLsS3"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8311658e9c273f4a-SIN
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
krk2.kargo.com/api/v1/
2 B
465 B
XHR
General
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.43.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-43-115.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/
0
193 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=67853066566&lsavail=1&bundle=6SVtKl91cEt2MXJ2OEhmNlliamtvbjBXdVdsZSUyRm1QR1dkZTE4YzVCRlBuOHM3aEpuUGNlWGRnd0RtemlVS0JHNkFMZzBRcm5CZmVPQ1h3Sm9oZWtpS2NHMUJWcHZHS3JnanNrJTJCcmM4MzFWUEZMTDdDNm1VTDlRTlBGNzdWRkdzamk2TE0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:04 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/
19 B
541 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tmax=2700&us_privacy=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.77.74.133 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-74-133.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/
25 B
367 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.54.176 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
176.54.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2005ce48e77f463a0bb7e662fe7d62685640add0ecffc2dd99dc3e89cf704de9

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 06 Dec 2023 03:21:05 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e1e2beb7236f0b3a60cf12a87daf466ddf2d9b6fe9e091aa6d801b09b2567e8a

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/
0
57 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
929 B
963 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881404&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117&us_privacy=1YNY&rp_schain=1.0,1!cafemedia.com,5e0fcd6517a8be5a76a36c71,1,,,&eid_criteo.com=JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA%5E1&eid_pubcid.org=f2197854-45e8-4bc8-be5e-4683d1f7cb55%5E1&tpid_tdid=437452d1-aafd-4446-a1b7-f65bb0385bb9&eid_adserver.org=437452d1-aafd-4446-a1b7-f65bb0385bb9&eid_neustar.biz=E1%3AeNT1Nblb7ogJXD28GqVHCwqSKLnZnRww2PAHt7qL87Zz-fosDv3oEkUAnpYLUdX2hnhBLHNSKvCwzd8y15HH7KyCnqOvhgoMifbhmI_3Q1IWHQ3ArMU4qUkYdlQ3C6po%5E1&eid_flashtalking.com=3ab4e59ec3f84877bb77617c70066218%5E1&rf=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tg_v.iab=719&tg_i.domain=gfieldmoney.com&tg_i.page=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&tg_i.cat=IAB20&tg_i.pagecat=IAB20&tg_i.privacypolicy=1&tg_i.mobile=1&tg_i.site_code=AFOI_2020%2CATZN_2020%2CEXFP_2020%2CEXHFCE_2021%2CGLDM_2021%2CGLU_2023%2CHUSA_2023%2CLBM_LS_2020%2CMIQWO_2022%2CMRLOI_22%2CNSTLE_22%2CREI_2021%2CSCPE_2023%2CTGNAF_21%2CTRGT_022020%2CTRVL_2021%2CTYS_062019%2CVITFM_21&tg_i.sens=alc%2Cast%2Ccbd%2Cdat%2Cgamv%2Cpol%2Cssr%2Csrh%2Cwtl&tg_i.site_id=5e0fcd6517a8be5a76a36c71&tg_i.verticals=Travel&tg_i.pmp_elig=true&tg_i.mcmp=BA_RDTR1%2Ciaba_719&tg_i.refresh=false&tg_i.vp=0&tg_i.hvp=0&tg_i.pbadslot=%2F18190176%2FAdThrive_Content%2F5e0fcd6517a8be5a76a36c71&tk_flint=pbjs_lite_v8.5.0&x_source.tid=c4e7a140-b45a-45d8-8e8d-db7b047c646a&l_pb_bid_id=30648f47ff75c3b8&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ee5b262f-a6e8-4aa9-bcc3-d0402af88877&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Content%2F5e0fcd6517a8be5a76a36c71&slots=1&rand=0.042631211752878206
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
02ff714dafb70ab644fd3fd1c49aecda9cd2ecf5f4d9e99740ff34be90901a3d

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:06 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
929
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
140 B
703 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
43bf13402588a97fbb5d13ee4f05ac0c82280f00024f74fce7ac8724e38fba36
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
an-x-request-uuid
9844b199-8be9-4a00-b77b-d8a32390ff57
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
209.58.162.208; 209.58.162.208; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cafemedia
direct.adsrvr.org/bid/bidder/
0
399 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.197.196.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae69789f15ba8a942.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:04 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://gfieldmoney.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
hb
hb.undertone.com/
0
518 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=2002&domain=gfieldmoney.com&ccpa=1YNY
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-85.sin52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:05 GMT
via
1.1 a9cfec72cfc71c81978b7bbf79189fdc.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
SIN52-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://gfieldmoney.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
xrSex3_4xdwpLxFPojx_svRifoWzOnSo_u16xPJGxFcGsK8vZt1X9A==
expires
Mon, 26 Jul 1997 05:00:00 GMT
N7dniXtO-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/N7dniXtO-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/N7dniXtO-120.jpg
164 KB
164 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/strips/N7dniXtO-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
88bdba7f36eba9605d091d1e45a4b69ff69c1b7fbd19e59ce42855c237fcea5d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
336
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
167269
x-served-by
cache-iad-kjyo7100070-IAD, cache-hkg17934-HKG
last-modified
Thu, 08 Jun 2023 13:22:05 GMT
server
nginx
x-timer
S1701832865.400034,VS0,VE216
etag
"bb72fcedf805b0dfd954594718cd797c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
70014, 1

Redirect headers

date
Wed, 06 Dec 2023 03:21:05 GMT
via
1.1 cc2beda7b70d44b6ed40dda2c22f45e4.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/N7dniXtO-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
9p9ysFCMSeesr-Q91tbVMSXM8PqIgmPLv_3_YflBxuXUa-T_qaczJQ==
v1
lb.eu-1-id5-sync.com/lb/
33 B
275 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
b8f631c12cc96a5f789385579237b16e70a27b6690f7c18acdd3198dec828591
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
t6k3kmre-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/fkLe1nvh/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/t6k3kmre-120.jpg
5 KB
5 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/t6k3kmre-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05289e87130442fbbaf648499845582981d1e63acc191679803ed407d1ae9257

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:06 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
178
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
4883
x-served-by
cache-iad-kcgs7200092-IAD, cache-hkg17934-HKG
last-modified
Fri, 09 Sep 2022 19:24:33 GMT
server
nginx
x-timer
S1701832866.049398,VS0,VE219
etag
"06168dbc06815db3c159d342faaeb0fe"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
4644, 0

Redirect headers

date
Wed, 06 Dec 2023 03:21:05 GMT
via
1.1 cc2beda7b70d44b6ed40dda2c22f45e4.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
SIN52-C3
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/t6k3kmre-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
QPq9PRtoMgt4QRVlSA1VFqfu9pjCjv9bDH6gObGcWb8MQ7ffA0r-pQ==
v3
id5-sync.com/gm/
765 B
1 KB
XHR
General
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
7660393a61cfc061df4080ba777c65d51fde7fb5a58f8c537b36a1cfc49ba6b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
auction_end
pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/ Frame
0
0
Preflight
General
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/auction_end
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.89.54.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-89-54-138.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gfieldmoney.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://gfieldmoney.com
access-control-max-age
86400
date
Wed, 06 Dec 2023 03:21:06 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction_end
pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/
60 B
219 B
Fetch
General
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/auction_end
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.89.54.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-89-54-138.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
38a219bf88a26b001555e6e09f53d7a457c9b99696cc8c86020358bb3786a75a

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://gfieldmoney.com
date
Wed, 06 Dec 2023 03:21:06 GMT
access-control-allow-credentials
true
content-length
60
vary
Origin
content-type
application/json; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/
764 B
430 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3725351638077738&correlator=3538000293334254&eid=31078987%2C31079946%2C44807689%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fifs&us_privacy=1YNY&tfcd=0&iu_parts=18190176%3A22575277881%2CAdThrive_Content_1%2C5e0fcd6517a8be5a76a36c71&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C320x50%7C970x90%7C300x50%7C320x100%7C468x60&fluid=height&ifi=1&sfv=1-0-40&fsbs=1&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1701832866163&adxs=245&adys=4647&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&vis=1&psz=730x350&msz=730x300&fws=4&ohw=730&ga_vid=1019424960.1701832866&ga_sid=1701832866&ga_hid=167053836&ga_fc=false&a3p=Eo4DCggxODE5MDE3NhL4AmV5SnphV2R1WVd4eklqcGJleUp6YjNWeVkyVWlPaUpoWkhObGNuWmxjaTV2Y21jaUxDSmtZWFJoSWpvaU5ETTNORFV5WkRFdFlXRm1aQzAwTkRRMkxXRXhZamN0WmpZMVltSXdNemcxWW1JNUlpd2lhWE5RZFdKRGNtVmhkR1ZrSWpwMGNuVmxmU3g3SW5OdmRYSmpaU0k2SW0xamJYQWlMQ0prWVhSaElqcGJJa0pCWDFKRVZGSXhJaXdpYVdGaVlWODNNVGtpWFN3aWFYTlFkV0pEY21WaGRHVmtJanAwY25WbGZTeDdJbk52ZFhKalpTSTZJbk5sYm5NaUxDSmtZWFJoSWpwYkltRnNZeUlzSW1GemRDSXNJbU5pWkNJc0ltUmhkQ0lzSW1kaGJYWWlMQ0p3YjJ3aUxDSnpjM0lpTENKemNtZ2lMQ0p6YTJVaUxDSjNkR3dpWFN3aWFYTlFkV0pEY21WaGRHVmtJanAwY25WbGZWMTkY9OOS6cMxSAE.&dlt=1701832861444&idt=2666&ppid=f219785445e84bc8be5e4683d1f7cb55&prev_scp=location%3DContent%26sequence%3D1%26id%3DAdThrive_Content_1_desktop%26ATF%3Dtrue%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dtid%253Ad88c9be1-190a-4079-849f-55b70ae61504%2Cidp%253Ashl%2Cidp%253Auid1%2Cidp%253Amrk%2Cidp%253Acri%2Cidp%253Afab%2Cidp%253Aftr%2Cidp%253Aliid%2Cidp%253Amgncrbn%2Cfv%253Af%2Chbf%253A0.00%2Coseq%253A1%26hb_bidder%3DnoBid&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A54%252Cbrwsrv%253A119.0.6045.199%252Cpmp_elig%253A1%252Clf_elig%253A1%252Cclson%253Atrue%252CclsBranch%253A3fe49da%252CclsBucket%253Aprod%252Cintegration%253Aplugin%252Clmdv%253A1.47.0%252Crf%253A0%252Cppid%253Ano_id5StorageAvail_sharedIdSent%26siteId%3D5e0fcd6517a8be5a76a36c71%26organizationId%3D6233884d2bb0fa708866afdc%26siteName%3DPack%2520Hacker%26verticals%3DTravel%26abgroup%3Damzn%253Aon%252Cwvtls%253Aoff%254075%252Cmto%253A4%254025%252Cflrml1%253Acm%254010%252Cfto%253A4%254025%252Callbho%253Aoff%25400%252Cloglev%253Aoff%254099%252Chbho%253A33across%254025%252Chbho%253Aconcert%25405%252Chbho%253Aresetdigital%254090%252Coptd%253Aoff%2540100%252Cidho%253AFTrackId%252Cpbs2s%253A33across%2540100%252Cpbs2s%253Aconversant%2540100%252Cpbs2s%253Aimprove_ss%2540100%252Cpbs2s%253Apubm_ss%2540100%252Cpbs2s%253Aresetdigital%2540100%252Cpbs2s%253Aunder_ss%2540100%252Cpbs2s%253Aunruly%2540100%252Cpbs2s%253Ayieldmo%2540100%252Cpbs2s%253Aadform%2540100%252Cadt2%253A500%254085%252Cs2sparam%253Aon%254099%252Cmultirefauc%253A20s%254010%252Ccoldr%253Aboth%2540100%252Ckrgodr%253Aclient%254095%252Copnxdr%253Aboth%254098%252Cmagnitedr%253Aboth%254098%252Ctripleliftdr%253Aboth%254098%252Cyahoodr1%253Aboth%254098%252Cito_ds%253A2700%254015%252C3pho%253Anone%254095%252Cvbho%253Aresetdigital%254090%252Cvbho%253A33across%2540100%252Coptv%253Aoff%2540100%252Ccbt%253A6s%25405%252Cvasttoisv%253A15s%254060%252Cvasttoosv%253A5s%254060%252Cproto%253Aall%254055%252Cpbm%253Aon%252Caddur%253Aoff%254097%252Cadlifecyc%253Aoff%254090%252CreqTo%253A15%254060%252Cvadv%253Aon%252Cosp%253A2%2540100%252Cdofre%253Aoff%254099%252Csoblp%253Aoff%254095%252Ccsp%253Aon%2540100%252Cvmaxdur%253A30%254098%252Cjwpv%253A8.30.0%254099%252Csmhd100%253Aoff%252Cconmax99%253Aoff%252Cdcsll_ss2%253A5.10%254010%252Cdcsllm_ss%253Aundefined%252Cainv2%253A1000%2540100%252Cscre%253Aon%252Cpbsflr1%253Aoff%254095%252Cs2sbuff%253A300%254025%252Ccsync_lim%253A0%254025%252Crpbs%253Aoff%254090%252Crmos1%253Aoff%254099%252Csocon%253A1%254033%252Crtbf%253Aon%2540100%252Cdco%253Arelaxed%2540100%252Cdajto%253Aon%2540100%252Cjwb%253Aon%254095%252Cfldg%253Aon%254050%252Cvpred_1%253A0.9%254096%252Ccrtvmon%253Aoff%254090%252Coxli%253Aoff%2540100%252Cpba%253Anone%254099%252Camzn_hold_disp%253Aoff%254050%252Caddens%253Aoff%254075%252Cbmetrics%253Aoff%25401%252Cspa%253Aoff%25400%252Cfcp%253AtopLeft%2540100%252Cconfiant1%253Aoff%254090%252Cscae%253Aon%252Cessa%253Aon%252Cdssmh%253A2100%254010%252Cdssc%253A25%254025%252Crrc%253Aoff%252Crefsoflr%253A0%254080%252Cssff%253Aon%2540100%252Cjtte%253Aon%2540100%252Clogcls%253Aoff%254090%252Cmgncrbn%253Aon%254025%252Cnlsentrckr%253Aoff%2540100%252Crebuildslot%253Aon%254095%252Csre%253Aoff%2540100%252Cupl%253Aoff%254075%252Cdatapriv%253Aoff%254090%252Cvcsu%253Aon%2540100%252Cssau%253Aoff%2540100%252Cpale%253Aoff%254099%252Cdsle%253AContinuing%2520without%2520bids%254099%252Cdsle%253Axhr%2520timeout%2520after%254099%252Cmgtdtw%253A0%254080%26idho_p%3Did5Id%253A50%252CidentityLink%253A1%252CpairId%253A1%252CunifiedId%253A1%252CunifiedId2%253A1%252CsharedId%253A1%252Ccriteo%253A5%252CconnectId%253A5%252CfabrickId%253A5%252CFTrackId%253A95%252C33acrossId%253A5%252CliveIntentId%253A1%252ClotamePanoramaId%253A5%252CmerkleId%253A25%252CmerkuryId%253A5%26bucket%3Dprod%26sens%3Dalc%252Cast%252Ccbd%252Cdat%252Cgamv%252Cpol%252Cssr%252Csrh%252Cske%252Cwtl%26domain%3Dgfieldmoney.com%26plugin%3Dadthrive-ads-3.5.2%26vpwxvph%3D1600x1200%26ri%3D112%26st%3D195%26rsi%3D113%26pvk%3D01HGYJ9C2S3Q99MGV4DS2PTBNT%26sess%3D01HGYJ9C2S8FZW2KY5GRZM37PC%26branch%3D19998d0%26deployment%3Dstable%26hbho%3D33across%252Cconcert%252Cresetdigital%26vbho%3Dresetdigital%252C33across%26doba%3Dix%252Cmn%252Cox%252Cpu%252Cun%252Cma%252Cst%252Csb%252Csv%252Ctl%252Cmg%252Cxr%252Cot%252Cax%252Cch%252Ccr%252Cgg%252Ckg%252Ctd%252Cym%26gptv%3D202311300101%26gpid%3Dgpid%2520unavailable%26id_region%3Do%26sens_off%3Dske%26connection%3Dniet%253A4g%252Cdl%253A9.8%26ccpaOptOut%3D0%26fpv%3D1%26mcmp%3DBA_RDTR1%252Ciaba_719%26site_code%3DAFOI_2020%252CATZN_2020%252CEXFP_2020%252CEXHFCE_2021%252CGLDM_2021%252CGLU_2023%252CHUSA_2023%252CLBM_LS_2020%252CMIQWO_2022%252CMRLOI_22%252CNSTLE_22%252CREI_2021%252CSCPE_2023%252CTGNAF_21%252CTRGT_022020%252CTRVL_2021%252CTYS_062019%252CVITFM_21%26marmalade%3Dtrue&adks=4014976676&frm=20
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8038868c565e292ee335212394e5ebd72b46936eb995f73cad4d165228edce2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311300101&st=env
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71f5227b097775d2642b83c811110311ce817ae436c3f01577c9a2d346ef5abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12061
x-xss-protection
0
container.html
f0ce2fb8d209ce1e41c989fc9eefb626.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B94
6 KB
3 KB
Document
General
Full URL
https://f0ce2fb8d209ce1e41c989fc9eefb626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 03:21:06 GMT
expires
Thu, 05 Dec 2024 03:21:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie
cm.adform.net/
43 B
106 B
Image
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:07 GMT
server
nginx
content-length
43
content-type
image/gif
ads
securepubads.g.doubleclick.net/gampad/
580 B
317 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3725351638077738&correlator=2064465713060671&eid=31078987%2C31079946%2C44807689%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fifs&us_privacy=1YNY&tfcd=0&iu_parts=18190176%3A22575277881%2CAdThrive_Content_3%2C5e0fcd6517a8be5a76a36c71&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C320x50%7C970x90%7C300x50%7C320x100%7C468x60&fluid=height&ifi=2&sfv=1-0-40&fsbs=1&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1701832866205&adxs=245&adys=8104&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&vis=1&psz=730x350&msz=730x300&fws=4&ohw=730&ga_vid=1019424960.1701832866&ga_sid=1701832866&ga_hid=167053836&ga_fc=false&a3p=Eo4DCggxODE5MDE3NhL4AmV5SnphV2R1WVd4eklqcGJleUp6YjNWeVkyVWlPaUpoWkhObGNuWmxjaTV2Y21jaUxDSmtZWFJoSWpvaU5ETTNORFV5WkRFdFlXRm1aQzAwTkRRMkxXRXhZamN0WmpZMVltSXdNemcxWW1JNUlpd2lhWE5RZFdKRGNtVmhkR1ZrSWpwMGNuVmxmU3g3SW5OdmRYSmpaU0k2SW0xamJYQWlMQ0prWVhSaElqcGJJa0pCWDFKRVZGSXhJaXdpYVdGaVlWODNNVGtpWFN3aWFYTlFkV0pEY21WaGRHVmtJanAwY25WbGZTeDdJbk52ZFhKalpTSTZJbk5sYm5NaUxDSmtZWFJoSWpwYkltRnNZeUlzSW1GemRDSXNJbU5pWkNJc0ltUmhkQ0lzSW1kaGJYWWlMQ0p3YjJ3aUxDSnpjM0lpTENKemNtZ2lMQ0p6YTJVaUxDSjNkR3dpWFN3aWFYTlFkV0pEY21WaGRHVmtJanAwY25WbGZWMTkY9OOS6cMxSAE.&dlt=1701832861444&idt=2666&ppid=f219785445e84bc8be5e4683d1f7cb55&prev_scp=location%3DContent%26sequence%3D3%26id%3DAdThrive_Content_3_desktop%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dtid%253A98e8020e-c456-4c9f-a11d-4411592189e4%2Cidp%253Ashl%2Cidp%253Auid1%2Cidp%253Amrk%2Cidp%253Acri%2Cidp%253Afab%2Cidp%253Aftr%2Cidp%253Aliid%2Cidp%253Amgncrbn%2Cfv%253Af%2Chbf%253A0.00%2Coseq%253A3%26hb_bidder%3DnoBid&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A54%252Cbrwsrv%253A119.0.6045.199%252Cpmp_elig%253A1%252Clf_elig%253A1%252Cclson%253Atrue%252CclsBranch%253A3fe49da%252CclsBucket%253Aprod%252Cintegration%253Aplugin%252Clmdv%253A1.47.0%252Crf%253A0%252Cppid%253Ano_id5StorageAvail_sharedIdSent%26siteId%3D5e0fcd6517a8be5a76a36c71%26organizationId%3D6233884d2bb0fa708866afdc%26siteName%3DPack%2520Hacker%26verticals%3DTravel%26abgroup%3Damzn%253Aon%252Cwvtls%253Aoff%254075%252Cmto%253A4%254025%252Cflrml1%253Acm%254010%252Cfto%253A4%254025%252Callbho%253Aoff%25400%252Cloglev%253Aoff%254099%252Chbho%253A33across%254025%252Chbho%253Aconcert%25405%252Chbho%253Aresetdigital%254090%252Coptd%253Aoff%2540100%252Cidho%253AFTrackId%252Cpbs2s%253A33across%2540100%252Cpbs2s%253Aconversant%2540100%252Cpbs2s%253Aimprove_ss%2540100%252Cpbs2s%253Apubm_ss%2540100%252Cpbs2s%253Aresetdigital%2540100%252Cpbs2s%253Aunder_ss%2540100%252Cpbs2s%253Aunruly%2540100%252Cpbs2s%253Ayieldmo%2540100%252Cpbs2s%253Aadform%2540100%252Cadt2%253A500%254085%252Cs2sparam%253Aon%254099%252Cmultirefauc%253A20s%254010%252Ccoldr%253Aboth%2540100%252Ckrgodr%253Aclient%254095%252Copnxdr%253Aboth%254098%252Cmagnitedr%253Aboth%254098%252Ctripleliftdr%253Aboth%254098%252Cyahoodr1%253Aboth%254098%252Cito_ds%253A2700%254015%252C3pho%253Anone%254095%252Cvbho%253Aresetdigital%254090%252Cvbho%253A33across%2540100%252Coptv%253Aoff%2540100%252Ccbt%253A6s%25405%252Cvasttoisv%253A15s%254060%252Cvasttoosv%253A5s%254060%252Cproto%253Aall%254055%252Cpbm%253Aon%252Caddur%253Aoff%254097%252Cadlifecyc%253Aoff%254090%252CreqTo%253A15%254060%252Cvadv%253Aon%252Cosp%253A2%2540100%252Cdofre%253Aoff%254099%252Csoblp%253Aoff%254095%252Ccsp%253Aon%2540100%252Cvmaxdur%253A30%254098%252Cjwpv%253A8.30.0%254099%252Csmhd100%253Aoff%252Cconmax99%253Aoff%252Cdcsll_ss2%253A5.10%254010%252Cdcsllm_ss%253Aundefined%252Cainv2%253A1000%2540100%252Cscre%253Aon%252Cpbsflr1%253Aoff%254095%252Cs2sbuff%253A300%254025%252Ccsync_lim%253A0%254025%252Crpbs%253Aoff%254090%252Crmos1%253Aoff%254099%252Csocon%253A1%254033%252Crtbf%253Aon%2540100%252Cdco%253Arelaxed%2540100%252Cdajto%253Aon%2540100%252Cjwb%253Aon%254095%252Cfldg%253Aon%254050%252Cvpred_1%253A0.9%254096%252Ccrtvmon%253Aoff%254090%252Coxli%253Aoff%2540100%252Cpba%253Anone%254099%252Camzn_hold_disp%253Aoff%254050%252Caddens%253Aoff%254075%252Cbmetrics%253Aoff%25401%252Cspa%253Aoff%25400%252Cfcp%253AtopLeft%2540100%252Cconfiant1%253Aoff%254090%252Cscae%253Aon%252Cessa%253Aon%252Cdssmh%253A2100%254010%252Cdssc%253A25%254025%252Crrc%253Aoff%252Crefsoflr%253A0%254080%252Cssff%253Aon%2540100%252Cjtte%253Aon%2540100%252Clogcls%253Aoff%254090%252Cmgncrbn%253Aon%254025%252Cnlsentrckr%253Aoff%2540100%252Crebuildslot%253Aon%254095%252Csre%253Aoff%2540100%252Cupl%253Aoff%254075%252Cdatapriv%253Aoff%254090%252Cvcsu%253Aon%2540100%252Cssau%253Aoff%2540100%252Cpale%253Aoff%254099%252Cdsle%253AContinuing%2520without%2520bids%254099%252Cdsle%253Axhr%2520timeout%2520after%254099%252Cmgtdtw%253A0%254080%26idho_p%3Did5Id%253A50%252CidentityLink%253A1%252CpairId%253A1%252CunifiedId%253A1%252CunifiedId2%253A1%252CsharedId%253A1%252Ccriteo%253A5%252CconnectId%253A5%252CfabrickId%253A5%252CFTrackId%253A95%252C33acrossId%253A5%252CliveIntentId%253A1%252ClotamePanoramaId%253A5%252CmerkleId%253A25%252CmerkuryId%253A5%26bucket%3Dprod%26sens%3Dalc%252Cast%252Ccbd%252Cdat%252Cgamv%252Cpol%252Cssr%252Csrh%252Cske%252Cwtl%26domain%3Dgfieldmoney.com%26plugin%3Dadthrive-ads-3.5.2%26vpwxvph%3D1600x1200%26ri%3D112%26st%3D195%26rsi%3D113%26pvk%3D01HGYJ9C2S3Q99MGV4DS2PTBNT%26sess%3D01HGYJ9C2S8FZW2KY5GRZM37PC%26branch%3D19998d0%26deployment%3Dstable%26hbho%3D33across%252Cconcert%252Cresetdigital%26vbho%3Dresetdigital%252C33across%26doba%3Dix%252Cmn%252Cox%252Cpu%252Cun%252Cma%252Cst%252Csb%252Csv%252Ctl%252Cmg%252Cxr%252Cot%252Cax%252Cch%252Ccr%252Cgg%252Ckg%252Ctd%252Cym%26gptv%3D202311300101%26gpid%3Dgpid%2520unavailable%26id_region%3Do%26sens_off%3Dske%26connection%3Dniet%253A4g%252Cdl%253A9.8%26ccpaOptOut%3D0%26fpv%3D1%26mcmp%3DBA_RDTR1%252Ciaba_719%26site_code%3DAFOI_2020%252CATZN_2020%252CEXFP_2020%252CEXHFCE_2021%252CGLDM_2021%252CGLU_2023%252CHUSA_2023%252CLBM_LS_2020%252CMIQWO_2022%252CMRLOI_22%252CNSTLE_22%252CREI_2021%252CSCPE_2023%252CTGNAF_21%252CTRGT_022020%252CTRVL_2021%252CTYS_062019%252CVITFM_21%26marmalade%3Dtrue&adks=4028057072&frm=20
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5597301ef30fe404e854d0d2ac0e56bf7f285402219e9a6425c9cff47a313c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
287
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
580 B
320 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3725351638077738&correlator=1428143418273389&eid=31078987%2C31079946%2C44807689%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fifs&us_privacy=1YNY&tfcd=0&iu_parts=18190176%3A22575277881%2CAdThrive_Content_2%2C5e0fcd6517a8be5a76a36c71&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C320x50%7C970x90%7C300x50%7C320x100%7C468x60&fluid=height&ifi=3&sfv=1-0-40&fsbs=1&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1701832866247&adxs=245&adys=6333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&vis=1&psz=730x350&msz=730x300&fws=4&ohw=730&ga_vid=1019424960.1701832866&ga_sid=1701832866&ga_hid=167053836&ga_fc=false&a3p=Eo4DCggxODE5MDE3NhL4AmV5SnphV2R1WVd4eklqcGJleUp6YjNWeVkyVWlPaUpoWkhObGNuWmxjaTV2Y21jaUxDSmtZWFJoSWpvaU5ETTNORFV5WkRFdFlXRm1aQzAwTkRRMkxXRXhZamN0WmpZMVltSXdNemcxWW1JNUlpd2lhWE5RZFdKRGNtVmhkR1ZrSWpwMGNuVmxmU3g3SW5OdmRYSmpaU0k2SW0xamJYQWlMQ0prWVhSaElqcGJJa0pCWDFKRVZGSXhJaXdpYVdGaVlWODNNVGtpWFN3aWFYTlFkV0pEY21WaGRHVmtJanAwY25WbGZTeDdJbk52ZFhKalpTSTZJbk5sYm5NaUxDSmtZWFJoSWpwYkltRnNZeUlzSW1GemRDSXNJbU5pWkNJc0ltUmhkQ0lzSW1kaGJYWWlMQ0p3YjJ3aUxDSnpjM0lpTENKemNtZ2lMQ0p6YTJVaUxDSjNkR3dpWFN3aWFYTlFkV0pEY21WaGRHVmtJanAwY25WbGZWMTkY9OOS6cMxSAE.&dlt=1701832861444&idt=2666&ppid=f219785445e84bc8be5e4683d1f7cb55&prev_scp=location%3DContent%26sequence%3D2%26id%3DAdThrive_Content_2_desktop%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dtid%253A037b7f73-5012-42ad-ae3f-29463dc1c1e9%2Cidp%253Ashl%2Cidp%253Auid1%2Cidp%253Amrk%2Cidp%253Acri%2Cidp%253Afab%2Cidp%253Aftr%2Cidp%253Aliid%2Cidp%253Amgncrbn%2Cfv%253Af%2Chbf%253A0.00%2Coseq%253A2%26hb_bidder%3DnoBid&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A54%252Cbrwsrv%253A119.0.6045.199%252Cpmp_elig%253A1%252Clf_elig%253A1%252Cclson%253Atrue%252CclsBranch%253A3fe49da%252CclsBucket%253Aprod%252Cintegration%253Aplugin%252Clmdv%253A1.47.0%252Crf%253A0%252Cppid%253Ano_id5StorageAvail_sharedIdSent%26siteId%3D5e0fcd6517a8be5a76a36c71%26organizationId%3D6233884d2bb0fa708866afdc%26siteName%3DPack%2520Hacker%26verticals%3DTravel%26abgroup%3Damzn%253Aon%252Cwvtls%253Aoff%254075%252Cmto%253A4%254025%252Cflrml1%253Acm%254010%252Cfto%253A4%254025%252Callbho%253Aoff%25400%252Cloglev%253Aoff%254099%252Chbho%253A33across%254025%252Chbho%253Aconcert%25405%252Chbho%253Aresetdigital%254090%252Coptd%253Aoff%2540100%252Cidho%253AFTrackId%252Cpbs2s%253A33across%2540100%252Cpbs2s%253Aconversant%2540100%252Cpbs2s%253Aimprove_ss%2540100%252Cpbs2s%253Apubm_ss%2540100%252Cpbs2s%253Aresetdigital%2540100%252Cpbs2s%253Aunder_ss%2540100%252Cpbs2s%253Aunruly%2540100%252Cpbs2s%253Ayieldmo%2540100%252Cpbs2s%253Aadform%2540100%252Cadt2%253A500%254085%252Cs2sparam%253Aon%254099%252Cmultirefauc%253A20s%254010%252Ccoldr%253Aboth%2540100%252Ckrgodr%253Aclient%254095%252Copnxdr%253Aboth%254098%252Cmagnitedr%253Aboth%254098%252Ctripleliftdr%253Aboth%254098%252Cyahoodr1%253Aboth%254098%252Cito_ds%253A2700%254015%252C3pho%253Anone%254095%252Cvbho%253Aresetdigital%254090%252Cvbho%253A33across%2540100%252Coptv%253Aoff%2540100%252Ccbt%253A6s%25405%252Cvasttoisv%253A15s%254060%252Cvasttoosv%253A5s%254060%252Cproto%253Aall%254055%252Cpbm%253Aon%252Caddur%253Aoff%254097%252Cadlifecyc%253Aoff%254090%252CreqTo%253A15%254060%252Cvadv%253Aon%252Cosp%253A2%2540100%252Cdofre%253Aoff%254099%252Csoblp%253Aoff%254095%252Ccsp%253Aon%2540100%252Cvmaxdur%253A30%254098%252Cjwpv%253A8.30.0%254099%252Csmhd100%253Aoff%252Cconmax99%253Aoff%252Cdcsll_ss2%253A5.10%254010%252Cdcsllm_ss%253Aundefined%252Cainv2%253A1000%2540100%252Cscre%253Aon%252Cpbsflr1%253Aoff%254095%252Cs2sbuff%253A300%254025%252Ccsync_lim%253A0%254025%252Crpbs%253Aoff%254090%252Crmos1%253Aoff%254099%252Csocon%253A1%254033%252Crtbf%253Aon%2540100%252Cdco%253Arelaxed%2540100%252Cdajto%253Aon%2540100%252Cjwb%253Aon%254095%252Cfldg%253Aon%254050%252Cvpred_1%253A0.9%254096%252Ccrtvmon%253Aoff%254090%252Coxli%253Aoff%2540100%252Cpba%253Anone%254099%252Camzn_hold_disp%253Aoff%254050%252Caddens%253Aoff%254075%252Cbmetrics%253Aoff%25401%252Cspa%253Aoff%25400%252Cfcp%253AtopLeft%2540100%252Cconfiant1%253Aoff%254090%252Cscae%253Aon%252Cessa%253Aon%252Cdssmh%253A2100%254010%252Cdssc%253A25%254025%252Crrc%253Aoff%252Crefsoflr%253A0%254080%252Cssff%253Aon%2540100%252Cjtte%253Aon%2540100%252Clogcls%253Aoff%254090%252Cmgncrbn%253Aon%254025%252Cnlsentrckr%253Aoff%2540100%252Crebuildslot%253Aon%254095%252Csre%253Aoff%2540100%252Cupl%253Aoff%254075%252Cdatapriv%253Aoff%254090%252Cvcsu%253Aon%2540100%252Cssau%253Aoff%2540100%252Cpale%253Aoff%254099%252Cdsle%253AContinuing%2520without%2520bids%254099%252Cdsle%253Axhr%2520timeout%2520after%254099%252Cmgtdtw%253A0%254080%26idho_p%3Did5Id%253A50%252CidentityLink%253A1%252CpairId%253A1%252CunifiedId%253A1%252CunifiedId2%253A1%252CsharedId%253A1%252Ccriteo%253A5%252CconnectId%253A5%252CfabrickId%253A5%252CFTrackId%253A95%252C33acrossId%253A5%252CliveIntentId%253A1%252ClotamePanoramaId%253A5%252CmerkleId%253A25%252CmerkuryId%253A5%26bucket%3Dprod%26sens%3Dalc%252Cast%252Ccbd%252Cdat%252Cgamv%252Cpol%252Cssr%252Csrh%252Cske%252Cwtl%26domain%3Dgfieldmoney.com%26plugin%3Dadthrive-ads-3.5.2%26vpwxvph%3D1600x1200%26ri%3D112%26st%3D195%26rsi%3D113%26pvk%3D01HGYJ9C2S3Q99MGV4DS2PTBNT%26sess%3D01HGYJ9C2S8FZW2KY5GRZM37PC%26branch%3D19998d0%26deployment%3Dstable%26hbho%3D33across%252Cconcert%252Cresetdigital%26vbho%3Dresetdigital%252C33across%26doba%3Dix%252Cmn%252Cox%252Cpu%252Cun%252Cma%252Cst%252Csb%252Csv%252Ctl%252Cmg%252Cxr%252Cot%252Cax%252Cch%252Ccr%252Cgg%252Ckg%252Ctd%252Cym%26gptv%3D202311300101%26gpid%3Dgpid%2520unavailable%26id_region%3Do%26sens_off%3Dske%26connection%3Dniet%253A4g%252Cdl%253A9.8%26ccpaOptOut%3D0%26fpv%3D1%26mcmp%3DBA_RDTR1%252Ciaba_719%26site_code%3DAFOI_2020%252CATZN_2020%252CEXFP_2020%252CEXHFCE_2021%252CGLDM_2021%252CGLU_2023%252CHUSA_2023%252CLBM_LS_2020%252CMIQWO_2022%252CMRLOI_22%252CNSTLE_22%252CREI_2021%252CSCPE_2023%252CTGNAF_21%252CTRGT_022020%252CTRVL_2021%252CTYS_062019%252CVITFM_21%26marmalade%3Dtrue&adks=343246051&frm=20
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5bb3a834e81198409e09d47991a1d4b1abcba10752347bc8d70a1f07ae00b24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Dec 2023 03:21:06 GMT
ads
securepubads.g.doubleclick.net/gampad/
336 B
179 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3725351638077738&correlator=2139314858118718&eid=31078987%2C31079946%2C44807689%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fifs&us_privacy=1YNY&tfcd=0&iu_parts=18190176%3A22575277881%2CAdThrive_Content_4%2C5e0fcd6517a8be5a76a36c71&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C320x50%7C970x90%7C300x50%7C320x100%7C468x60&fluid=height&ifi=4&sfv=1-0-40&fsbs=1&eri=5&sc=1&cookie=ID%3De173ac14c899bdc6%3AT%3D1701832866%3ART%3D1701832866%3AS%3DALNI_MZI7YvOUr0F6wNuGdm9aZI56Aj3PQ&gpic=UID%3D00000ca5b6215a0a%3AT%3D1701832866%3ART%3D1701832866%3AS%3DALNI_Mauup8ANKT6yaPDU8OiqE0O9CG9GQ&abxe=1&dt=1701832866295&adxs=245&adys=9135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&vis=1&psz=730x350&msz=730x300&fws=4&ohw=730&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1019424960.1701832866&ga_sid=1701832866&ga_hid=167053836&ga_fc=false&a3p=Eo4DCggxODE5MDE3NhL4AmV5SnphV2R1WVd4eklqcGJleUp6YjNWeVkyVWlPaUpoWkhObGNuWmxjaTV2Y21jaUxDSmtZWFJoSWpvaU5ETTNORFV5WkRFdFlXRm1aQzAwTkRRMkxXRXhZamN0WmpZMVltSXdNemcxWW1JNUlpd2lhWE5RZFdKRGNtVmhkR1ZrSWpwMGNuVmxmU3g3SW5OdmRYSmpaU0k2SW0xamJYQWlMQ0prWVhSaElqcGJJa0pCWDFKRVZGSXhJaXdpYVdGaVlWODNNVGtpWFN3aWFYTlFkV0pEY21WaGRHVmtJanAwY25WbGZTeDdJbk52ZFhKalpTSTZJbk5sYm5NaUxDSmtZWFJoSWpwYkltRnNZeUlzSW1GemRDSXNJbU5pWkNJc0ltUmhkQ0lzSW1kaGJYWWlMQ0p3YjJ3aUxDSnpjM0lpTENKemNtZ2lMQ0p6YTJVaUxDSjNkR3dpWFN3aWFYTlFkV0pEY21WaGRHVmtJanAwY25WbGZWMTkY9OOS6cMxSAE.&dlt=1701832861444&idt=2666&ppid=f219785445e84bc8be5e4683d1f7cb55&prev_scp=location%3DContent%26sequence%3D4%26id%3DAdThrive_Content_4_desktop%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dtid%253Aee5b262f-a6e8-4aa9-bcc3-d0402af88877%2Cidp%253Ashl%2Cidp%253Auid1%2Cidp%253Amrk%2Cidp%253Acri%2Cidp%253Afab%2Cidp%253Aftr%2Cidp%253Aliid%2Cidp%253Amgncrbn%2Cfv%253Af%2Chbf%253A0.00%2Coseq%253A4%26hb_bidder%3DnoBid&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A54%252Cbrwsrv%253A119.0.6045.199%252Cpmp_elig%253A1%252Clf_elig%253A1%252Cclson%253Atrue%252CclsBranch%253A3fe49da%252CclsBucket%253Aprod%252Cintegration%253Aplugin%252Clmdv%253A1.47.0%252Crf%253A0%252Cppid%253Ano_id5StorageAvail_sharedIdSent%26siteId%3D5e0fcd6517a8be5a76a36c71%26organizationId%3D6233884d2bb0fa708866afdc%26siteName%3DPack%2520Hacker%26verticals%3DTravel%26abgroup%3Damzn%253Aon%252Cwvtls%253Aoff%254075%252Cmto%253A4%254025%252Cflrml1%253Acm%254010%252Cfto%253A4%254025%252Callbho%253Aoff%25400%252Cloglev%253Aoff%254099%252Chbho%253A33across%254025%252Chbho%253Aconcert%25405%252Chbho%253Aresetdigital%254090%252Coptd%253Aoff%2540100%252Cidho%253AFTrackId%252Cpbs2s%253A33across%2540100%252Cpbs2s%253Aconversant%2540100%252Cpbs2s%253Aimprove_ss%2540100%252Cpbs2s%253Apubm_ss%2540100%252Cpbs2s%253Aresetdigital%2540100%252Cpbs2s%253Aunder_ss%2540100%252Cpbs2s%253Aunruly%2540100%252Cpbs2s%253Ayieldmo%2540100%252Cpbs2s%253Aadform%2540100%252Cadt2%253A500%254085%252Cs2sparam%253Aon%254099%252Cmultirefauc%253A20s%254010%252Ccoldr%253Aboth%2540100%252Ckrgodr%253Aclient%254095%252Copnxdr%253Aboth%254098%252Cmagnitedr%253Aboth%254098%252Ctripleliftdr%253Aboth%254098%252Cyahoodr1%253Aboth%254098%252Cito_ds%253A2700%254015%252C3pho%253Anone%254095%252Cvbho%253Aresetdigital%254090%252Cvbho%253A33across%2540100%252Coptv%253Aoff%2540100%252Ccbt%253A6s%25405%252Cvasttoisv%253A15s%254060%252Cvasttoosv%253A5s%254060%252Cproto%253Aall%254055%252Cpbm%253Aon%252Caddur%253Aoff%254097%252Cadlifecyc%253Aoff%254090%252CreqTo%253A15%254060%252Cvadv%253Aon%252Cosp%253A2%2540100%252Cdofre%253Aoff%254099%252Csoblp%253Aoff%254095%252Ccsp%253Aon%2540100%252Cvmaxdur%253A30%254098%252Cjwpv%253A8.30.0%254099%252Csmhd100%253Aoff%252Cconmax99%253Aoff%252Cdcsll_ss2%253A5.10%254010%252Cdcsllm_ss%253Aundefined%252Cainv2%253A1000%2540100%252Cscre%253Aon%252Cpbsflr1%253Aoff%254095%252Cs2sbuff%253A300%254025%252Ccsync_lim%253A0%254025%252Crpbs%253Aoff%254090%252Crmos1%253Aoff%254099%252Csocon%253A1%254033%252Crtbf%253Aon%2540100%252Cdco%253Arelaxed%2540100%252Cdajto%253Aon%2540100%252Cjwb%253Aon%254095%252Cfldg%253Aon%254050%252Cvpred_1%253A0.9%254096%252Ccrtvmon%253Aoff%254090%252Coxli%253Aoff%2540100%252Cpba%253Anone%254099%252Camzn_hold_disp%253Aoff%254050%252Caddens%253Aoff%254075%252Cbmetrics%253Aoff%25401%252Cspa%253Aoff%25400%252Cfcp%253AtopLeft%2540100%252Cconfiant1%253Aoff%254090%252Cscae%253Aon%252Cessa%253Aon%252Cdssmh%253A2100%254010%252Cdssc%253A25%254025%252Crrc%253Aoff%252Crefsoflr%253A0%254080%252Cssff%253Aon%2540100%252Cjtte%253Aon%2540100%252Clogcls%253Aoff%254090%252Cmgncrbn%253Aon%254025%252Cnlsentrckr%253Aoff%2540100%252Crebuildslot%253Aon%254095%252Csre%253Aoff%2540100%252Cupl%253Aoff%254075%252Cdatapriv%253Aoff%254090%252Cvcsu%253Aon%2540100%252Cssau%253Aoff%2540100%252Cpale%253Aoff%254099%252Cdsle%253AContinuing%2520without%2520bids%254099%252Cdsle%253Axhr%2520timeout%2520after%254099%252Cmgtdtw%253A0%254080%26idho_p%3Did5Id%253A50%252CidentityLink%253A1%252CpairId%253A1%252CunifiedId%253A1%252CunifiedId2%253A1%252CsharedId%253A1%252Ccriteo%253A5%252CconnectId%253A5%252CfabrickId%253A5%252CFTrackId%253A95%252C33acrossId%253A5%252CliveIntentId%253A1%252ClotamePanoramaId%253A5%252CmerkleId%253A25%252CmerkuryId%253A5%26bucket%3Dprod%26sens%3Dalc%252Cast%252Ccbd%252Cdat%252Cgamv%252Cpol%252Cssr%252Csrh%252Cske%252Cwtl%26domain%3Dgfieldmoney.com%26plugin%3Dadthrive-ads-3.5.2%26vpwxvph%3D1600x1200%26ri%3D112%26st%3D195%26rsi%3D113%26pvk%3D01HGYJ9C2S3Q99MGV4DS2PTBNT%26sess%3D01HGYJ9C2S8FZW2KY5GRZM37PC%26branch%3D19998d0%26deployment%3Dstable%26hbho%3D33across%252Cconcert%252Cresetdigital%26vbho%3Dresetdigital%252C33across%26doba%3Dix%252Cmn%252Cox%252Cpu%252Cun%252Cma%252Cst%252Csb%252Csv%252Ctl%252Cmg%252Cxr%252Cot%252Cax%252Cch%252Ccr%252Cgg%252Ckg%252Ctd%252Cym%26gptv%3D202311300101%26gpid%3Dgpid%2520unavailable%26id_region%3Do%26sens_off%3Dske%26connection%3Dniet%253A4g%252Cdl%253A9.8%26ccpaOptOut%3D0%26fpv%3D1%26mcmp%3DBA_RDTR1%252Ciaba_719%26site_code%3DAFOI_2020%252CATZN_2020%252CEXFP_2020%252CEXHFCE_2021%252CGLDM_2021%252CGLU_2023%252CHUSA_2023%252CLBM_LS_2020%252CMIQWO_2022%252CMRLOI_22%252CNSTLE_22%252CREI_2021%252CSCPE_2023%252CTGNAF_21%252CTRGT_022020%252CTRVL_2021%252CTYS_062019%252CVITFM_21%26marmalade%3Dtrue&adks=3777390504&frm=20
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f492e9d27d6de9211c255bb98e7a67e76bbce5556993058e81deb913e7517f4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 158D
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
67322
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 08:39:04 GMT
expires
Wed, 04 Dec 2024 08:39:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5338
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::68 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
363a342bafab5da8d1ee09ea89b73a83e2740a3af5bd8d3b46014b0f6a484f36
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FrOyeMvpiEEE7TQHlvp1kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FrOyeMvpiEEE7TQHlvp1kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 03:21:06 GMT
expires
Wed, 06 Dec 2023 03:21:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 158D
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
67322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 08:39:04 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5338
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311300101&jk=3725351638077738&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 158D
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?LipBkA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
8.gif
id5-sync.com/c/367/821/1/
Redirect Chain
  • https://id5-sync.com/i/367/8.gif?id5id=ID5*uZPYG95BxbOthVpK5fSR0N1mtlCDxA7YGkBBIDESDtpzHG36rMSuOxPInYS2zLJJcx3vq2zBUtXagUapOKCpiA&o=api&gdpr_consent=undefined&gdpr=false
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=437452d1-aafd-4446-a1b7-f65bb0385bb9&ttl=%%TTL%%
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/367/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F367%2F2%2F6%2F3.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/367/2/6/3.gif?puid=4625678882631691475&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F123%2F5%2F4.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F123%2F5%2F4.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/367/123/5/4.gif?puid=18c3d24bd63-5529000001085eb7&gdpr=0&gdpr_consent=
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=LPT7CI83-28-CAV0&gdpr=0
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=714caaa269c421d3&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/822.gif?puid=AAAMBFIjQpowwwMTZQEiAAAAAAA&expiration=1701919268&is_secure=true&gdpr_consent=&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F826%2F2%2F7.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F826%2F2%2F7.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F826%2F2%2F7.gif%3Fpuid...
  • https://id5-sync.com/c/367/826/2/7.gif?puid=376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347&gdpr=0&gdpr_consent=
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F367%2F821%2F1%2F8.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/367/821/1/8.gif?puid=4d7de81e-1aec-4868-b362-e804e2838037&gdpr=0&gdpr_consent=
0
0

sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311300101&jk=3725351638077738&bg=!09Cl0J_NAAY3kmNgF5I7ADQBe5WfOGq9tI-gkKXfTx2TNctkMWp5sQkuIKDjbgZ_aNZpJOXfdSj-NcVGLzh4sAQOD7XYAgAAAFZSAAAABWgBBwoApJAJdhIq0CK6tldj0HCN3yTqfNpAY6WwfQfRxHgS_f31bU5gIKBYu6Ul1kIO3vfKOlEiGV_ae_emDlVukaMZpl0Yr8zG7RHJarNxGsh4D1-i0RWIITbQVTgNoviVs_jg8eSV_m0kkkTMPF2cObI60LykwN2Ki05M_gfuyrXOyOgq8gIA29_y4IxdDrt2FaKKnp3A5WXVAxDVXUJrPhPH4JbX3jWtmQK4hi1Dl-kTR_WQjJPnqlZIl0Hwa3WGPuopnwpCvJcgIBxG3YUv4uEHeMocnEJDv1O0xzKiOXvWTn7yn4DnEXcwgEY-Wg1K4yOVa_5bPbdhY7gwFYb5D6Q7jibR_1_yBZ-BrVyyAiGRTwijZ15HHFNzCMd7Sh9mre8NXAn9mc-VB6dZ1XalCkuZjtn5WNrRBqIf-Pve5GeYX6pjBpoKM0Up2-QtzPJGnoOQg24P30JBatCXb9jVSBxKLFVZiSZvnJdarUcpNw4n-lmdU0VDl_HRlNvT1_l60bntNkBocp23TEEfxfiMwhACe8OLorKFU0LiFHZEHQi6pIdLQqrCe68llyqtaJaC2HFqUcDACvZvpbkbwJf6u3UpCYZdXGOmsvylaKiON7kTasHfdxH1oEyTjla8jEbzJGYGsAzjy2I-zHPgnTBrGZwFcdj0ghv1wQLfkVdRYnn1_CR90W32_0VA5hheopYce0ui9iiqM_oP8B63oTCmDF88U18_XKhriOm2FUbzDZNdo_UIIrr5GVaBgUtTL5oUTuOu3gMUURyJbHNmpCgrBMMqhg7rnre7bOBHsKG-n8iD5BmZpbOF8dq1IiEeGZGi4qrlywpk0DZkUdVLMDlTYC1EvCRThoYGNblcg-K2WY0cHSLRdlRgu0XBsrAJfa2Bqsa1-kbfIRNaC-s-fM0fHj6MLqyqKyuKRmoJt92nF0jf5mQiHo_leL6H6NhAOiD9nH8hEp0CaOJQJTGSJMAZxwALH9hK_m3FdOI6TJu5W-h8u0FiV86_Ht1x4bUb45NHaNqz2bP_cBgYBKrQ_BsLhbO3JeoZNhLKxDLuYXp9lUYFsP7qPRXYJVWT-uyY74AGaNob-Q2qGZOEhRI634KRAATF7bRpeatNIYJEbXr-lFCH5j0lkbWoCfFJfJiPjmgWkYRT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0ABC
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=21868
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 06 Dec 2023 03:21:07 GMT
expires
Wed, 06 Dec 2023 09:25:35 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame B055
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3...
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbid...
709 B
756 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
412e9746fd880b602a748573673538253e68f29103764e3166ee211dea4d4920

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
431
content-type
text/html
date
Wed, 06 Dec 2023 03:21:07 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 06 Dec 2023 03:21:07 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
setuid
prebid-server.rubiconproject.com/ Frame B055
0
560 B
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=87f76120-39f9-000a-1f12-a9d7c82327bc
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame B055
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7030539413985883288&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7030539413985883288&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7030539413985883288&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame B055
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=be29eeef-8066-33e3-749e-69c24978e531&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=437452d1-aafd-4446-a1b7-f65bb0385bb9&ttd_puid=be29eeef-8066-33e3-749e-69c24978e531&gdpr=0&gdpr_consent=
43 B
314 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=437452d1-aafd-4446-a1b7-f65bb0385bb9&ttd_puid=be29eeef-8066-33e3-749e-69c24978e531&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=437452d1-aafd-4446-a1b7-f65bb0385bb9&ttd_puid=be29eeef-8066-33e3-749e-69c24978e531&gdpr=0&gdpr_consent=
date
Wed, 06 Dec 2023 03:21:07 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame B055
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZW-oo8Co8YEAAI3NKWIAAAAA
43 B
61 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZW-oo8Co8YEAAI3NKWIAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Wed, 06 Dec 2023 03:21:07 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"209.58.162.208","key":"ZW-oo8Co8YEAAI3NKWIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad446"}
X-SO-Key
ZW-oo8Co8YEAAI3NKWIAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad446
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZW-oo8Co8YEAAI3NKWIAAAAA
Cache-Control
private
X-SO-HostName
m-ad446.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng29.dc4p.scaleout.jp
X-SO-IP
209.58.162.208
sd
jp-u.openx.net/w/1.0/ Frame B055
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfrFeoNixIyyks8AEDt7NyLGDc8AAAGMPSS_MQ
43 B
97 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfrFeoNixIyyks8AEDt7NyLGDc8AAAGMPSS_MQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfrFeoNixIyyks8AEDt7NyLGDc8AAAGMPSS_MQ
cache-control
no-cache
content-length
0
x-amz-cf-id
3EstDQjMM4hz6wJFvbFP5sBMtZRX1xULeF_amDWo3_muyDaW5s8zgg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame B055
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTI0NjNkMjUtNDkxMS02ZDQ3LTYxN2UtMzM3YjgzOWEyYjUx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B055
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDNl3ns8qeJ-ErmszecXCgc&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDNl3ns8qeJ-ErmszecXCgc&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDNl3ns8qeJ-ErmszecXCgc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0ABC
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4020023&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7a80e490fa3c87dd1803a9e5e7c07cb5b306ad0cf8f7315ba5c1d0ece041fa06

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 06 Dec 2023 03:21:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads
securepubads.g.doubleclick.net/gampad/
335 B
178 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3725351638077738&correlator=696989402307765&eid=31078987%2C31079946%2C44807689%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fifs&us_privacy=1YNY&tfcd=0&iu_parts=18190176%3A22575277881%2CAdThrive_Footer_1%2C5e0fcd6517a8be5a76a36c71&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C320x50%7C970x90%7C300x50%7C320x100%7C468x60%7C1x1&fluid=height&ifi=5&sfv=1-0-40&fsbs=1&eri=5&sc=1&cookie=ID%3D2fafa39a07e59314%3AT%3D1701832866%3ART%3D1701832866%3AS%3DALNI_MZBRqzesL5GyaMTx_vHS8x0cov3Xw&gpic=UID%3D00000ca5b7a05ae7%3AT%3D1701832866%3ART%3D1701832866%3AS%3DALNI_Mb-P9tN60UmtBJ6fVdwWDtcvXihHw&abxe=1&dt=1701832867555&adxs=200&adys=1130&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&vis=1&psz=1600x10543&msz=1600x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1019424960.1701832866&ga_sid=1701832866&ga_hid=167053836&ga_fc=false&a3p=Eo4DCggxODE5MDE3NhL4AmV5SnphV2R1WVd4eklqcGJleUp6YjNWeVkyVWlPaUpoWkhObGNuWmxjaTV2Y21jaUxDSmtZWFJoSWpvaU5ETTNORFV5WkRFdFlXRm1aQzAwTkRRMkxXRXhZamN0WmpZMVltSXdNemcxWW1JNUlpd2lhWE5RZFdKRGNtVmhkR1ZrSWpwMGNuVmxmU3g3SW5OdmRYSmpaU0k2SW0xamJYQWlMQ0prWVhSaElqcGJJa0pCWDFKRVZGSXhJaXdpYVdGaVlWODNNVGtpWFN3aWFYTlFkV0pEY21WaGRHVmtJanAwY25WbGZTeDdJbk52ZFhKalpTSTZJbk5sYm5NaUxDSmtZWFJoSWpwYkltRnNZeUlzSW1GemRDSXNJbU5pWkNJc0ltUmhkQ0lzSW1kaGJYWWlMQ0p3YjJ3aUxDSnpjM0lpTENKemNtZ2lMQ0p6YTJVaUxDSjNkR3dpWFN3aWFYTlFkV0pEY21WaGRHVmtJanAwY25WbGZWMTkY9OOS6cMxSAE.&dlt=1701832861444&idt=2666&ppid=f219785445e84bc8be5e4683d1f7cb55&prev_scp=location%3DFooter%26sequence%3D1%26id%3DAdThrive_Footer_1_desktop%26ATF%3Dtrue%26sticky%3Dtrue%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26hvp%3D80%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dtid%253A8c79bf80-f93b-4bd2-8cfe-a1f2e90315b7%2Cidp%253Ashl%2Cidp%253Auid1%2Cidp%253Amrk%2Cidp%253Acri%2Cidp%253Afab%2Cidp%253Aftr%2Cidp%253Aliid%2Cidp%253Amgncrbn%2Cfv%253Af%2Chbf%253A0.00%2Coseq%253A1%26hb_bidder%3DnoBid&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A54%252Cbrwsrv%253A119.0.6045.199%252Cpmp_elig%253A1%252Clf_elig%253A1%252Cclson%253Atrue%252CclsBranch%253A3fe49da%252CclsBucket%253Aprod%252Cintegration%253Aplugin%252Clmdv%253A1.47.0%252Crf%253A0%252Cppid%253Ano_id5StorageAvail_sharedIdSent%26siteId%3D5e0fcd6517a8be5a76a36c71%26organizationId%3D6233884d2bb0fa708866afdc%26siteName%3DPack%2520Hacker%26verticals%3DTravel%26abgroup%3Damzn%253Aon%252Cwvtls%253Aoff%254075%252Cmto%253A4%254025%252Cflrml1%253Acm%254010%252Cfto%253A4%254025%252Callbho%253Aoff%25400%252Cloglev%253Aoff%254099%252Chbho%253A33across%254025%252Chbho%253Aconcert%25405%252Chbho%253Aresetdigital%254090%252Coptd%253Aoff%2540100%252Cidho%253AFTrackId%252Cpbs2s%253A33across%2540100%252Cpbs2s%253Aconversant%2540100%252Cpbs2s%253Aimprove_ss%2540100%252Cpbs2s%253Apubm_ss%2540100%252Cpbs2s%253Aresetdigital%2540100%252Cpbs2s%253Aunder_ss%2540100%252Cpbs2s%253Aunruly%2540100%252Cpbs2s%253Ayieldmo%2540100%252Cpbs2s%253Aadform%2540100%252Cadt2%253A500%254085%252Cs2sparam%253Aon%254099%252Cmultirefauc%253A20s%254010%252Ccoldr%253Aboth%2540100%252Ckrgodr%253Aclient%254095%252Copnxdr%253Aboth%254098%252Cmagnitedr%253Aboth%254098%252Ctripleliftdr%253Aboth%254098%252Cyahoodr1%253Aboth%254098%252Cito_ds%253A2700%254015%252C3pho%253Anone%254095%252Cvbho%253Aresetdigital%254090%252Cvbho%253A33across%2540100%252Coptv%253Aoff%2540100%252Ccbt%253A6s%25405%252Cvasttoisv%253A15s%254060%252Cvasttoosv%253A5s%254060%252Cproto%253Aall%254055%252Cpbm%253Aon%252Caddur%253Aoff%254097%252Cadlifecyc%253Aoff%254090%252CreqTo%253A15%254060%252Cvadv%253Aon%252Cosp%253A2%2540100%252Cdofre%253Aoff%254099%252Csoblp%253Aoff%254095%252Ccsp%253Aon%2540100%252Cvmaxdur%253A30%254098%252Cjwpv%253A8.30.0%254099%252Csmhd100%253Aoff%252Cconmax99%253Aoff%252Cdcsll_ss2%253A5.10%254010%252Cdcsllm_ss%253Aundefined%252Cainv2%253A1000%2540100%252Cscre%253Aon%252Cpbsflr1%253Aoff%254095%252Cs2sbuff%253A300%254025%252Ccsync_lim%253A0%254025%252Crpbs%253Aoff%254090%252Crmos1%253Aoff%254099%252Csocon%253A1%254033%252Crtbf%253Aon%2540100%252Cdco%253Arelaxed%2540100%252Cdajto%253Aon%2540100%252Cjwb%253Aon%254095%252Cfldg%253Aon%254050%252Cvpred_1%253A0.9%254096%252Ccrtvmon%253Aoff%254090%252Coxli%253Aoff%2540100%252Cpba%253Anone%254099%252Camzn_hold_disp%253Aoff%254050%252Caddens%253Aoff%254075%252Cbmetrics%253Aoff%25401%252Cspa%253Aoff%25400%252Cfcp%253AtopLeft%2540100%252Cconfiant1%253Aoff%254090%252Cscae%253Aon%252Cessa%253Aon%252Cdssmh%253A2100%254010%252Cdssc%253A25%254025%252Crrc%253Aoff%252Crefsoflr%253A0%254080%252Cssff%253Aon%2540100%252Cjtte%253Aon%2540100%252Clogcls%253Aoff%254090%252Cmgncrbn%253Aon%254025%252Cnlsentrckr%253Aoff%2540100%252Crebuildslot%253Aon%254095%252Csre%253Aoff%2540100%252Cupl%253Aoff%254075%252Cdatapriv%253Aoff%254090%252Cvcsu%253Aon%2540100%252Cssau%253Aoff%2540100%252Cpale%253Aoff%254099%252Cdsle%253AContinuing%2520without%2520bids%254099%252Cdsle%253Axhr%2520timeout%2520after%254099%252Cmgtdtw%253A0%254080%26idho_p%3Did5Id%253A50%252CidentityLink%253A1%252CpairId%253A1%252CunifiedId%253A1%252CunifiedId2%253A1%252CsharedId%253A1%252Ccriteo%253A5%252CconnectId%253A5%252CfabrickId%253A5%252CFTrackId%253A95%252C33acrossId%253A5%252CliveIntentId%253A1%252ClotamePanoramaId%253A5%252CmerkleId%253A25%252CmerkuryId%253A5%26bucket%3Dprod%26sens%3Dalc%252Cast%252Ccbd%252Cdat%252Cgamv%252Cpol%252Cssr%252Csrh%252Cske%252Cwtl%26domain%3Dgfieldmoney.com%26plugin%3Dadthrive-ads-3.5.2%26vpwxvph%3D1600x1200%26ri%3D112%26st%3D195%26rsi%3D113%26pvk%3D01HGYJ9C2S3Q99MGV4DS2PTBNT%26sess%3D01HGYJ9C2S8FZW2KY5GRZM37PC%26branch%3D19998d0%26deployment%3Dstable%26hbho%3D33across%252Cconcert%252Cresetdigital%26vbho%3Dresetdigital%252C33across%26doba%3Dix%252Cmn%252Cox%252Cpu%252Cun%252Cma%252Cst%252Csb%252Csv%252Ctl%252Cmg%252Cxr%252Cot%252Cax%252Cch%252Ccr%252Cgg%252Ckg%252Ctd%252Cym%26gptv%3D202311300101%26gpid%3Dgpid%2520unavailable%26id_region%3Do%26sens_off%3Dske%26connection%3Dniet%253A4g%252Cdl%253A9.8%26ccpaOptOut%3D0%26fpv%3D1%26mcmp%3DBA_RDTR1%252Ciaba_719%26site_code%3DAFOI_2020%252CATZN_2020%252CEXFP_2020%252CEXHFCE_2021%252CGLDM_2021%252CGLU_2023%252CHUSA_2023%252CLBM_LS_2020%252CMIQWO_2022%252CMRLOI_22%252CNSTLE_22%252CREI_2021%252CSCPE_2023%252CTGNAF_21%252CTRGT_022020%252CTRVL_2021%252CTYS_062019%252CVITFM_21%26marmalade%3Dtrue&adks=3289955659&frm=20
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
768c2df99a7a6ebc17442235a396dc34f4eb24fcf743c7366595d7281f7dad11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
sync.mathtag.com/sync/ Frame 00F1
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame 08E9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4625678882631691475&gdpr=0&gdpr_consent=
42 B
447 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4625678882631691475&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 06 Dec 2023 03:21:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
9ca97466-7779-4cbd-bb6d-e89e5b558437
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 06 Dec 2023 03:21:07 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4625678882631691475&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
209.58.162.208; 209.58.162.208; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame FA7D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=fdcda54b-47b1-4c2c-ae08-30e3ed8e2872&gdpr=0&gdpr_consent=&gdp...
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=41e1c376-f691-3dd1-91c7-60bb7b0bbbc0&ssp=pubmatic&bsw_param=fdcda54b-47b1-4c2c-ae08-30e3ed8e2872
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fdcda54b-47b1-4c2c-ae08-30e3ed8e2872&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
244 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fdcda54b-47b1-4c2c-ae08-30e3ed8e2872&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 06 Dec 2023 03:21:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 06 Dec 2023 03:21:08 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=fdcda54b-47b1-4c2c-ae08-30e3ed8e2872&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
setuid
prebid-server.rubiconproject.com/ Frame 022D
0
696 B
Document
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=96DECE01-6CC4-4980-845E-7FC80B277327
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Pragma
no-cache
content-length
0
content-type
text/html
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0ABC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lt7OAWzESYCEXn_ICydzJw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.44.0.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-0-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:07 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=21868
accept-ranges
bytes
content-length
5622
expires
Wed, 06 Dec 2023 09:25:35 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 0ABC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=96DECE01-6CC4-4980-845E-7FC80B277327
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=96DECE01-6CC4-4980-845E-7FC80B277327
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=437452d1-aafd-4446-a1b7-f65bb0385bb9&ttd_puid=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=437452d1-aafd-4446-a1b7-f65bb0385bb9&ttd_puid=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:07 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=437452d1-aafd-4446-a1b7-f65bb0385bb9&ttd_puid=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2%2C%2C
date
Wed, 06 Dec 2023 03:21:07 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame 0ABC
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=96DECE01-6CC4-4980-845E-7FC80B277327&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.232.112 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-232-112.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.25.13
content-length
49
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 0ABC
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=96DECE01-6CC4-4980-845E-7FC80B277327&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=96DECE01-6CC4-4980-845E-7FC80B277327&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=96DECE01-6CC4-4980-845E-7FC80B277327&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:20:36 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:20:36 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=96DECE01-6CC4-4980-845E-7FC80B277327&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0ABC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTZERUNFMDEtNkNDNC00OTgwLTg0NUUtN0ZDODBCMjc3MzI3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 06 Dec 2023 00:28:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0ABC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHXzLjOgiDL0d_MMMdtDuiQ&google_cver=1
42 B
346 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHXzLjOgiDL0d_MMMdtDuiQ&google_cver=1
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 06 Dec 2023 03:21:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHXzLjOgiDL0d_MMMdtDuiQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0ABC
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:DF7D98AD37DE49BAACD4E305048507FA
42 B
403 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:DF7D98AD37DE49BAACD4E305048507FA
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 05 Dec 2023 22:15:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 06 Dec 2023 03:21:07 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:DF7D98AD37DE49BAACD4E305048507FA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 05 Dec 2023 03:21:07 GMT
96DECE01-6CC4-4980-845E-7FC80B277327
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0ABC
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/96DECE01-6CC4-4980-845E-7FC80B277327?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a03:2695:bb01:84bf:8ae6 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 0ABC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=437452d1-aafd-4446-a1b7-f65bb0385bb9&gdpr=0&gdpr_consent=
42 B
315 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=437452d1-aafd-4446-a1b7-f65bb0385bb9&gdpr=0&gdpr_consent=
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 06 Dec 2023 03:21:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=437452d1-aafd-4446-a1b7-f65bb0385bb9&gdpr=0&gdpr_consent=
date
Wed, 06 Dec 2023 03:21:07 GMT
server
Kestrel
content-length
355
Pug
simage2.pubmatic.com/AdServer/ Frame 0ABC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4004401939369620632&gdpr=0&gdpr_consent=&us_privacy=
1 B
218 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4004401939369620632&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 06 Dec 2023 03:21:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4004401939369620632&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 06 Dec 2023 03:21:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame 0ABC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=96DECE01-6CC4-4980-845E-7FC80B277327&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XFO9X3xE2uXFcrDzCT_IH1ApT6QVRFg-~A&gdpr=0
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XFO9X3xE2uXFcrDzCT_IH1ApT6QVRFg-~A&gdpr=0
Protocol
H2
Server
67.199.150.85 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XFO9X3xE2uXFcrDzCT_IH1ApT6QVRFg-~A&gdpr=0
date
Wed, 06 Dec 2023 03:21:07 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ads
securepubads.g.doubleclick.net/gampad/
337 B
185 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3725351638077738&correlator=3680574742340056&eid=31078987%2C31079946%2C44807689%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311300101&ptt=17&impl=fifs&us_privacy=1YNY&tfcd=0&iu_parts=18190176%3A22575277881%2CAdThrive_Sidebar_9%2C5e0fcd6517a8be5a76a36c71&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C320x50%7C300x50%7C320x100%7C250x250%7C120x240%7C300x300&fluid=height&ifi=6&sfv=1-0-40&fsbs=1&eri=5&sc=1&cookie=ID%3D2fafa39a07e59314%3AT%3D1701832866%3ART%3D1701832866%3AS%3DALNI_MZBRqzesL5GyaMTx_vHS8x0cov3Xw&gpic=UID%3D00000ca5b7a05ae7%3AT%3D1701832866%3ART%3D1701832866%3AS%3DALNI_Mb-P9tN60UmtBJ6fVdwWDtcvXihHw&abxe=1&dt=1701832867618&adxs=1005&adys=989&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgfieldmoney.com%2Ftravel-gear%2Fmatador%2Ftransit30-2-0&vis=1&psz=350x250&msz=350x250&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1019424960.1701832866&ga_sid=1701832866&ga_hid=167053836&ga_fc=false&a3p=Eo4DCggxODE5MDE3NhL4AmV5SnphV2R1WVd4eklqcGJleUp6YjNWeVkyVWlPaUpoWkhObGNuWmxjaTV2Y21jaUxDSmtZWFJoSWpvaU5ETTNORFV5WkRFdFlXRm1aQzAwTkRRMkxXRXhZamN0WmpZMVltSXdNemcxWW1JNUlpd2lhWE5RZFdKRGNtVmhkR1ZrSWpwMGNuVmxmU3g3SW5OdmRYSmpaU0k2SW0xamJYQWlMQ0prWVhSaElqcGJJa0pCWDFKRVZGSXhJaXdpYVdGaVlWODNNVGtpWFN3aWFYTlFkV0pEY21WaGRHVmtJanAwY25WbGZTeDdJbk52ZFhKalpTSTZJbk5sYm5NaUxDSmtZWFJoSWpwYkltRnNZeUlzSW1GemRDSXNJbU5pWkNJc0ltUmhkQ0lzSW1kaGJYWWlMQ0p3YjJ3aUxDSnpjM0lpTENKemNtZ2lMQ0p6YTJVaUxDSjNkR3dpWFN3aWFYTlFkV0pEY21WaGRHVmtJanAwY25WbGZWMTkY9OOS6cMxSAE.&dlt=1701832861444&idt=2666&ppid=f219785445e84bc8be5e4683d1f7cb55&prev_scp=location%3DSidebar%26sequence%3D9%26id%3DAdThrive_Sidebar_9_desktop%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26hvp%3D70%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dtid%253Ab942f24e-abdf-400a-b953-a55d2bef0124%2Cidp%253Ashl%2Cidp%253Auid1%2Cidp%253Amrk%2Cidp%253Acri%2Cidp%253Afab%2Cidp%253Aftr%2Cidp%253Aliid%2Cidp%253Amgncrbn%2Cfv%253Af%2Chbf%253A0.00%2Coseq%253A9%26hb_bidder%3DnoBid&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A54%252Cbrwsrv%253A119.0.6045.199%252Cpmp_elig%253A1%252Clf_elig%253A1%252Cclson%253Atrue%252CclsBranch%253A3fe49da%252CclsBucket%253Aprod%252Cintegration%253Aplugin%252Clmdv%253A1.47.0%252Crf%253A0%252Cppid%253Ano_id5StorageAvail_sharedIdSent%26siteId%3D5e0fcd6517a8be5a76a36c71%26organizationId%3D6233884d2bb0fa708866afdc%26siteName%3DPack%2520Hacker%26verticals%3DTravel%26abgroup%3Damzn%253Aon%252Cwvtls%253Aoff%254075%252Cmto%253A4%254025%252Cflrml1%253Acm%254010%252Cfto%253A4%254025%252Callbho%253Aoff%25400%252Cloglev%253Aoff%254099%252Chbho%253A33across%254025%252Chbho%253Aconcert%25405%252Chbho%253Aresetdigital%254090%252Coptd%253Aoff%2540100%252Cidho%253AFTrackId%252Cpbs2s%253A33across%2540100%252Cpbs2s%253Aconversant%2540100%252Cpbs2s%253Aimprove_ss%2540100%252Cpbs2s%253Apubm_ss%2540100%252Cpbs2s%253Aresetdigital%2540100%252Cpbs2s%253Aunder_ss%2540100%252Cpbs2s%253Aunruly%2540100%252Cpbs2s%253Ayieldmo%2540100%252Cpbs2s%253Aadform%2540100%252Cadt2%253A500%254085%252Cs2sparam%253Aon%254099%252Cmultirefauc%253A20s%254010%252Ccoldr%253Aboth%2540100%252Ckrgodr%253Aclient%254095%252Copnxdr%253Aboth%254098%252Cmagnitedr%253Aboth%254098%252Ctripleliftdr%253Aboth%254098%252Cyahoodr1%253Aboth%254098%252Cito_ds%253A2700%254015%252C3pho%253Anone%254095%252Cvbho%253Aresetdigital%254090%252Cvbho%253A33across%2540100%252Coptv%253Aoff%2540100%252Ccbt%253A6s%25405%252Cvasttoisv%253A15s%254060%252Cvasttoosv%253A5s%254060%252Cproto%253Aall%254055%252Cpbm%253Aon%252Caddur%253Aoff%254097%252Cadlifecyc%253Aoff%254090%252CreqTo%253A15%254060%252Cvadv%253Aon%252Cosp%253A2%2540100%252Cdofre%253Aoff%254099%252Csoblp%253Aoff%254095%252Ccsp%253Aon%2540100%252Cvmaxdur%253A30%254098%252Cjwpv%253A8.30.0%254099%252Csmhd100%253Aoff%252Cconmax99%253Aoff%252Cdcsll_ss2%253A5.10%254010%252Cdcsllm_ss%253Aundefined%252Cainv2%253A1000%2540100%252Cscre%253Aon%252Cpbsflr1%253Aoff%254095%252Cs2sbuff%253A300%254025%252Ccsync_lim%253A0%254025%252Crpbs%253Aoff%254090%252Crmos1%253Aoff%254099%252Csocon%253A1%254033%252Crtbf%253Aon%2540100%252Cdco%253Arelaxed%2540100%252Cdajto%253Aon%2540100%252Cjwb%253Aon%254095%252Cfldg%253Aon%254050%252Cvpred_1%253A0.9%254096%252Ccrtvmon%253Aoff%254090%252Coxli%253Aoff%2540100%252Cpba%253Anone%254099%252Camzn_hold_disp%253Aoff%254050%252Caddens%253Aoff%254075%252Cbmetrics%253Aoff%25401%252Cspa%253Aoff%25400%252Cfcp%253AtopLeft%2540100%252Cconfiant1%253Aoff%254090%252Cscae%253Aon%252Cessa%253Aon%252Cdssmh%253A2100%254010%252Cdssc%253A25%254025%252Crrc%253Aoff%252Crefsoflr%253A0%254080%252Cssff%253Aon%2540100%252Cjtte%253Aon%2540100%252Clogcls%253Aoff%254090%252Cmgncrbn%253Aon%254025%252Cnlsentrckr%253Aoff%2540100%252Crebuildslot%253Aon%254095%252Csre%253Aoff%2540100%252Cupl%253Aoff%254075%252Cdatapriv%253Aoff%254090%252Cvcsu%253Aon%2540100%252Cssau%253Aoff%2540100%252Cpale%253Aoff%254099%252Cdsle%253AContinuing%2520without%2520bids%254099%252Cdsle%253Axhr%2520timeout%2520after%254099%252Cmgtdtw%253A0%254080%26idho_p%3Did5Id%253A50%252CidentityLink%253A1%252CpairId%253A1%252CunifiedId%253A1%252CunifiedId2%253A1%252CsharedId%253A1%252Ccriteo%253A5%252CconnectId%253A5%252CfabrickId%253A5%252CFTrackId%253A95%252C33acrossId%253A5%252CliveIntentId%253A1%252ClotamePanoramaId%253A5%252CmerkleId%253A25%252CmerkuryId%253A5%26bucket%3Dprod%26sens%3Dalc%252Cast%252Ccbd%252Cdat%252Cgamv%252Cpol%252Cssr%252Csrh%252Cske%252Cwtl%26domain%3Dgfieldmoney.com%26plugin%3Dadthrive-ads-3.5.2%26vpwxvph%3D1600x1200%26ri%3D112%26st%3D195%26rsi%3D113%26pvk%3D01HGYJ9C2S3Q99MGV4DS2PTBNT%26sess%3D01HGYJ9C2S8FZW2KY5GRZM37PC%26branch%3D19998d0%26deployment%3Dstable%26hbho%3D33across%252Cconcert%252Cresetdigital%26vbho%3Dresetdigital%252C33across%26doba%3Dix%252Cmn%252Cox%252Cpu%252Cun%252Cma%252Cst%252Csb%252Csv%252Ctl%252Cmg%252Cxr%252Cot%252Cax%252Cch%252Ccr%252Cgg%252Ckg%252Ctd%252Cym%26gptv%3D202311300101%26gpid%3Dgpid%2520unavailable%26id_region%3Do%26sens_off%3Dske%26connection%3Dniet%253A4g%252Cdl%253A9.8%26ccpaOptOut%3D0%26fpv%3D1%26mcmp%3DBA_RDTR1%252Ciaba_719%26site_code%3DAFOI_2020%252CATZN_2020%252CEXFP_2020%252CEXHFCE_2021%252CGLDM_2021%252CGLU_2023%252CHUSA_2023%252CLBM_LS_2020%252CMIQWO_2022%252CMRLOI_22%252CNSTLE_22%252CREI_2021%252CSCPE_2023%252CTGNAF_21%252CTRGT_022020%252CTRVL_2021%252CTYS_062019%252CVITFM_21%26marmalade%3Dtrue&adks=3914515865&frm=20
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
463b944946c7cb362ad733e36f814dc75567d1f13612fa9c1b36c432ba399a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gfieldmoney.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1YNY&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1Y...
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26acc...
  • https://sync.targeting.unrulymedia.com/csync/RX-80a750f4-6bea-4e56-99ae-0b3841f104dd-004?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=RX-80a750f4-6bea-4e56-99ae-0b3841f104dd-004
86 B
983 B
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=RX-80a750f4-6bea-4e56-99ae-0b3841f104dd-004
Protocol
HTTP/1.1
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=RX-80a750f4-6bea-4e56-99ae-0b3841f104dd-004
date
Wed, 06 Dec 2023 03:21:08 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX80a750f46bea4e5699ae0b3841f104dd004
content-type
text/html
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1YNY&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3zh8t6m223mx0YnAhFmy&gdpr=&gdpr_consent=&us_privacy=1YNY
86 B
1 KB
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3zh8t6m223mx0YnAhFmy&gdpr=&gdpr_consent=&us_privacy=1YNY
Protocol
HTTP/1.1
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:08 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3zh8t6m223mx0YnAhFmy&gdpr=&gdpr_consent=&us_privacy=1YNY
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=1YNY&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
  • https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=9be3d123-b6c3-4a4f-a6f3-c5d1fe4aab47
86 B
1 KB
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=9be3d123-b6c3-4a4f-a6f3-c5d1fe4aab47
Protocol
HTTP/1.1
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 06 Dec 2023 03:21:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://prebid-server.rubiconproject.com/setuid?bidder=colossus&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=9be3d123-b6c3-4a4f-a6f3-c5d1fe4aab47
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=rubicon&puid={Publisher%20UID}&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dresetdigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=00000120B545EA51
86 B
1 KB
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=00000120B545EA51
Protocol
HTTP/1.1
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=resetdigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=00000120B545EA51
date
Wed, 06 Dec 2023 03:21:09 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
content-type
text/html
SPug
simage4.pubmatic.com/AdServer/ Frame 0ABC
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=&gdpr_consent=
  • https://prebid-server.rubiconproject.com/setuid?bidder=yahooAds&uid=y-u420zRdE2uF1K2QuyhU7rJxOcAl3Pqs8~A
86 B
1 KB
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yahooAds&uid=y-u420zRdE2uF1K2QuyhU7rJxOcAl3Pqs8~A
Protocol
HTTP/1.1
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=yahooAds&uid=y-u420zRdE2uF1K2QuyhU7rJxOcAl3Pqs8~A
date
Wed, 06 Dec 2023 03:21:09 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidde...
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=225699c9d43a1ee2&is_secure=true&version=1&networkId=72582&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&rurl=https%3A%2F%2Fprebid...
  • https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=AAAK-M0vzWLxogNbjB7YAAAAAAA&expiration=1701919269
86 B
2 KB
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=AAAK-M0vzWLxogNbjB7YAAAAAAA&expiration=1701919269
Protocol
HTTP/1.1
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:09 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=AAAK-M0vzWLxogNbjB7YAAAAAAA&expiration=1701919269
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3...
  • https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_con...
  • https://prebid-server.rubiconproject.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=c5f5b3ba-7434-4dee-9538-0ce1142f2087
86 B
2 KB
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=c5f5b3ba-7434-4dee-9538-0ce1142f2087
Protocol
HTTP/1.1
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=i&uid=c5f5b3ba-7434-4dee-9538-0ce1142f2087
access-control-allow-origin
*
date
Wed, 06 Dec 2023 03:21:10 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
hde.tynt.com/deb/ Frame B9F0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26g...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_cons...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_con...
2 KB
3 KB
Document
General
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
91d11e0157cbaeaa5fa9a12dc2bf19b1a979cf25200a72587c646787e9997c64

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2350
content-type
text/html
date
Wed, 06 Dec 2023 03:21:11 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 06 Dec 2023 03:21:10 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
usync.html
eus.rubiconproject.com/ Frame C7EA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1YNY
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.92 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Dec 2023 03:21:11 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 06 Dec 2023 03:21:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame 9042
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&ts=1701832871536.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privac...
991 B
575 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
59bacd21e86203ceaa31aab06b3d31b012e39025da70160ec59760358a4e2122

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
554
content-type
text/html
date
Wed, 06 Dec 2023 03:21:11 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
timing-allow-origin
*
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Wed, 06 Dec 2023 03:21:10 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP016
x-33x-status
40000000008200000A
setuid
prebid-server.rubiconproject.com/ Frame B9F0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1701832871536.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=212368127857613
0
2 KB
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=212368127857613
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:11 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=&f=b&uid=212368127857613
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame B9F0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=1YNY&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1YNY%26xi%3D45%26xu%3D%7BuserId%7D
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&xi=45&xu=376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347&ts=1701832871&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
68 B
117 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347&ts=1701832871&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:11 GMT
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347&ts=1701832871&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame B9F0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1YNY&ts=1701832871536.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=1YNY&bidder_id=90&external_user_id=4625678882631691475
68 B
117 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=1YNY&bidder_id=90&external_user_id=4625678882631691475
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:11 GMT
an-x-request-uuid
49357c60-709e-4c45-a1c6-1f5be8ebd4c7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://events-ssc.33across.com/match?liv=h&us_privacy=1YNY&bidder_id=90&external_user_id=4625678882631691475
x-proxy-origin
209.58.162.208; 209.58.162.208; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
db_sync
px.ads.linkedin.com/ Frame B9F0
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=LOlMT2Vv6KcEKS0Nb2rLoQ%3D%3D&us_privacy=1YNY&_rand=1701832871536.6
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=LOlMT2Vv6KcEKS0Nb2rLoQ%3D%3D&us_privacy=1YNY&_rand=1701832871536.6&expected_cookie=cd5f1ad5-fef9-45c2-b2dd-bbc6b7867e98
0
360 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=LOlMT2Vv6KcEKS0Nb2rLoQ%3D%3D&us_privacy=1YNY&_rand=1701832871536.6&expected_cookie=cd5f1ad5-fef9-45c2-b2dd-bbc6b7867e98
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:12 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9E5B8DDE14964978864DD74FE6A5BF8D Ref B: SIN30EDGE0109 Ref C: 2023-12-06T03:21:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLztfWuxnB2ehK+a9NSg==

Redirect headers

date
Wed, 06 Dec 2023 03:21:12 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 48ED9A99F4364D37B56721A982BE659F Ref B: SIN30EDGE0109 Ref C: 2023-12-06T03:21:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
/db_sync?pid=15927&puuid=LOlMT2Vv6KcEKS0Nb2rLoQ%3D%3D&us_privacy=1YNY&_rand=1701832871536.6&expected_cookie=cd5f1ad5-fef9-45c2-b2dd-bbc6b7867e98
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLztfPhldHa+6xW6DFWA==
receive
pixel.tapad.com/idsync/ex/ Frame B9F0
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=LOlMT2Vv6KcEKS0Nb2rLoQ%3D%3D&us_privacy=1YNY&random=1701832871536.7&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2F...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=41354556178144488982024293871141119278&pt=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=41354556178144488982024293871141119278&pt=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2%2C%2C
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:12 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

dcs
dcs-prod-usw2-1-v050-0ab9a298d.edge-usw2.demdex.com 2 ms
pragma
no-cache
date
Wed, 06 Dec 2023 03:21:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
YTIO9op5R4Q=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=41354556178144488982024293871141119278&pt=0e6f2c76-0700-4bee-8fe0-4c3de0855ec2%2C%2C
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
mapuid
secure.adnxs.com/ Frame B9F0
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=LOlMT2Vv6KcEKS0Nb2rLoQ%3D%3D&us_privacy=1YNY&random=1701832871536.8&pu=
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212368127857613&seg_code=33x&random=1701832871
43 B
825 B
Image
General
Full URL
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212368127857613&seg_code=33x&random=1701832871
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:11 GMT
an-x-request-uuid
a02b33b8-fa04-4647-b6fa-26f61b746340
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
209.58.162.208; 209.58.162.208; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:11 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
402044000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212368127857613&seg_code=33x&random=1701832871
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.js
eus.rubiconproject.com/ Frame C7EA
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.92 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b3132773c991b323a1a5dc491df586cefe6a8ef7021edbe2afc4c16303e0ad74

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1YNY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 03:21:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Dec 2023 06:39:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11836
Connection
keep-alive
Content-Length
13236
Expires
Wed, 06 Dec 2023 06:38:27 GMT
khaos.json
token.rubiconproject.com/ Frame C7EA
7 B
820 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1YNY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
match
events-ssc.33across.com/ Frame C7EA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1YNY&us_privacy=1YNY&khaos=LPT7CI83-28-CAV0
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LPT7CI83-28-CAV0&us_privacy=1YNY
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LPT7CI83-28-CAV0&ts=1701832872&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
68 B
117 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LPT7CI83-28-CAV0&ts=1701832872&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:12 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LPT7CI83-28-CAV0&ts=1701832872&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1YNY
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ecm3
s.amazon-adsystem.com/ Frame C7EA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1YNY
  • https://s.amazon-adsystem.com/ecm3?id=LPT7CI83-28-CAV0&ex=d-rubiconproject.com&status=ok&us_privacy=1YNY
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPT7CI83-28-CAV0&ex=d-rubiconproject.com&status=ok&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Dec 2023 03:21:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GTGN8NABTPHM8Y5S35VA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPT7CI83-28-CAV0&ex=d-rubiconproject.com&status=ok&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
ecm3
s.amazon-adsystem.com/ Frame C7EA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YNY
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YNY&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=yHpxc-6QQrSvWoBSQjDM3Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=yHpxc-6QQrSvWoBSQjDM3Q
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=yHpxc-6QQrSvWoBSQjDM3Q
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Dec 2023 03:21:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
16J18P8TMZN5AF4P97WZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=yHpxc-6QQrSvWoBSQjDM3Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C7EA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=437452d1-aafd-4446-a1b7-f65bb0385bb9&gdpr=0&gdpr_consent=&expires=30
42 B
885 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=437452d1-aafd-4446-a1b7-f65bb0385bb9&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=437452d1-aafd-4446-a1b7-f65bb0385bb9&gdpr=0&gdpr_consent=&expires=30
date
Wed, 06 Dec 2023 03:21:11 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame C7EA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIbA3kXbR9LdDBVbu6DWGv4&google_cver=1
42 B
885 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIbA3kXbR9LdDBVbu6DWGv4&google_cver=1
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIbA3kXbR9LdDBVbu6DWGv4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame C7EA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1YNY
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPT7CI83-28-CAV0&us_privacy=1YNY
0
513 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPT7CI83-28-CAV0&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:11 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 0AB7FD327CF745E694491FD90DE44952 Ref B: SIN30EDGE0109 Ref C: 2023-12-06T03:21:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLztfPEf4abTNRm9/Tdg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPT7CI83-28-CAV0&us_privacy=1YNY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame C7EA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNY
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBUN0NJODMtMjgtQ0FWMA==&us_privacy=1YNY
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE1-m6UUqGDzgDhUve-6CDU&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBUN0NJODMtMjgtQ0FWMA==&google_push=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBUN0NJODMtMjgtQ0FWMA==&google_push=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBUN0NJODMtMjgtQ0FWMA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
tap.php
pixel.rubiconproject.com/ Frame C7EA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNY
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/4a21DdUTQpm8R-ldX0pqVMn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1YNY
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dsN7RVxE2oJNMVGPoLAmPhyL0CIsp5WEDXQA.A--~A
42 B
885 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dsN7RVxE2oJNMVGPoLAmPhyL0CIsp5WEDXQA.A--~A
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 06 Dec 2023 03:21:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dsN7RVxE2oJNMVGPoLAmPhyL0CIsp5WEDXQA.A--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame C7EA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNY
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWMwM2ZkN2Q0OTYwOWM2NTY0Y2QwZDUzZTcyYzEyNzdjNjkxZWU1NA&us_privacy=1YNY
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWMwM2ZkN2Q0OTYwOWM2NTY0Y2QwZDUzZTcyYzEyNzdjNjkxZWU1NA&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWMwM2ZkN2Q0OTYwOWM2NTY0Y2QwZDUzZTcyYzEyNzdjNjkxZWU1NA&us_privacy=1YNY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C7EA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1YNY
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1YNY&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Op0llqb0TxuEStEaKxN5KA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Op0llqb0TxuEStEaKxN5KA
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Op0llqb0TxuEStEaKxN5KA
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Dec 2023 03:21:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WCKH0JTSR49B8A96RVSG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Op0llqb0TxuEStEaKxN5KA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C7EA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1YNY
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1YNY&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFC607K39EAABPcoP8UnA&expires=30
91 B
91 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFC607K39EAABPcoP8UnA&expires=30
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
7595357c645b297a5840a6e5b5576cf6199da6f58ec9d8daa311598300fb7c15

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
content-length
91
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFC607K39EAABPcoP8UnA&expires=30
Date
Wed, 06 Dec 2023 03:21:12 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/prebid/ Frame C7EA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1YNY
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPT7CI83-28-CAV0&us_privacy=1YNY
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPT7CI83-28-CAV0&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:11 GMT
an-x-request-uuid
c79b4ca9-d5c7-4212-b872-d6298d40ad4a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
209.58.162.208; 209.58.162.208; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPT7CI83-28-CAV0&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
pixel
capi.connatix.com/us/ Frame C7EA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1YNY
  • https://capi.connatix.com/us/pixel?puid=LPT7CI83-28-CAV0&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNY
  • https://capi.connatix.com/us/pixel?puid=LPT7CI83-28-CAV0&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNY&final=true
82 B
82 B
Image
General
Full URL
https://capi.connatix.com/us/pixel?puid=LPT7CI83-28-CAV0&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNY&final=true
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
831165bb2f1a5fce-SIN
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 06 Dec 2023 03:21:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LPT7CI83-28-CAV0&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNY&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
831165b9dd765fce-SIN
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
merge
ce.lijit.com/ Frame C7EA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&us_privacy=1YNY
  • https://ce.lijit.com/merge?pid=80&3pid=LPT7CI83-28-CAV0&us_privacy=1YNY
  • https://ce.lijit.com/merge?pid=80&3pid=LPT7CI83-28-CAV0&us_privacy=1YNY&dnr=1
43 B
664 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LPT7CI83-28-CAV0&us_privacy=1YNY&dnr=1
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Server
209.191.163.152 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Dec 2023 03:21:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 06 Dec 2023 03:21:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LPT7CI83-28-CAV0&us_privacy=1YNY&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
magnite
prebid.a-mo.net/setuid/ Frame C7EA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1YNY
  • https://prebid.a-mo.net/setuid/magnite?uid=LPT7CI83-28-CAV0&us_privacy=1YNY
0
451 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LPT7CI83-28-CAV0&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:11 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LPT7CI83-28-CAV0&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
v1
match.sharethrough.com/sync/ Frame C7EA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1YNY
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPT7CI83-28-CAV0&us_privacy=1YNY
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPT7CI83-28-CAV0&us_privacy=1YNY
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
52.77.135.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-135-86.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:12 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPT7CI83-28-CAV0&us_privacy=1YNY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
cksync
hb.yahoo.net/ Frame C7EA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1YNY
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPT7CI83-28-CAV0&redir=true&us_privacy=1YNY
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPT7CI83-28-CAV0&redir=true&us_privacy=1YNY
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yMHpnTXBaRTJ1RjFxa0RpLlc2VDdyRHZTRHZQZTd4aX5B&ovsid=LPT7CI83-28-CAV0&us_privacy=1YNY&dpid=58160
53 B
646 B
Image
General
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yMHpnTXBaRTJ1RjFxa0RpLlc2VDdyRHZTRHZQZTd4aX5B&ovsid=LPT7CI83-28-CAV0&us_privacy=1YNY&dpid=58160
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1YNY&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1YNY%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
42.99.140.152 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-152.pacnet.net
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 06 Dec 2023 03:21:12 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Wed, 06 Dec 2023 03:21:12 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0yMHpnTXBaRTJ1RjFxa0RpLlc2VDdyRHZTRHZQZTd4aX5B&ovsid=LPT7CI83-28-CAV0&us_privacy=1YNY&dpid=58160
date
Wed, 06 Dec 2023 03:21:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
events-ssc.33across.com/ Frame 9042
68 B
216 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=1YNY&bidder_id=70&external_user_id=c842e281-5eed-030c-18a9-6612432c776e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
sd
us-u.openx.net/w/1.0/ Frame 9042
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=bku868F41RaIth5
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=bku868F41RaIth5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 06 Dec 2023 03:21:11 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-083f2e64da6706325@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=bku868F41RaIth5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9042
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZW-oqAAE0D5fBgBd
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZW-oqAAE0D5fBgBd&_test=ZW-oqAAE0D5fBgBd
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZW-oqAAE0D5fBgBd&_test=ZW-oqAAE0D5fBgBd
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-qpg1222-QPG
pragma
no-cache
date
Wed, 06 Dec 2023 03:21:12 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701832872.215002,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZW-oqAAE0D5fBgBd&_test=ZW-oqAAE0D5fBgBd
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame 9042
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:11 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
jp-u.openx.net/w/1.0/ Frame 9042
Redirect Chain
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=57h3LC00KBDAK007eOCw
43 B
61 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=57h3LC00KBDAK007eOCw
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Wed, 06 Dec 2023 03:21:12 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=57h3LC00KBDAK007eOCw
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pxd
dps.jp.cinarra.com/ Frame 9042
0
38 B
Image
General
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=d89b73ef-9eb3-c9af-7e96-db96dae45acf
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.54.179 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-79-54-179.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:12 GMT
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 9042
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=amdrqhAUW0tSTvAgqRUw-tE6otA
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=amdrqhAUW0tSTvAgqRUw-tE6otA
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=amdrqhAUW0tSTvAgqRUw-tE6otA
Date
Wed, 06 Dec 2023 03:21:12 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
2aee88ab-10ca-a1aa-4549-7f37b62f2878
pr-bh.ybp.yahoo.com/sync/openx/ Frame 9042
43 B
600 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/2aee88ab-10ca-a1aa-4549-7f37b62f2878?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a03:2695:bb01:84bf:8ae6 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:21:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame 9042
0
0

dds
rtb.openx.net/sync/ Frame 9042
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=YX9k0yngis2S6iV1mmHfiw==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:11 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 03:21:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 9042
43 B
243 B
Image
General
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=1YNY&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1YNY%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Dec 2023 03:21:14 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1
d9f96d0186
bam.nr-data.net/events/1/
24 B
334 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/d9f96d0186?a=1056638457&v=1.248.0&to=NgZRbRZUXERYAUZeCQ9MZksNGltZXQdKGRYJEw%3D%3D&rst=14202&ck=0&s=ddebcef94fd05144&ref=https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:14 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-qpg1245-QPG
d9f96d0186
bam.nr-data.net/events/1/
24 B
329 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/d9f96d0186?a=1056638457&v=1.248.0&to=NgZRbRZUXERYAUZeCQ9MZksNGltZXQdKGRYJEw%3D%3D&rst=14206&ck=0&s=ddebcef94fd05144&ref=https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Requested by
Host: gfieldmoney.com
URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 06 Dec 2023 03:21:14 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://gfieldmoney.com
access-control-allow-credentials
true
Connection
close
Content-Length
24
x-served-by
cache-qpg1262-QPG
setuid
prebid-server.rubiconproject.com/
86 B
2 KB
Image
General
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=1YNY&gpp=&gpp_sid=&account=9262&f=i&uid=LPT7CI83-28-CAV0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.ytimg.com
URL
https://i.ytimg.com/vi/-UrblOSv38k/maxresdefault.jpg
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=111
Domain
cdn.jwplayer.com
URL
https://cdn.jwplayer.com/manifests/N7dniXtO.m3u8?max_resolution=1280
Domain
id5-sync.com
URL
https://id5-sync.com/c/367/821/1/8.gif?puid=4d7de81e-1aec-4868-b362-e804e2838037&gdpr=0&gdpr_consent=
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| documentPictureInPicture object| fp object| NREUM object| webpackChunk:NRBA-1.248.0.PROD object| newrelic object| adthriveCLS object| adthrive object| cls_disable_ads object| cls_header_insertion function| nonPmrpcWorker function| nonPmrpcSharedWorker object| pmrpc object| Memberful function| insertAfter function| createDiv object| swv object| wpcf7 function| $ function| jQuery string| appurl object| a3_lazyload_params object| a3_lazyload_extend_params object| StyleFix object| PrefixFree function| ConicGradient object| addComment function| fbq function| _fbq object| pbjs object| apstag object| googletag object| _pbjsGlobals object| _aps boolean| apstagLOADED object| ggeac object| google_tag_data object| google_js_reporting_queue function| __uspapi object| _comscore object| confiant object| liQ_instances object| D9v object| D9r object| apscustom object| COMSCORE object| ns_p object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad object| jwDefaults object| webpackChunkjwplayer function| jwplayer undefined| google_measure_js_timing string| send object| d9PendingXDR object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| regeneratorRuntime object| ID5 object| __id5_instances object| closure_lm_460219 object| closure_lm_3593 number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

126 Cookies

Domain/Path Name / Value
.liadm.com/j Name: lidid
Value: 43965f6b-4f6d-4fa1-837d-b7f0c288504d
.adsrvr.org/ Name: TDID
Value: 437452d1-aafd-4446-a1b7-f65bb0385bb9
.memberful.com/ Name: __cf_bm
Value: OBFEiaKuwGU7BSblW__xYkk8HlFz7rsU1SqgRxK8yEI-1701832861-0-AQEi1yZ/WKfMaa5+nqMJpov3MA9M3QrIxnNO0J3+0dhcuH97a68oa1EsipFJgyztO95uTU39zM1WinNpBztrN0M=
.gfieldmoney.com/ Name: _fbp
Value: fb.1.1701832862786.2095198718
gfieldmoney.com/ Name: __adblocker
Value: false
gfieldmoney.com/ Name: usprivacy
Value: 1YNY
gfieldmoney.com/ Name: ccuid
Value: bde6b73e-4560-47f2-af7f-f98c560c2d9d
gfieldmoney.com/ Name: ccsid
Value: ff047fa3-38b1-4b5e-a66f-45ec7e8ff0c6
gfieldmoney.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.gfieldmoney.com/ Name: _li_dcdm_c
Value: .gfieldmoney.com
.gfieldmoney.com/ Name: _lc2_fpi
Value: 554e01b63a9f--01hgyj9c5ey4ghxgdw9serm474
gfieldmoney.com/ Name: _lr_retry_request
Value: true
gfieldmoney.com/ Name: _lr_env_src_ats
Value: false
.yahoo.com/ Name: A3
Value: d=AQABBJ_ob2UCEO0GPrFOIanozoZY02vB61MFEgEBAQE6cWV5Za9E8HgB_eMAAA&S=AQAAAjHmw8vXDRailm-ZO8pi05Y
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: db4b886be58513f358841e848908d43b
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSEkySbKwMEtKNbUwNTROMza1sDAxTLUwsbA0sEgxMU5iAILU%2FBfzQTQUAABRDArF"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIzX8xH0hBAQAc8AJc"
.gfieldmoney.com/ Name: panoramaId_expiry
Value: 1701919263982
.gfieldmoney.com/ Name: _cc_id
Value: db4b886be58513f358841e848908d43b
.gfieldmoney.com/ Name: cto_bundle
Value: 6SVtKl91cEt2MXJ2OEhmNlliamtvbjBXdVdsZSUyRm1QR1dkZTE4YzVCRlBuOHM3aEpuUGNlWGRnd0RtemlVS0JHNkFMZzBRcm5CZmVPQ1h3Sm9oZWtpS2NHMUJWcHZHS3JnanNrJTJCcmM4MzFWUEZMTDdDNm1VTDlRTlBGNzdWRkdzamk2TE0
.gfieldmoney.com/ Name: cto_bidid
Value: JvpT5V9PcXglMkIyMktGcTFGcFZXVmNrbTNPS2cyM0h2WFIyMElIbVpaRkZ0M25zTXdFcEMzdyUyQmZKUml3QXZVUW9hRE9vUmJBalE4eiUyRndZR0xUZXplZE03Y2Z1ZyUzRCUzRA
.scorecardresearch.com/ Name: UID
Value: 174aac49799f75c4a2665861701832864
.rubiconproject.com/ Name: khaos
Value: LPT7CI83-28-CAV0
.flashtalking.com/ Name: _D9J
Value: c49b980930fd482d8d57ff056aae8a7c
.rkdms.com/ Name: sessionid
Value: h-a86d9e1e857f4bbfa84293466d375b78_t-1701832864
.agkn.com/ Name: ab
Value: 0001%3AFYeTnj37kqNBFYH9IhmL1xSY4sNQOLoD
.gfieldmoney.com/ Name: __li_idex_cache_e30
Value: %7B%7D
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.kargo.com/ Name: ktcid
Value: d3f610d4-6265-0dbd-1cb5-c8dbfbd4a2d9
.teads.tv/ Name: tt_viewer
Value: e76cba0d-fd06-423e-8049-23b3d508db51
.gumgum.com/ Name: cs
Value: true
.liadm.com/ Name: lidid
Value: 43965f6b-4f6d-4fa1-837d-b7f0c288504d
.gumgum.com/ Name: vst
Value: a_2e6f2988-7c51-423d-bef8-058e68decac2
.ccgateway.net/ Name: ccuid
Value: bde6b73e-4560-47f2-af7f-f98c560c2d9d
.gfieldmoney.com/ Name: __gads
Value: ID=2fafa39a07e59314:T=1701832866:RT=1701832866:S=ALNI_MZBRqzesL5GyaMTx_vHS8x0cov3Xw
.gfieldmoney.com/ Name: __gpi
Value: UID=00000ca5b7a05ae7:T=1701832866:RT=1701832866:S=ALNI_Mb-P9tN60UmtBJ6fVdwWDtcvXihHw
.doubleclick.net/ Name: IDE
Value: AHWqTUnTZc4zRR2_6C0cChF7C6AUskVEM9k8aRWesxMDXYWL0wvUeTXBd4fHAOfci7s
.id5-sync.com/ Name: id5
Value: 920c4232-25d9-7265-b0b8-09b3afb834ef#1701832866481#2
.adnxs.com/ Name: uuid2
Value: 4625678882631691475
.eyeota.net/ Name: mako_uid
Value: 18c3d24bd63-5529000001085eb7
.eyeota.net/ Name: SERVERID
Value: 24247~DM
.openx.net/ Name: i
Value: 6d85d1b6-29e1-0c14-2e48-a12a2d5fd6cc|1701832867
.openx.net/ Name: univ_id
Value: 537072971|437452d1-aafd-4446-a1b7-f65bb0385bb9|1701832867511803
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 96DECE01-6CC4-4980-845E-7FC80B277327
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:2
.pubmatic.com/ Name: DPSync3
Value: 1703030400%3A201_245_226%7C1701907200%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1702425600%3A2_223%7C1702684800%3A63%7C1703030400%3A7_71_220_13_3_21_54
.ladsp.com/ Name: cr
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4625678882631691475&KRTB&23339-4625678882631691475
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-437452d1-aafd-4446-a1b7-f65bb0385bb9&KRTB&22918-437452d1-aafd-4446-a1b7-f65bb0385bb9&KRTB&22926-437452d1-aafd-4446-a1b7-f65bb0385bb9&KRTB&23031-437452d1-aafd-4446-a1b7-f65bb0385bb9
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHXzLjOgiDL0d_MMMdtDuiQ&KRTB&23025-CAESEHXzLjOgiDL0d_MMMdtDuiQ&KRTB&23386-CAESEHXzLjOgiDL0d_MMMdtDuiQ
.pubmatic.com/ Name: SPugT
Value: 1701832867
.tapad.com/ Name: TapAd_TS
Value: 1701832867639
.tapad.com/ Name: TapAd_DID
Value: 0e6f2c76-0700-4bee-8fe0-4c3de0855ec2
.ladsp.com/ Name: smn_uid
Value: ZiYP2bPALDxHgcLZdIG2XBA7ezcixg0
.ladsp.com/ Name: lum
Value: CLH-kunDMRIFCAMQ0AU
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAxODMyODY3fQ
.turn.com/ Name: uid
Value: 4004401939369620632
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4004401939369620632&KRTB&23150-4004401939369620632&KRTB&23527-4004401939369620632
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-80a750f4-6bea-4e56-99ae-0b3841f104dd-004%22%7D
.simpli.fi/ Name: suid
Value: DF7D98AD37DE49BAACD4E305048507FA
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:DF7D98AD37DE49BAACD4E305048507FA&KRTB&23486-uid:DF7D98AD37DE49BAACD4E305048507FA&KRTB&23489-uid:DF7D98AD37DE49BAACD4E305048507FA&KRTB&23539-uid:DF7D98AD37DE49BAACD4E305048507FA
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-80a750f4-6bea-4e56-99ae-0b3841f104dd-004%22%7D
.yieldmo.com/ Name: yieldmo_id
Value: 3zh8t6m223mx0YnAhFmy%7C1701820800000%7C0
.bidswitch.net/ Name: tuuid
Value: fdcda54b-47b1-4c2c-ae08-30e3ed8e2872
.bidswitch.net/ Name: c
Value: 1701832868
.bidswitch.net/ Name: tuuid_lu
Value: 1701832868
.semasio.net/ Name: SEUNCY
Value: 7114ECBD3000F8A6
.aralego.com/ Name: sspid
Value: 41e1c376-f691-3dd1-91c7-60bb7b0bbbc0
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-fdcda54b-47b1-4c2c-ae08-30e3ed8e2872
.pubmatic.com/ Name: PugT
Value: 1701832868
.colossusssp.com/ Name: gtm_usr
Value: 9be3d123-b6c3-4a4f-a6f3-c5d1fe4aab47
.colossusssp.com/ Name: lmg_r
Value: 11
.sitescout.com/ Name: ssi
Value: 376e0b90-50d9-48c9-be18-c51a9eb4cb53#1701832869135
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTcwMTgzMjg2OTI5NywiNyI6MTcwMTgzMjg2OTI5N30
.resetdigital.co/ Name: ckbk
Value: 00000120B545EA51
.dotomi.com/ Name: DotomiTest
Value: 225699c9d43a1ee2
.360yield.com/ Name: tuuid
Value: c5f5b3ba-7434-4dee-9538-0ce1142f2087
.360yield.com/ Name: tuuid_lu
Value: 1701832869
.csync.loopme.me/ Name: viewer_token
Value: 4d7de81e-1aec-4868-b362-e804e2838037
.id5-sync.com/ Name: 3pi
Value: 2#1701832867053#-934146344#4625678882631691475|821#1701832870206#-74303382|822#1701832868633#-788969305|264#1701832866825#1927592953#437452d1-aafd-4446-a1b7-f65bb0385bb9|826#1701832869532#1025755716#376e0b90-50d9-48c9-be18-c51a9eb4cb53-656fe8a5-5347|123#1701832867261#1657409492|285#1701832867970#-756471014#LPT7CI83-28-CAV0
.33across.com/ Name: 33x_ps
Value: u%3D212368127857613%3As1%3D1701832870616%3Ats%3D1701832870616
.tynt.com/ Name: uid
Value: LOlMT2Vv6KcEKS0Nb2rLoQ==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1701832871536%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1701832871536%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1701832871536%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1701832871536%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1701832871536%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1701832871536%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1701832871536%7D%5D
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjE47C2jYW7PBAFEhQKBXRhcGFkEgsI-O3Xt42FuzwQBRIWCgdydWJpY29uEgsI8sa6342FuzwQBRgBIAIoAjILCITk2uSjhbs8EAU4AVoFdGFwYWRgAg..
.adnxs.com/ Name: anj
Value: dTM7k!M4/YCxrEQF']wIg2E>?iNrzI!]tbP6j2F-.aDabByFnKcfG<GlyG2sAT*ZakDds(8`fI/wR#Xx*qF1`*b_0y(VyjD
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQVDdDSTgzLTI4LUNBVjAiLCJleHBpcmVzIjoiMjAyNC0wMy0wNVQwMzoyMToxMVoifX0sImJpcnRoZGF5IjoiMjAyMy0xMi0wNlQwMzoyMToxMVoifQ==
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsieWFob29BZHMiOnsidWlkIjoieS11NDIwelJkRTJ1RjFLMlF1eWhVN3JKeE9jQWwzUHFzOH5BIiwiZXhwaXJlcyI6IjIwMjMtMTItMjBUMDM6MjE6MDkuODQyNTQ0NTY2WiJ9LCJ1bnJ1bHkiOnsidWlkIjoiUlgtODBhNzUwZjQtNmJlYS00ZTU2LTk5YWUtMGIzODQxZjEwNGRkLTAwNCIsImV4cGlyZXMiOiIyMDIzLTEyLTIwVDAzOjIxOjA4LjE3NjYyMDA1NFoifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiYzVmNWIzYmEtNzQzNC00ZGVlLTk1MzgtMGNlMTE0MmYyMDg3IiwiZXhwaXJlcyI6IjIwMjMtMTItMjBUMDM6MjE6MTAuMDE0ODcyOTkzWiJ9LCIzM2Fjcm9zcyI6eyJ1aWQiOiIyMTIzNjgxMjc4NTc2MTMiLCJleHBpcmVzIjoiMjAyMy0xMi0yMFQwMzoyMToxMS45MzYwNzA4NzlaIn0sImNvbG9zc3VzIjp7InVpZCI6IjliZTNkMTIzLWI2YzMtNGE0Zi1hNmYzLWM1ZDFmZTRhYWI0NyIsImV4cGlyZXMiOiIyMDIzLTEyLTIwVDAzOjIxOjA5LjA2MjY0ODQ3OVoifSwicHVibWF0aWMiOnsidWlkIjoiOTZERUNFMDEtNkNDNC00OTgwLTg0NUUtN0ZDODBCMjc3MzI3IiwiZXhwaXJlcyI6IjIwMjMtMTItMjBUMDM6MjE6MDcuNjQ1MjcyODA3WiJ9LCJydWJpY29uIjp7InVpZCI6IkxQVDdDSTgzLTI4LUNBVjAiLCJleHBpcmVzIjoiMjAyMy0xMi0yMFQwMzoyMTowNy40OTg2MzEyNzdaIn0sImNvbnZlcnNhbnQiOnsidWlkIjoiQUFBSy1NMHZ6V0x4b2dOYmpCN1lBQUFBQUFBIiwiZXhwaXJlcyI6IjIwMjMtMTItMjBUMDM6MjE6MDkuOTUzOTc4MzdaIn0sInJlc2V0ZGlnaXRhbCI6eyJ1aWQiOiIwMDAwMDEyMEI1NDVFQTUxIiwiZXhwaXJlcyI6IjIwMjMtMTItMjBUMDM6MjE6MDkuODIyNDUyODkzWiJ9LCJvcGVueCI6eyJ1aWQiOiI4N2Y3NjEyMC0zOWY5LTAwMGEtMWYxMi1hOWQ3YzgyMzI3YmMiLCJleHBpcmVzIjoiMjAyMy0xMi0yMFQwMzoyMTowNy40OTg5NTMzNVoifSwieWllbGRtbyI6eyJ1aWQiOiIzemg4dDZtMjIzbXgwWW5BaEZteSIsImV4cGlyZXMiOiIyMDIzLTEyLTIwVDAzOjIxOjA4LjIzMTAzODMxNloifX19
.openx.net/ Name: pd
Value: v2|1701832867.4|lYvOiajEiuhI.vysnwJuIjIvGlQkqlUvH
.blismedia.com/ Name: b
Value: 656FE8A71444ECB3F3997897BLIS
.w55c.net/ Name: wfivefivec
Value: bku868F41RaIth5
.sharethrough.com/ Name: stx_user_id
Value: 2a532a21-55da-44dc-9c94-0770c9a67451
.w55c.net/ Name: matchopenx
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2fg3:1929~2fg3:18vk~2fg3:19e0~2fg3"
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: b6a4280b-d86d-4f43-b6ef-3b07ae4119b9
.prebid.a-mo.net/ Name: sd_amuid2
Value: b6a4280b-d86d-4f43-b6ef-3b07ae4119b9
.connatix.com/ Name: cnx_userId
Value: db65a60692f64ed892facec11730a3d0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZW-oqAAE0D5fBgBd
.r-ad.ne.jp/ Name: r_ad_token
Value: 57h3LC00KBDAK007eOCw
.bidr.io/ Name: bito
Value: AAFC607K39EAABPcoP8UnA
.bidr.io/ Name: bitoIsSecure
Value: ok
.linkedin.com/ Name: li_sugr
Value: cd5f1ad5-fef9-45c2-b2dd-bbc6b7867e98
.linkedin.com/ Name: bcookie
Value: "v=2&551e4604-8273-4e3d-898b-5036cb342368"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2643:u=1:x=1:i=1701832872:t=1701919272:v=2:sig=AQHtfcV65Ed5hUC6L_0ett0qozWDIR5C"
.lijit.com/ Name: ljt_reader
Value: HxgpBQZH5J76Qu6QROKHTue0
.demdex.net/ Name: demdex
Value: 41354556178144488982024293871141119278
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: _ljtrtb_80
Value: LPT7CI83-28-CAV0
.dpm.demdex.net/ Name: dpm
Value: 41354556178144488982024293871141119278
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A0GP8zGQR0ODrBnmxUwZRGU
.rubiconproject.com/ Name: audit
Value: 1|oZUU/eY7d6m+yVjcFbMdMq98qYT+rI51WjcpGTvwvvpx1g1ygpCGvrNZCO71x9jx4At2KwYaiDNBK03vAHceECADBDl23oLEiprwfK+L4pY6H1zCwkOdeqnR25/Y7RpmHNrkjlJiv76pRkKTm0WCRg==
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8163-3!8163
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6a676baa-1014-5b4b-524e-f020a91530fa.SVn7SC4Dw1Fq5g4lZjP8OUm7ZQfg%2BYGE48X9xK2qhxY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6a676baa-1014-5b4b-524e-f020a91530fa.SVn7SC4Dw1Fq5g4lZjP8OUm7ZQfg%2BYGE48X9xK2qhxY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AamdrqhAUW0tSTvAgqRUw-tE6otA.bCUlHYIDP2m4Izb0bgVhXanMdKiwdc8pRVE5suLGys8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AamdrqhAUW0tSTvAgqRUw-tE6otA.bCUlHYIDP2m4Izb0bgVhXanMdKiwdc8pRVE5suLGys8
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMxWDZB4UsqM24cK6xkTPuaLnxKDuCiKnRjMIDlYRo_HEHwYBCCo0b-rBjABOgSVjvJGQgTm0HaM.GgSbunM7iPEnJgCp96LX8P1Xtti1N1ddJMBbtNtP7Ds
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMxWDZB4UsqM24cK6xkTPuaLnxKDuCiKnRjMIDlYRo_HEHwYBCCo0b-rBjABOgSVjvJGQgTm0HaM.GgSbunM7iPEnJgCp96LX8P1Xtti1N1ddJMBbtNtP7Ds
.hb.yahoo.net/ Name: visitor-id
Value: 3448344728091219000V10
.hb.yahoo.net/ Name: data-mag
Value: LPT7CI83-28-CAV0~~63

14 Console Messages

Source Level URL
Text
network error URL: https://gfieldmoney.com/luminati.json
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://gfieldmoney.com/_fp.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.5.1.min.js?ver=6.3.1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gfieldmoney.com/_fp.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.5.1.min.js?ver=6.3.1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Message:
A preload for 'https://i.ytimg.com/vi/-UrblOSv38k/maxresdefault.jpg' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript error URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Message:
Access to image at 'https://i.ytimg.com/vi/-UrblOSv38k/maxresdefault.jpg' from origin 'https://gfieldmoney.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://i.ytimg.com/vi/-UrblOSv38k/maxresdefault.jpg
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ups.analytics.yahoo.com/ups/58404/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://gfieldmoney.com/travel-gear/matador/transit30-2-0&pixelId=58404
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=111' from origin 'https://gfieldmoney.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=111
Message:
Failed to load resource: net::ERR_FAILED
security warning (Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript warning URL: https://gfieldmoney.com/travel-gear/matador/transit30-2-0
Message:
The resource https://i.ytimg.com/vi/-UrblOSv38k/maxresdefault.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://id5-sync.com/c/367/821/1/8.gif?puid=4d7de81e-1aec-4868-b362-e804e2838037&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFC607K39EAABPcoP8UnA&expires=30
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.adthrive.com
ads.pubmatic.com
ads.yieldmo.com
api.rlcdn.com
assets-jpcust.jwpsrv.com
bam.nr-data.net
bidder.criteo.com
bk.r-ad.ne.jp
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
capi.connatix.com
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jwplayer.com
cdn.packhacker.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
colossusssp.com
config.aps.amazon-adsystem.com
connect.facebook.net
content.jwplatform.com
cr-p3.ladsp.com
cs.nex8.net
d9.flashtalking.com
de.tynt.com
direct.adsrvr.org
dp1.33across.com
dpm.demdex.net
dps.jp.cinarra.com
entitlements.jwplayer.com
eus.rubiconproject.com
events-ssc.33across.com
exchange.postrelease.com
f0ce2fb8d209ce1e41c989fc9eefb626.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
gfieldmoney.com
grid.bidswitch.net
gum.criteo.com
hb.undertone.com
hb.yahoo.net
hbopenbid.pubmatic.com
hde.tynt.com
htlb.casalemedia.com
i.w55c.net
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
jp-u.openx.net
js-agent.newrelic.com
js.memberful.com
krk2.kargo.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
lexicon.33across.com
logger.adthrive.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
p.typekit.net
pagead2.googlesyndication.com
pb-ing.ccgateway.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.sv.rkdms.com
px.ads.linkedin.com
rp.liadm.com
rp4.liadm.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssl.p.jwpcdn.com
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.mathtag.com
sync.resetdigital.co
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tg.socdm.com
tinyurl.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
www.facebook.com
www.google.com
x.bidswitch.net
api.rlcdn.com
cdn.jwplayer.com
cs.nex8.net
i.ytimg.com
id5-sync.com
sync.mathtag.com
103.254.153.160
103.43.90.117
104.18.36.155
104.69.39.62
119.9.108.180
124.146.153.170
13.224.154.155
13.226.120.23
13.227.254.54
13.227.254.65
13.228.126.19
13.33.33.36
13.33.88.107
13.33.88.20
13.33.88.68
13.33.96.216
131.153.206.101
141.95.98.64
143.244.222.249
15.197.193.217
15.197.196.10
151.101.194.49
151.101.2.137
152.195.62.252
162.19.138.118
162.247.243.29
172.217.194.157
172.240.155.116
172.64.146.152
173.237.69.12
18.136.5.195
18.139.232.112
18.139.43.115
18.155.68.85
18.177.11.95
182.161.73.136
184.51.97.137
184.51.97.92
188.166.232.115
2001:df2:a300:bbbb::135
207.65.33.76
207.65.33.78
207.65.33.82
209.191.163.152
220.150.223.50
23.44.0.196
2403:e800:e80b::2a63:8c98
2403:e800:e80b::2a63:8cb9
2404:6800:4003:c00::5e
2404:6800:4003:c00::68
2404:6800:4003:c00::94
2404:6800:4003:c01::9b
2404:6800:4003:c02::77
2404:6800:4003:c03::5f
2404:6800:4003:c03::84
2404:6800:4003:c04::5f
2404:6800:4003:c04::84
2404:6800:4003:c06::9c
2406:2600:7:100::12
2406:2600:7:100::9
2406:da18:929:5a03:2695:bb01:84bf:8ae6
2600:1f18:730:b120:5272:c368:d5e5:d480
2600:9000:200a:2800:1:a3fa:7cc0:93a1
2600:9000:200a:b200:1:a3fa:7cc0:93a1
2600:9000:229f:c000:1b:6b7c:c940:93a1
2602:803:c006:158::65
2606:4700:10::6814:8b41
2606:4700:10::ac43:266a
2606:4700:4400::6812:2b5a
2606:4700::6810:447d
2620:1ec:21::14
2a02:fa8:c411:11::730
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
2a04:4e42:200::626
2a04:4e42:400::626
2a04:4e42:48::720
2a04:4e42:600::649
3.0.155.52
3.112.170.251
3.215.46.21
34.111.113.62
34.117.239.71
34.209.183.148
34.96.105.8
35.186.253.211
35.213.12.39
35.213.54.176
35.244.159.8
35.244.193.51
35.247.47.28
35.73.167.231
35.79.54.179
35.89.54.138
37.157.2.229
42.99.140.152
44.230.254.37
52.222.174.13
52.46.128.147
52.53.40.127
52.77.135.86
52.77.152.198
52.77.74.133
54.169.193.249
54.191.47.182
54.209.207.92
54.249.237.55
54.255.159.219
54.82.17.205
67.199.150.81
67.199.150.85
67.199.150.86
67.202.105.24
67.202.105.31
67.220.228.202
69.173.158.64
69.173.158.92
74.118.186.107
8.43.72.98
98.98.134.242
02d2d8c28fa50fe67e708e6300ff65169a1f25c204e6022455608da94bd4b282
02ff714dafb70ab644fd3fd1c49aecda9cd2ecf5f4d9e99740ff34be90901a3d
05289e87130442fbbaf648499845582981d1e63acc191679803ed407d1ae9257
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0580e9e816da1883ab597af4ed3ea8e25d5325f39a64bc8951c2aa03045ca229
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
085df9fc57e9242c6d5a230ecd67311dcd014c42906e5a2c2a1419d8cdc266e8
09800294edfb86dd8c2e55df303183f7907663282a42f84a4f621fa71190adb1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d864c1e7978cc37ae4d7ece75871821510659f2f1a4d8ea5dabcb69ea66b2cc
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325
1029480afeb454e41b9dda46310031459139a88002496050508f4edaf911da9e
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
11ccbc0a47ce6ce0995f423ed5d57f0d3674f15ab0b9df147ea39e6122d0b11c
131ea1ac0fa68e312d3dae5f45b743d4c544aae770fcbc91d3b887626d080e57
13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b
159c7c68f316adca7da499cc642915e8b007665d012d31ef109b47d77d12181a
176e3e9e46d4e9976af862e271cfcea2ec2db8661100c0c2be6318955bd93306
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b49fbe7186dca142ac34d0f4261ac34b78e676f7a479438d3fc80a70f87a8a3
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1da0bff00c0da6debe8540a166f0a25cb904d05a0d20541fc187f4ec2e74fe34
1e6ff53e4e2e0416bc300be4c02e7c4c560b1d11118a23a19d880a7c5c70aa0e
1e9a7e37cc4b24fc950faf35c5a2964d4ca1c70baf5c90902e37c65bc113427f
1e9f00469400af5fe895c45dcb2702cd90f85cd4817c7eabd97689a76753833e
2005ce48e77f463a0bb7e662fe7d62685640add0ecffc2dd99dc3e89cf704de9
21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16
250553fd5318233a8fae063430ebde889cca2c4193d7b0e688b80578f9a98ba2
28fc1f59f2f76edbaa8a413242078783e7055aa2a1a894ddc0352124e46419ae
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949
2df4ce40d9a7ffbf31d8e8dacf191836f8ce7553e9819921fb087ac59ecbf516
2e1ffb8e59b678f4e1666b92fb500a9b3517edcd5dd8ccc19fad362c514d2558
2e6a78f506f274a2446d95daff9c9d5fcd149b8211bb84a0c99b8fb480d76c0d
2f4ca8e94fd219ef68dd057a0c262b68a52e525edac4d1f8799e761709d7f5b2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31b84e5bf53d334df59468eb95f0860ffc417b5c6c20eaa15e24027b8a2fd127
32a919ee73aad66bc1e66d70580d66ae49a41230bb00c685d50e1fea8dc972e1
363a342bafab5da8d1ee09ea89b73a83e2740a3af5bd8d3b46014b0f6a484f36
3648d3f9bc82c05cf48b1569af85b72bf60166646c5bf5c3b411232ee6e9bf08
36977efa22b73cb7b43f0a5c0ac9ee539d80af495f0d89b84c4d57ec2485c0ba
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38a219bf88a26b001555e6e09f53d7a457c9b99696cc8c86020358bb3786a75a
393e72c2e8fa9241b4df79b80a5a95c22b461c52d6bb5ad5c11f9f824766f64e
3bf3b38a977d2ffec49384e7d5ebd60bc638fd3624d7560492e69164776d06d0
3d6ad5d824553790eb481f692dc407d88b5a6ddafbb319d90293a7543b0ddb68
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4120c8272d3655febe8e8525eedd3c8bd01730efbb47121f9e840abd047ec9cc
412e9746fd880b602a748573673538253e68f29103764e3166ee211dea4d4920
4273aea034582a2e6cef054d47b03462f4bd4f4d50b7b03317a04e79eea9645e
43bf13402588a97fbb5d13ee4f05ac0c82280f00024f74fce7ac8724e38fba36
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
463b944946c7cb362ad733e36f814dc75567d1f13612fa9c1b36c432ba399a10
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470e416b7026a5a21fde14111f63b45f166c6ab1b033392a42375a45a72d2efe
478f094a474dbbe83eecaa65c822b13519b20ba35375e3f71264b035919423c7
47c939e8ba93f036a2ce9c64641200090ed807b9d6341322c7925c31947e42b7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a65b54ac1a5135f0684958f16fd517109b2d20784872044727a7e56fc1d8cf
4a0e963ee7ef39e9219f0c4d66ba7687e8cd11bde4259862e74a3facf2f4a8b9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b82e5c4363493733c9b4923a0de07058c40ce15e093727e4db91f106f31d754
4d615cf83189a5e66e6a8bfd9f260c1bb5120ec053b9f937d2f5cd7ef37f77c6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1c389e38c3965b7b3d567fae553fac8f7438b2d878b8160d1e9f245b9ed309
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50279807da7663e6143156926fd8ca89d7e6dfdc98320ae5a2751dcdb910e7dc
51707ab5853e0c972604927c9eb91a5e7590d2037e33eeb636ab4204495d028c
531197442133e35509840be3ccf5a772fcc0a2f974ab1b4fb9c6fcaf213196b0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5632d6922f4a7d1bc81da245da6f013de7096d012675ae4927e96ceea1b8164a
5771578403b08f8adb4964399c2e3bd6414129780d936c4b11dc182cec653fac
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61
59bacd21e86203ceaa31aab06b3d31b012e39025da70160ec59760358a4e2122
59c70a11861a4fe80bf815bf63c5954b9000dde7ef42c78416c4451cdd4bf729
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60d51b076550b4ccabccb895caa53d05b3fc837b80577bd022aee573efb2ace5
619f4d380f6eb1f2b22dff76a7fe21cd37201e09d569102db38228b35c76b627
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63a03df903030d78749fa647494b5c18c248cd464a95eb768e972278d885f9df
63e0cbcf779f6e821048704e0e4114eb9acc4508b5dfba4a5d9a8ff3123b2609
640715bfe1cf1889d4596bd23bd71223cced6f44d898a083667af7ad57f77fd7
65509c79d0f33cbe29beddad49e831982dc5678905fc352e92244b1ff3674652
664363d957b1c2ca0b27b7be854b406cd3638e85330f1cc4b3016c4984c937e1
67374445830fbb1e824a654c7e4c10b29aff6daa205eb538c8e8753d7ff8b318
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
676c40b6075652f846a7b4f57a32bf259f739ed5f8e176b9767fdad05240c099
678b7e15eb9de6ebcde7944fb03591d26312dc2e27fba935ce771c7b2b265a22
68e7f4df4ef8dbdfd3600e9c0d0386b627a0ccba7687aadc097d4603368a96ae
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b8419f63bb4186ae86a73a201c75de3a4bbbcc1c2b7910443b02261a4b29174
6cbf315237c59e8a642c01a67cf4848835ffbd8c71ace7dc6df5d7994761f84e
704eb7a77983841233527735535708aa94bb2173ab466e276b7cb54630a68762
71f5227b097775d2642b83c811110311ce817ae436c3f01577c9a2d346ef5abc
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
7595357c645b297a5840a6e5b5576cf6199da6f58ec9d8daa311598300fb7c15
7660393a61cfc061df4080ba777c65d51fde7fb5a58f8c537b36a1cfc49ba6b7
768c2df99a7a6ebc17442235a396dc34f4eb24fcf743c7366595d7281f7dad11
7749d51538cf227c122ba4e71a9884089a78f096abcd633cc76e63575a6b3f26
77de9a9d39b58cc63bb6ceb9386e8031816b18a33ef947c03d19039b166d690d
79317f11dcdac37b3a021fd1e7a44aba3d372832c7aa1f6675178ac1d5e6cd48
7a80e490fa3c87dd1803a9e5e7c07cb5b306ad0cf8f7315ba5c1d0ece041fa06
7c45c8d7d2e9d3669de7a6c0fd986213fe7286afbf144c717cb0445faa515ae4
7ea0c1ebfb58d8eaffdbff26055fc64c4177a4a1f97dd6004ef7947bea239022
81069b8419f2bb6bd37ff87adb1b6048413b6af7c7cd4db5fbcac429d1da7147
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83c40ccb11a783f4dc1df01cb8227b7de89dd18763277a4607f378cbdb8141b8
85119760d1f8a95542f5707fd9bd9cc61163493a2c05a0a97ba8d90992f663b1
86f5532a457854b01c679d9381383dbee8a00b25174d46ab295f6c64f407177d
88bdba7f36eba9605d091d1e45a4b69ff69c1b7fbd19e59ce42855c237fcea5d
88d82bd41ab6773bfd2f4a32472a0b8a8b854ddb6367ba8a96cde336673baabe
8da91e2996489ec8881adad79a4752f6ed1e0dd7b5f3d4b92e4fd6f1f4622b49
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8dea0241508d4d6d02f462e78f3bd2691df01b0c83181ba1de16481ccadeeba0
8e4147148517b1b092a5bf8fb1fb4e78b568bdc40a127ec16732de62ddbb472a
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e7b8e684af6f31fee678372d462d19545650c6700e6f16876f2b606d45c0a13
8ee7830c5b6fcf588dd338e19cc0f305f8f2fd07d6189f09aa70748023d1ca08
90d463422e0471054884ff260806a04980a9bef2be414b0ecc3b0632e985fe8f
91d11e0157cbaeaa5fa9a12dc2bf19b1a979cf25200a72587c646787e9997c64
94256c5e6cae82ac1afd01e30f2c3efbf5732106d70fc6f59e5d8e607be4083e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde
9b09a554597f0aaaddcf6085a3c1038d4efe58178262797bba0ccf4f1cc73c69
9b2a59b11c090b44ea663de249fd50c1468be68260a23b65f8f8e337c0c13815
9b421b9b77fb6b30849932d7538f2f051debd7d5c8c36dd9521f8e65a32df895
9bb72a7f8ed597c1e20b7242370d747af17827b6ee092d4e8e478c8f7f32d204
9cc9ca8396a702a991a820c2b1afa7a8149468aff25984f5e6cdd066854be58e
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e4e5bc4fd94e7a563fb8e5e985e9d756db4fcd1dbd5ca50bc79b26daaf1a9fd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a6965a81caab08d9527ee2ec7eb81d60e709e308517f5873e2d30ed8b5fa1357
a71d8723f7a445651f4f6aabd2ad625535b0b419a9be09ab777f9957d86f0ad4
a735aaf3e44579c6bc8296bcfcd4ea07d8c90d1d6c470c6f402920581c518b0a
a867e9fbe001835aadb596a02d8f2e87ac56bf845856a012be22e86d1f511b5a
a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf
a91eb43e6064dc315c54f3219a0682534db0c8ec61d95eb4766e47940bac6a8e
a984459c9d158c78d042f7c9d63ee0b8dba30e713bf4826abc92e5c1032fb308
aa7c1276f417b6409b5a96ad98272c276421b816c86954a30511f6c4fd9c7156
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
aec0ce914b57456c5566dc76ae9378f0f27f4b65dbad438e32ec2b26775d0f31
b0ec22a65a7cd9b1000a3b65237394669b9af089c3e8b2b3c0f9250b037d5ef6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
b1edc627a8fa70c40e757823ca7305c37a02abefbac590bbcc343fd64ce0f6b4
b2253002327c27269ac628a7e5c0a660c7c9ec037c4efeaac4697d2408d9b3ac
b3132773c991b323a1a5dc491df586cefe6a8ef7021edbe2afc4c16303e0ad74
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
b89d1edf5ba44740b482bc38e87f09fee095492b84b2e090b6b9a241b64780e1
b8f631c12cc96a5f789385579237b16e70a27b6690f7c18acdd3198dec828591
bc64894efbd3ac1933c5b3d8b99f68e7bb2bca8dbcf74ad7c7e309fdc41a5c68
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e
c5bcea981f597929ce16f9c575b03c6ea0ec002ffd39c7dee4898c4d1c42e1a4
c6a2aa23f6603c40864471994c70ea3cd3ef19cbb5cae88b0279507b692e4989
ca20429ea15c6e2ddd64e6ca8d30ad91bfa8adc5904e80b812d08b6acc0a4336
cbdc55635532ef65c56705045464dcf11c2cc28d86b980baf77e1d5481628bf6
cd812cde3d6955684b4dc5132fbe09177716162f2f958b554a3c4ecac2c77676
ce1a179fbee6c392df0b03b01f246faee929c6e97787b186917e4fb0c602620f
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3854f9aef9bb56a35fc2862f04a164db1fd159f7c8187d9263018e204527408
d44e29a00235ccf2eb4a2a2d4ad81372c67949d848c8607dbf1405440411b2f0
d4ca51f5a3fc9a56f254dab3e04bc654f2ee8d27d44e68f018bdd39448991264
d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55
da522d11df985cb6337ae1daaf0b2faa3a42f331480b2317c81ecac7fc6bd190
dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6
dd65b61e02a09a9fa4ce5868092aa3057c1efea8e0cd2b8dd15b6620e2d6e39b
e0c6a562837328cd841d7cd3697b2d5b2262b4b2c10288732b4b6f1ea9758d9a
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1e2beb7236f0b3a60cf12a87daf466ddf2d9b6fe9e091aa6d801b09b2567e8a
e33999413d635cd73264a68baab5f91bf77d6bc81f36e3787f7ba69572e35d26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5597301ef30fe404e854d0d2ac0e56bf7f285402219e9a6425c9cff47a313c8
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b
e7e3fed4ae2d9434bd9cdae2cf3f0f7394995d0a9ca84e236986c0e770ac467c
e80da6d6b9bd1163e3e50cd87e3f06efa34e3c015c68f391aba7d671837a1c30
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133
ec245260727869feb65ca13feb5ff20adb523a30adee032bd1d601f7d47589ae
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f13cdbf91c29d4b2370068222179233633d7922313fbe315ff2ed2b0c1fc1e0e
f2172615981c43e01c798717d98555e63347212812d1f9ae3394e8b3dedbceb5
f2da8f3a69f111cf43dc0aa98f030f1c7dc9933ea736a88ca232fdf5d7333121
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f492e9d27d6de9211c255bb98e7a67e76bbce5556993058e81deb913e7517f4e
f5bb3a834e81198409e09d47991a1d4b1abcba10752347bc8d70a1f07ae00b24
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8038868c565e292ee335212394e5ebd72b46936eb995f73cad4d165228edce2
f859d204dbc258b8ca1d025a137b200cc214324b047c5e3caa2451211d016b2f
fa0af46a444925a72ec683af6696e118df01b05b4ea443f85db250ee87e89ab8
fd5b60ffc3ca0727647beaa306e807665623255c6aefc7ec3ce78bde5af14621