urlscan.io logo urlscan.io
SecurityTrails logo

www.betootaadvocate.com Open in urlscan Pro
172.67.21.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.betootaadvocate.com/
Effective URL: https://www.betootaadvocate.com/
Submission: On October 16 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 126 IPs in 12 countries across 136 domains to perform 568 HTTP transactions. The main IP is 172.67.21.25, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.betootaadvocate.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 2nd 2023. Valid for: a year.
This is the only time www.betootaadvocate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 74 172.67.21.25 13335 (CLOUDFLAR...)
12 13.224.181.60 16509 (AMAZON-02)
2 172.217.167.72 15169 (GOOGLE)
3 103.180.114.1 200325 (BUNNYCDN)
3 13.35.147.83 16509 (AMAZON-02)
1 104.18.41.104 13335 (CLOUDFLAR...)
19 104.20.106.62 13335 (CLOUDFLAR...)
1 185.146.173.20 13335 (CLOUDFLAR...)
2 34.120.57.242 396982 (GOOGLE-CL...)
2 172.217.24.42 15169 (GOOGLE)
3 54.187.119.242 16509 (AMAZON-02)
3 13.35.147.111 16509 (AMAZON-02)
2 13.224.181.51 16509 (AMAZON-02)
2 5 99.84.203.101 16509 (AMAZON-02)
4 142.250.67.14 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
6 142.251.221.74 15169 (GOOGLE)
1 52.204.242.176 14618 (AMAZON-AES)
2 4 103.229.10.171 16509 (AMAZON-02)
5 13.35.147.51 16509 (AMAZON-02)
6 172.67.25.151 13335 (CLOUDFLAR...)
15 36 172.217.24.34 15169 (GOOGLE)
1 44.240.147.169 16509 (AMAZON-02)
5 34.120.111.33 396982 (GOOGLE-CL...)
2 104.26.9.169 13335 (CLOUDFLAR...)
2 69.173.158.65 26667 (RUBICONPR...)
1 23.219.61.36 16625 (AKAMAI-AS)
1 13.251.207.23 16509 (AMAZON-02)
2 4 35.227.252.103 15169 (GOOGLE)
17 21 103.43.90.53 29990 (ASN-APPNEX)
13 131.153.206.103 59210 (PHOENIXNA...)
3 4 104.18.27.193 13335 (CLOUDFLAR...)
1 4 54.178.112.79 16509 (AMAZON-02)
3 13.113.16.177 16509 (AMAZON-02)
21 34.149.50.64 396982 (GOOGLE-CL...)
10 172.217.24.35 15169 (GOOGLE)
1 142.251.175.155 15169 (GOOGLE)
1 104.18.23.145 13335 (CLOUDFLAR...)
1 13.33.92.130 16509 (AMAZON-02)
1 151.101.65.229 54113 (FASTLY)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 182.161.73.129 55569 (CRITEO-AS...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 4 18.139.186.142 16509 (AMAZON-02)
1 13.224.181.82 16509 (AMAZON-02)
4 23.227.38.74 13335 (CLOUDFLAR...)
3 16 35.244.159.8 15169 (GOOGLE)
13 13 52.223.40.198 16509 (AMAZON-02)
2 2 211.120.53.206 4694 (IDCF IDC ...)
2 2 13.224.181.56 16509 (AMAZON-02)
8 23.227.60.200 13335 (CLOUDFLAR...)
2 3.220.57.224 14618 (AMAZON-AES)
1 54.144.115.246 14618 (AMAZON-AES)
1 142.250.66.161 15169 (GOOGLE)
10 172.217.24.33 15169 (GOOGLE)
9 142.250.66.193 15169 (GOOGLE)
1 4 142.250.71.68 15169 (GOOGLE)
4 182.161.73.136 55569 (CRITEO-AS...)
1 172.67.23.234 13335 (CLOUDFLAR...)
3 162.19.138.118 16276 (OVH)
1 104.74.52.98 16625 (AKAMAI-AS)
14 23.219.61.234 16625 (AKAMAI-AS)
3 10 52.223.2.229 16509 (AMAZON-02)
1 104.16.112.121 13335 (CLOUDFLAR...)
1 104.18.25.18 13335 (CLOUDFLAR...)
27 68 69.173.158.64 26667 (RUBICONPR...)
6 6 104.68.31.231 16625 (AKAMAI-AS)
3 23.32.5.111 20940 (AKAMAI-ASN1)
4 104.74.54.193 16625 (AKAMAI-AS)
3 8 162.55.233.28 24940 (HETZNER-AS)
8 8 67.202.105.21 32748 (STEADFAST)
1 2 67.202.105.31 32748 (STEADFAST)
21 52.25.216.204 16509 (AMAZON-02)
5 21 51.79.152.76 16276 (OVH)
1 2 52.76.54.83 16509 (AMAZON-02)
2 2 74.214.196.131 19189 (PULSEPOINT)
3 3 23.106.127.53 59253 (LEASEWEB-...)
7 8 64.202.112.255 22075 (AS-OUTBRAIN)
10 19 35.213.12.39 15169 (GOOGLE)
2 2 18.142.217.112 16509 (AMAZON-02)
7 9 13.228.126.19 16509 (AMAZON-02)
3 37.157.3.26 198622 (ADFORM)
3 5 209.191.163.152 32475 (SINGLEHOP...)
1 1 47.252.78.131 45102 (ALIBABA-C...)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
2 2 82.145.213.8 39832 (NO-OPERA)
2 43.206.55.56 16509 (AMAZON-02)
4 6 54.179.129.164 16509 (AMAZON-02)
1 220.150.223.50 4686 (BEKKOAME ...)
3 3 50.116.239.135 ()
1 207.65.33.83 62713 (AS-PUBMATIC)
2 104.19.158.19 13335 (CLOUDFLAR...)
7 52.38.203.118 16509 (AMAZON-02)
6 6 185.84.60.20 198622 (ADFORM)
4 4 54.204.93.234 14618 (AMAZON-AES)
2 2 54.157.228.38 14618 (AMAZON-AES)
4 5 151.101.130.49 54113 (FASTLY)
2 13.107.42.14 8068 (MICROSOFT...)
1 13.107.21.200 8068 (MICROSOFT...)
3 3 182.161.73.146 55569 (CRITEO-AS...)
1 23.48.97.24 20940 (AKAMAI-ASN1)
1 13.35.147.22 16509 (AMAZON-02)
1 1 104.22.69.131 13335 (CLOUDFLAR...)
3 5 52.195.78.103 16509 (AMAZON-02)
2 3 35.214.206.1 15169 (GOOGLE)
8 9 207.65.33.79 62713 (AS-PUBMATIC)
1 1 45.137.176.88 60350 (VP)
1 1 52.39.217.56 16509 (AMAZON-02)
2 2 203.195.121.142 7979 (SERVERS-COM)
1 1 23.108.103.8 59253 (LEASEWEB-...)
2 2 64.38.119.44 18568 (BIDTELLECT)
1 2 35.190.60.146 15169 (GOOGLE)
1 2 23.106.127.164 59253 (LEASEWEB-...)
1 1 131.153.159.157 59210 (PHOENIXNA...)
2 3 23.106.127.52 59253 (LEASEWEB-...)
1 3 67.199.150.85 3257 (GTT-BACKB...)
1 67.199.150.77 62713 (AS-PUBMATIC)
1 69.173.158.92 26667 (RUBICONPR...)
1 162.19.138.82 16276 (OVH)
3 4 69.173.144.165 ()
2 5 23.106.127.39 59253 (LEASEWEB-...)
1 2 52.95.126.138 ()
2 2 85.114.159.93 ()
2 2 103.229.206.240 ()
2 2 104.99.59.16 20940 (AKAMAI-ASN1)
1 5 209.54.182.161 ()
3 5 34.111.113.62 396982 (GOOGLE-CL...)
1 23.206.242.194 ()
1 13.227.254.114 ()
2 12 67.199.150.86 62713 (AS-PUBMATIC)
3 3 35.75.124.203 ()
5 207.65.33.82 ()
1 1 18.138.18.111 16509 (AMAZON-02)
2 2 139.162.23.100 63949 (AKAMAI-LI...)
1 2 35.186.193.173 15169 (GOOGLE)
1 3 104.18.25.173 13335 (CLOUDFLAR...)
4 4 13.250.207.233 ()
1 195.5.165.20 ()
3 169.197.150.8 398989 (DEEPINTENT)
2 4 119.9.108.211 ()
2 3 34.142.175.23 396982 (GOOGLE-CL...)
4 4 89.207.22.73 ()
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 38.133.127.159 ()
5 34.117.239.71 396982 (GOOGLE-CL...)
1 34.107.140.113 ()
2 4 34.96.105.8 396982 (GOOGLE-CL...)
1 18.143.217.97 ()
1 13.35.147.97 ()
2 2 98.98.134.243 ()
1 1 38.99.107.14 ()
1 1 134.122.57.34 ()
1 1 34.160.19.107 396982 (GOOGLE-CL...)
1 1 198.8.71.131 ()
2 2 18.136.50.83 16509 (AMAZON-02)
4 5 18.136.94.236 ()
1 2 13.35.147.78 ()
1 52.207.39.196 ()
2 13.35.147.89 16509 (AMAZON-02)
1 1 23.204.64.209 16625 (AKAMAI-AS)
2 184.24.254.89 ()
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 2 3.104.241.36 ()
1 1 69.173.151.100 ()
1 1 18.177.11.95 ()
1 13.228.194.70 ()
568 126
74    172.67.21.25 (United States)

ASN13335 (CLOUDFLARENET, US)
www.betootaadvocate.com
betootaadvocate.com
12    13.224.181.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-60.syd1.r.cloudfront.net
a.mailmunch.co
2    172.217.167.72 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f8.1e100.net
www.googletagmanager.com
3    103.180.114.1 (Australia)

ASN200325 (BUNNYCDN, SI)
widgets.snack-projects.co.uk
cdn-header-bidding.snack-media.com
3    13.35.147.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-83.syd1.r.cloudfront.net
js.stripe.com
1    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
cd.connatix.com
19    104.20.106.62 (None, )

ASN13335 (CLOUDFLARENET, US)
omny.fm
1    185.146.173.20 (Sweden)

ASN13335 (CLOUDFLARENET, US)
sdks.shopifycdn.com
2    34.120.57.242 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.57.120.34.bc.googleusercontent.com
monorail-edge.shopifysvc.com
2    172.217.24.42 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f42.1e100.net
ajax.googleapis.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
3    13.35.147.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-111.syd1.r.cloudfront.net
m.stripe.network
tags.crwdcntrl.net
2    13.224.181.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-51.syd1.r.cloudfront.net
cmp.quantcast.com
5    99.84.203.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-203-101.lax3.r.cloudfront.net
www.omnycontent.com
4    142.250.67.14 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f14.1e100.net
www.google-analytics.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o479328.ingest.sentry.io
6    142.251.221.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f10.1e100.net
fonts.googleapis.com
1    52.204.242.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-242-176.compute-1.amazonaws.com
forms.mailmunch.co
4    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
5    13.35.147.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-51.syd1.r.cloudfront.net
tagan.adlightning.com
6    172.67.25.151 (United States)

ASN13335 (CLOUDFLARENET, US)
boot.pbstck.com
cdn.pbstck.com
refresh.pbstck.com
intake.pbstck.com
36    172.217.24.34 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
cm.g.doubleclick.net
googleads.g.doubleclick.net
1    44.240.147.169 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-147-169.us-west-2.compute.amazonaws.com
m.stripe.com
5    34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com
cdn.edkt.io
api.edkt.io
2    104.26.9.169 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    23.219.61.36 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-61-36.deploy.static.akamaitechnologies.com
a.teads.tv
1    13.251.207.23 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-207-23.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
4    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
21    103.43.90.53 (Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
13    131.153.206.103 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
4    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
4    54.178.112.79 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-112-79.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
3    13.113.16.177 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-16-177.ap-northeast-1.compute.amazonaws.com
pre.ads.justpremium.com
match.justpremium.com
21    34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
10    172.217.24.35 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f3.1e100.net
fonts.gstatic.com
1    142.251.175.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f155.1e100.net
stats.g.doubleclick.net
1    104.18.23.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
1    13.33.92.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-92-130.sin2.r.cloudfront.net
cdn.prod.uidapi.com
1    151.101.65.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
4    18.139.186.142 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-186-142.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
1    13.224.181.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-82.syd1.r.cloudfront.net
rules.quantcount.com
4    23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com
betoota-advocate-shed.myshopify.com
16    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
snackmedia-d.openx.net
u.openx.net
eu-u.openx.net
13    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    211.120.53.206 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    13.224.181.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-56.syd1.r.cloudfront.net
cr-p3.ladsp.com
8    23.227.60.200 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com
cdn.shopify.com
2    3.220.57.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-57-224.compute-1.amazonaws.com
analytics.mailmunch.co
1    54.144.115.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-115-246.compute-1.amazonaws.com
1x1.a-mo.net
1    142.250.66.161 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s22-in-f1.1e100.net
67483b11274e051c765a5367327c0ac5.safeframe.googlesyndication.com
10    172.217.24.33 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f33.1e100.net
cdn.ampproject.org
9    142.250.66.193 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f1.1e100.net
tpc.googlesyndication.com
4    142.250.71.68 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f4.1e100.net
www.google.com
4    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
3    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    104.74.52.98 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-52-98.deploy.static.akamaitechnologies.com
acdn.adnxs.com
14    23.219.61.234 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-61-234.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
10    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    104.16.112.121 (None, )

ASN13335 (CLOUDFLARENET, US)
cs.seedtag.com
1    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
68    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
6    104.68.31.231 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-31-231.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
3    23.32.5.111 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-5-111.deploy.static.akamaitechnologies.com
csync.smartadserver.com
4    104.74.54.193 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-54-193.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    162.55.233.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.233.55.162.clients.your-server.de
sync.richaudience.com
8    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
21    52.25.216.204 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-216-204.us-west-2.compute.amazonaws.com
visitor.omnitagjs.com
visitor-us-west-2.omnitagjs.com
21    51.79.152.76 (Singapore)

ASN16276 (OVH, FR)
PTR: ip76.ip-51-79-152.net
onetag-sys.com
2    52.76.54.83 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-54-83.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
2    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    23.106.127.53 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
sync.smartadserver.com
8    64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
19    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    18.142.217.112 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-217-112.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
9    13.228.126.19 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
5    209.191.163.152 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
ce.lijit.com
1    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    43.206.55.56 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-206-55-56.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
6    54.179.129.164 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-129-164.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
3    50.116.239.135 (None, )

ASN- ()
ad.turn.com
1    207.65.33.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    104.19.158.19 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
7    52.38.203.118 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-203-118.us-west-2.compute.amazonaws.com
usersync.gumgum.com
6    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    54.204.93.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-93-234.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    54.157.228.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-228-38.compute-1.amazonaws.com
sync.ipredictive.com
5    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    23.48.97.24 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-97-24.deploy.static.akamaitechnologies.com
ced-ns.sascdn.com
1    13.35.147.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-22.syd1.r.cloudfront.net
api-2-0.spot.im
1    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
5    52.195.78.103 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-195-78-103.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
3    35.214.206.1 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 1.206.214.35.bc.googleusercontent.com
csync.loopme.me
9    207.65.33.79 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    52.39.217.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-217-56.us-west-2.compute.amazonaws.com
jadserve.postrelease.com
2    203.195.121.142 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    23.108.103.8 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
2    64.38.119.44 (United States)

ASN18568 (BIDTELLECT, US)
bttrack.com
2    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
2    23.106.127.164 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
1    131.153.159.157 (Singapore)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
id.a-mx.net
3    23.106.127.52 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
3    67.199.150.85 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
1    67.199.150.77 (Singapore)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
1    69.173.158.92 (Singapore)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    69.173.144.165 (None, )

ASN- ()
pixel-eu.rubiconproject.com
5    23.106.127.39 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
2    52.95.126.138 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
2    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
2    103.229.206.240 (None, )

ASN- ()
sync.mathtag.com
2    104.99.59.16 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-99-59-16.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
5    209.54.182.161 (None, )

ASN- ()
s.amazon-adsystem.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    23.206.242.194 (None, )

ASN- ()
hb.yahoo.net
1    13.227.254.114 (None, )

ASN- ()
live.primis.tech
12    67.199.150.86 (Singapore)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    35.75.124.203 (None, )

ASN- ()
pool.admedo.com
5    207.65.33.82 (None, )

ASN- ()
image2.pubmatic.com
1    18.138.18.111 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
2    139.162.23.100 (Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li865-100.members.linode.com
gocm.c.appier.net
rcp.c.appier.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
3    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    13.250.207.233 (None, )

ASN- ()
cm.adgrx.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
3    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
apsoutheast-match.deepintent.com
4    119.9.108.211 (None, )

ASN- ()
uipglob.semasio.net
3    34.142.175.23 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.175.142.34.bc.googleusercontent.com
um.simpli.fi
4    89.207.22.73 (None, )

ASN- ()
pubmatic-match.dotomi.com
openx2-match.dotomi.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    38.133.127.159 (None, )

ASN- ()
sync.outbrain.com
5    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
1    34.107.140.113 (None, )

ASN- ()
s2s.t13.io
4    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    18.143.217.97 (None, )

ASN- ()
ads.yieldmo.com
1    13.35.147.97 (None, )

ASN- ()
usr.undertone.com
2    98.98.134.243 (None, )

ASN- ()
pixel-sync.sitescout.com
1    38.99.107.14 (None, )

ASN- ()
rbp.mxptint.net
1    134.122.57.34 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    198.8.71.131 (None, )

ASN- ()
p.rfihub.com
2    18.136.50.83 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-50-83.ap-southeast-1.compute.amazonaws.com
i.w55c.net
5    18.136.94.236 (None, )

ASN- ()
pm.w55c.net
2    13.35.147.78 (None, )

ASN- ()
sync.intentiq.com
sync1.intentiq.com
1    52.207.39.196 (None, )

ASN- ()
rtb.adentifi.com
2    13.35.147.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-89.syd1.r.cloudfront.net
cti.w55c.net
1    23.204.64.209 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-64-209.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    184.24.254.89 (None, )

ASN- ()
stags.bluekai.com
tags.bluekai.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
rubiconcm.digitaleast.mobi
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    3.104.241.36 (None, )

ASN- ()
dpm.demdex.net
1    69.173.151.100 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
1    18.177.11.95 (None, )

ASN- ()
bk.r-ad.ne.jp
1    13.228.194.70 (None, )

ASN- ()
tags.w55c.net
Apex Domain
Subdomains		 Transfer
96 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1191
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 984
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
133 KB
74 betootaadvocate.com
www.betootaadvocate.com
betootaadvocate.com
2 MB
35 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 588
image6.pubmatic.com — Cisco Umbrella Rank: 967
image8.pubmatic.com — Cisco Umbrella Rank: 748
image4.pubmatic.com — Cisco Umbrella Rank: 1249
ow.pubmatic.com — Cisco Umbrella Rank: 2104
simage2.pubmatic.com — Cisco Umbrella Rank: 959
image2.pubmatic.com
simage4.pubmatic.com
47 KB
30 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
193 KB
22 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 4707
cs.seedtag.com — Cisco Umbrella Rank: 11669
17 KB
22 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
acdn.adnxs.com — Cisco Umbrella Rank: 663
secure.adnxs.com — Cisco Umbrella Rank: 542
33 KB
22 openx.net
rtb.openx.net — Cisco Umbrella Rank: 912
oajs.openx.net — Cisco Umbrella Rank: 1906
google-bidout-d.openx.net — Cisco Umbrella Rank: 1919
us-u.openx.net — Cisco Umbrella Rank: 547
jp-u.openx.net — Cisco Umbrella Rank: 12438
snackmedia-d.openx.net — Cisco Umbrella Rank: 100624
u.openx.net — Cisco Umbrella Rank: 739
eu-u.openx.net
4 KB
21 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
9 KB
21 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 773
visitor-us-west-2.omnitagjs.com — Cisco Umbrella Rank: 5290
9 KB
19 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
7 KB
19 omny.fm
omny.fm — Cisco Umbrella Rank: 18702
422 KB
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
67483b11274e051c765a5367327c0ac5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
79 KB
16 smartadserver.com
csync.smartadserver.com — Cisco Umbrella Rank: 3632
sync.smartadserver.com — Cisco Umbrella Rank: 1400
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1818
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898
27 KB
16 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
1x1.a-mo.net — Cisco Umbrella Rank: 3213
assets.a-mo.net — Cisco Umbrella Rank: 2099
c3.a-mo.net Failed
14 KB
15 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
6 KB
15 mailmunch.co
a.mailmunch.co — Cisco Umbrella Rank: 22139
forms.mailmunch.co — Cisco Umbrella Rank: 22974
analytics.mailmunch.co — Cisco Umbrella Rank: 48222
356 KB
14 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1319
ssc-cms.33across.com — Cisco Umbrella Rank: 1180
events-ssc.33across.com — Cisco Umbrella Rank: 2272
10 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
5 KB
11 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1583
rtb.gumgum.com — Cisco Umbrella Rank: 1656
usersync.gumgum.com — Cisco Umbrella Rank: 2253
4 KB
11 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 659
eb2.3lift.com — Cisco Umbrella Rank: 434
5 KB
10 w55c.net
i.w55c.net — Cisco Umbrella Rank: 2341
pm.w55c.net
cti.w55c.net — Cisco Umbrella Rank: 3403
tags.w55c.net
21 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 379
207 KB
10 gstatic.com
fonts.gstatic.com
352 KB
9 adform.net
cm.adform.net — Cisco Umbrella Rank: 1279
c1.adform.net — Cisco Umbrella Rank: 643
track.adform.net — Cisco Umbrella Rank: 4131
4 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 637
4 KB
8 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2114
3 KB
8 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2460
274 KB
8 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 405
fonts.googleapis.com — Cisco Umbrella Rank: 49
45 KB
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
4 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
dis.criteo.com — Cisco Umbrella Rank: 648
8 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1487
q.stripe.com — Cisco Umbrella Rank: 8805
m.stripe.com — Cisco Umbrella Rank: 1382
139 KB
6 pbstck.com
boot.pbstck.com — Cisco Umbrella Rank: 8069
cdn.pbstck.com — Cisco Umbrella Rank: 8976
refresh.pbstck.com — Cisco Umbrella Rank: 32859
intake.pbstck.com — Cisco Umbrella Rank: 8654
113 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 521
1 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
1 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
1 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
ce.lijit.com
3 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
id.crwdcntrl.net — Cisco Umbrella Rank: 2704
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
14 KB
5 edkt.io
cdn.edkt.io — Cisco Umbrella Rank: 23348
api.edkt.io — Cisco Umbrella Rank: 22274
9 KB
5 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2410
113 KB
5 omnycontent.com
www.omnycontent.com — Cisco Umbrella Rank: 29029
36 KB
4 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2268
526 B
4 dotomi.com
pubmatic-match.dotomi.com
match.sync.ad.cpe.dotomi.com Failed
openx2-match.dotomi.com
1 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 adgrx.com
cm.adgrx.com
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
3 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 646
1 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
4 myshopify.com
betoota-advocate-shed.myshopify.com
7 KB
4 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
ssum.casalemedia.com — Cisco Umbrella Rank: 1490
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1348
pixel.quantserve.com — Cisco Umbrella Rank: 1147
cms.quantserve.com — Cisco Umbrella Rank: 929
10 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
2 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1171
apsoutheast-match.deepintent.com
76 B
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com
1 KB
3 admedo.com
pool.admedo.com
1 KB
3 mathtag.com
sync.mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 2109
2 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
635 B
3 turn.com
ad.turn.com
1 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 470
3 KB
3 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 8226
match.justpremium.com — Cisco Umbrella Rank: 4573
6 KB
2 demdex.net
dpm.demdex.net
2 KB
2 bluekai.com
stags.bluekai.com
tags.bluekai.com
869 B
2 intentiq.com
sync.intentiq.com
sync1.intentiq.com
2 KB
2 sitescout.com
pixel-sync.sitescout.com
1 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6415
673 B
2 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2653
rcp.c.appier.net — Cisco Umbrella Rank: 3560
845 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
1 KB
2 adition.com
dsp.adfarm1.adition.com
965 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1013
671 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1822
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 416
990 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1089
965 B
2 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 17112
75 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2092
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 761
671 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 602
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621
525 B
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1788
hde.tynt.com — Cisco Umbrella Rank: 4359
4 KB
2 rlcdn.com
api.rlcdn.com Failed
id.rlcdn.com — Cisco Umbrella Rank: 914
753 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 21057
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1247
2 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1696
26 KB
2 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3294
47 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1603
16 KB
2 shopifysvc.com
monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 3361
537 B
2 snack-media.com
cdn-header-bidding.snack-media.com — Cisco Umbrella Rank: 63445
171 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
146 KB
1 r-ad.ne.jp
bk.r-ad.ne.jp
549 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1703
409 B
1 digitaleast.mobi
rubiconcm.digitaleast.mobi — Cisco Umbrella Rank: 3628
241 B
1 adentifi.com
rtb.adentifi.com
35 B
1 rfihub.com
p.rfihub.com
762 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1907
350 B
1 bidtheatre.com
match.adsby.bidtheatre.com
516 B
1 mxptint.net
rbp.mxptint.net
694 B
1 undertone.com
usr.undertone.com
295 B
1 yieldmo.com
ads.yieldmo.com
600 B
1 t13.io
s2s.t13.io
459 B
1 outbrain.com
sync.outbrain.com
287 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4613
467 B
1 iprom.net
core.iprom.net
276 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 22275
652 B
1 primis.tech
live.primis.tech
284 B
1 yahoo.net
hb.yahoo.net
647 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
283 B
1 a-mx.net
id.a-mx.net
539 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2870
581 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1252
595 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1709
774 B
1 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2991
667 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 2824
457 B
1 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 3299
3 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 257
689 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 11392
243 B
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 4861
285 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
2 KB
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2033
306 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1263
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2118
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
901 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931
3 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2049
437 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1558
386 B
1 sentry.io
o479328.ingest.sentry.io — Cisco Umbrella Rank: 34473
333 B
1 shopifycdn.com
sdks.shopifycdn.com — Cisco Umbrella Rank: 40810
60 KB
1 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3637
3 KB
1 snack-projects.co.uk
widgets.snack-projects.co.uk — Cisco Umbrella Rank: 98170
2 KB
0 rundsp.com Failed
match.rundsp.com Failed
0 cognitivlabs.com Failed
beacon.lynx.cognitivlabs.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 liadm.com Failed
i.liadm.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 nex8.net Failed
cs.nex8.net Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
568 136
Domain Requested by
73 www.betootaadvocate.com 1 redirects www.betootaadvocate.com
51 pixel.rubiconproject.com 19 redirects onetag-sys.com
cs.seedtag.com
visitor.omnitagjs.com
eus.rubiconproject.com
22 cm.g.doubleclick.net 15 redirects google-bidout-d.openx.net
rtb.gumgum.com
eb2.3lift.com
onetag-sys.com
21 onetag-sys.com 5 redirects cs.seedtag.com
visitor.omnitagjs.com
onetag-sys.com
21 s.seedtag.com cdn-header-bidding.snack-media.com
cs.seedtag.com
onetag-sys.com
ads.pubmatic.com
hde.tynt.com
19 x.bidswitch.net 10 redirects cs.seedtag.com
rtb.gumgum.com
eb2.3lift.com
visitor.omnitagjs.com
onetag-sys.com
ads.pubmatic.com
hde.tynt.com
eus.rubiconproject.com
19 omny.fm www.betootaadvocate.com
omny.fm
17 token.rubiconproject.com 8 redirects eus.rubiconproject.com
cs.seedtag.com
14 eus.rubiconproject.com cdn-header-bidding.snack-media.com
eus.rubiconproject.com
cs.seedtag.com
visitor.omnitagjs.com
hde.tynt.com
sync.richaudience.com
13 match.adsrvr.org 13 redirects
13 prebid.a-mo.net cdn-header-bidding.snack-media.com
13 ib.adnxs.com 9 redirects cdn-header-bidding.snack-media.com
12 simage2.pubmatic.com 2 redirects ads.pubmatic.com
cs.seedtag.com
12 a.mailmunch.co www.betootaadvocate.com
a.mailmunch.co
ajax.googleapis.com
11 visitor.omnitagjs.com cs.seedtag.com
visitor.omnitagjs.com
ssbsync.smartadserver.com
onetag-sys.com
10 visitor-us-west-2.omnitagjs.com visitor.omnitagjs.com
ads.pubmatic.com
cs.seedtag.com
10 eb2.3lift.com 3 redirects cdn-header-bidding.snack-media.com
eb2.3lift.com
10 cdn.ampproject.org www.betootaadvocate.com
10 fonts.gstatic.com fonts.googleapis.com
9 image8.pubmatic.com 8 redirects onetag-sys.com
9 ups.analytics.yahoo.com 7 redirects onetag-sys.com
us-u.openx.net
9 tpc.googlesyndication.com www.betootaadvocate.com
tagan.adlightning.com
9 us-u.openx.net 1 redirects google-bidout-d.openx.net
snackmedia-d.openx.net
hde.tynt.com
us-u.openx.net
8 b1sync.zemanta.com 7 redirects ads.pubmatic.com
8 secure.adnxs.com 8 redirects
8 ssc-cms.33across.com 8 redirects
8 sync.richaudience.com 3 redirects cs.seedtag.com
sync.richaudience.com
8 cdn.shopify.com www.betootaadvocate.com
sdks.shopifycdn.com
7 usersync.gumgum.com rtb.gumgum.com
7 pagead2.googlesyndication.com cdn.edkt.io
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 c1.adform.net 6 redirects
6 pr-bh.ybp.yahoo.com 4 redirects snackmedia-d.openx.net
cs.seedtag.com
6 secure-assets.rubiconproject.com 6 redirects
6 securepubads.g.doubleclick.net cdn-header-bidding.snack-media.com
tagan.adlightning.com
securepubads.g.doubleclick.net
www.betootaadvocate.com
6 fonts.googleapis.com ajax.googleapis.com
a.mailmunch.co
www.betootaadvocate.com
5 pm.w55c.net 4 redirects cti.w55c.net
5 events-ssc.33across.com visitor.omnitagjs.com
hde.tynt.com
us-u.openx.net
5 image2.pubmatic.com ads.pubmatic.com
cs.seedtag.com
5 pixel.tapad.com 3 redirects cs.seedtag.com
5 s.amazon-adsystem.com 1 redirects onetag-sys.com
visitor.omnitagjs.com
us-u.openx.net
5 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
5 match.prod.bidr.io 3 redirects visitor.omnitagjs.com
sync.richaudience.com
5 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
5 tagan.adlightning.com cdn-header-bidding.snack-media.com
tagan.adlightning.com
5 www.omnycontent.com 2 redirects omny.fm
4 tr.blismedia.com 2 redirects visitor.omnitagjs.com
us-u.openx.net
4 uipglob.semasio.net 2 redirects cs.seedtag.com
visitor.omnitagjs.com
4 cm.adgrx.com 4 redirects
4 pixel-eu.rubiconproject.com 3 redirects onetag-sys.com
4 sync.srv.stackadapt.com 4 redirects
4 creativecdn.com 4 redirects
4 ap.lijit.com 3 redirects visitor.omnitagjs.com
4 ads.pubmatic.com cs.seedtag.com
rtb.gumgum.com
hde.tynt.com
4 gum.criteo.com tagan.adlightning.com
gum.criteo.com
cdn-header-bidding.snack-media.com
4 www.google.com 1 redirects www.betootaadvocate.com
tagan.adlightning.com
4 betoota-advocate-shed.myshopify.com sdks.shopifycdn.com
4 rtb.openx.net 2 redirects cdn-header-bidding.snack-media.com
snackmedia-d.openx.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 um.simpli.fi 2 redirects cs.seedtag.com
3 pool.admedo.com 3 redirects
3 ssbsync-global.smartadserver.com 2 redirects onetag-sys.com
3 csync.loopme.me 2 redirects visitor.omnitagjs.com
3 dis.criteo.com 3 redirects
3 rtb.gumgum.com 1 redirects pre.ads.justpremium.com
rtb.gumgum.com
3 ad.turn.com 3 redirects
3 sync.smartadserver.com 3 redirects
3 csync.smartadserver.com cs.seedtag.com
csync.smartadserver.com
3 id5-sync.com cdn-header-bidding.snack-media.com
eus.rubiconproject.com
3 jp-u.openx.net google-bidout-d.openx.net
us-u.openx.net
3 cdn.pbstck.com boot.pbstck.com
3 cdn.edkt.io cdn-header-bidding.snack-media.com
tagan.adlightning.com
cdn.edkt.io
3 q.stripe.com www.betootaadvocate.com
3 js.stripe.com www.betootaadvocate.com
js.stripe.com
2 openx2-match.dotomi.com 2 redirects
2 dpm.demdex.net 1 redirects eus.rubiconproject.com
2 cti.w55c.net eus.rubiconproject.com
cti.w55c.net
2 i.w55c.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 sync.crwdcntrl.net 1 redirects cs.seedtag.com
2 match.deepintent.com ads.pubmatic.com
visitor.omnitagjs.com
2 a.tribalfusion.com 1 redirects visitor.omnitagjs.com
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 cms.quantserve.com 2 redirects
2 ads.stickyadstv.com 2 redirects
2 sync.mathtag.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ssbsync.smartadserver.com
2 image4.pubmatic.com 1 redirects cs.seedtag.com
2 ssbsync.smartadserver.com 1 redirects visitor.omnitagjs.com
2 id.rlcdn.com 1 redirects visitor.omnitagjs.com
2 bttrack.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 px.ads.linkedin.com eb2.3lift.com
2 sync.ipredictive.com 2 redirects
2 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
2 dps.jp.cinarra.com snackmedia-d.openx.net
ads.pubmatic.com
2 t.adx.opera.com 2 redirects
2 cm.adform.net cs.seedtag.com
2 ssum-sec.casalemedia.com 2 redirects
2 ad.360yield.com 2 redirects
2 bh.contextweb.com 2 redirects
2 match.sharethrough.com 1 redirects
2 api.edkt.io cdn.edkt.io
2 analytics.mailmunch.co www.betootaadvocate.com
2 cr-p3.ladsp.com 2 redirects
2 tg.socdm.com 2 redirects
2 oajs.openx.net 1 redirects www.betootaadvocate.com
2 pre.ads.justpremium.com cdn-header-bidding.snack-media.com
2 fastlane.rubiconproject.com cdn-header-bidding.snack-media.com
2 script.4dex.io cdn-header-bidding.snack-media.com
script.4dex.io
2 cmp.quantcast.com widgets.snack-projects.co.uk
cmp.quantcast.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 ajax.googleapis.com sdks.shopifycdn.com
a.mailmunch.co
2 monorail-edge.shopifysvc.com sdks.shopifycdn.com
2 cdn-header-bidding.snack-media.com www.betootaadvocate.com
cdn-header-bidding.snack-media.com
2 www.googletagmanager.com www.betootaadvocate.com
www.googletagmanager.com
1 simage4.pubmatic.com ads.pubmatic.com
1 tags.bluekai.com cti.w55c.net
1 tags.w55c.net cti.w55c.net
1 bk.r-ad.ne.jp 1 redirects
1 eu-u.openx.net 1 redirects
1 apsoutheast-match.deepintent.com us-u.openx.net
1 pixel-us-east.rubiconproject.com 1 redirects
1 rcp.c.appier.net 1 redirects
1 s.company-target.com 1 redirects
1 rubiconcm.digitaleast.mobi 1 redirects
1 stags.bluekai.com eus.rubiconproject.com
1 pixel.mathtag.com 1 redirects
1 track.adform.net sync.richaudience.com
1 rtb.adentifi.com visitor.omnitagjs.com
1 sync1.intentiq.com visitor.omnitagjs.com
1 sync.intentiq.com 1 redirects
1 p.rfihub.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 rbp.mxptint.net 1 redirects
1 usr.undertone.com visitor.omnitagjs.com
1 ads.yieldmo.com visitor.omnitagjs.com
1 s2s.t13.io visitor.omnitagjs.com
1 sync.outbrain.com cs.seedtag.com
1 ce.lijit.com cs.seedtag.com
1 ads.playground.xyz 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 cm.ambientdsp.com 1 redirects
1 live.primis.tech
1 hb.yahoo.net
1 lb.eu-1-id5-sync.com cdn-header-bidding.snack-media.com
1 prebid-server.rubiconproject.com
1 ow.pubmatic.com
1 ssum.casalemedia.com 1 redirects
1 id.a-mx.net 1 redirects
1 inv-nets.admixer.net 1 redirects
1 jadserve.postrelease.com 1 redirects
1 sync.adotmob.com 1 redirects
1 csync.smilewanted.com 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 ced-ns.sascdn.com csync.smartadserver.com
1 c.bing.com eb2.3lift.com
1 match.justpremium.com pre.ads.justpremium.com
1 image6.pubmatic.com ads.pubmatic.com
1 sync-dsp.ad-m.asia snackmedia-d.openx.net
ads.pubmatic.com
1 event.clientgear.com 1 redirects
1 u.openx.net 1 redirects
1 hde.tynt.com cs.seedtag.com
1 de.tynt.com 1 redirects
1 js-sec.indexww.com cdn-header-bidding.snack-media.com
1 cs.seedtag.com cdn-header-bidding.snack-media.com
1 snackmedia-d.openx.net cdn-header-bidding.snack-media.com
1 acdn.adnxs.com cdn-header-bidding.snack-media.com
1 id.crwdcntrl.net cdn-header-bidding.snack-media.com
1 id.hadron.ad.gt cdn-header-bidding.snack-media.com
1 googleads.g.doubleclick.net www.betootaadvocate.com
1 intake.pbstck.com www.betootaadvocate.com
1 67483b11274e051c765a5367327c0ac5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 1x1.a-mo.net www.betootaadvocate.com
1 google-bidout-d.openx.net tagan.adlightning.com
1 pixel.quantserve.com www.betootaadvocate.com
1 refresh.pbstck.com www.betootaadvocate.com
1 rules.quantcount.com secure.quantserve.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn-ima.33across.com tagan.adlightning.com
1 static.criteo.net tagan.adlightning.com
1 oa.openxcdn.net tagan.adlightning.com
1 cdn.jsdelivr.net tagan.adlightning.com
1 cdn.prod.uidapi.com tagan.adlightning.com
1 tags.crwdcntrl.net tagan.adlightning.com
1 cadmus.script.ac tagan.adlightning.com
1 stats.g.doubleclick.net www.google-analytics.com
1 g2.gumgum.com cdn-header-bidding.snack-media.com
1 htlb.casalemedia.com cdn-header-bidding.snack-media.com
1 tlx.3lift.com cdn-header-bidding.snack-media.com
1 a.teads.tv cdn-header-bidding.snack-media.com
1 m.stripe.com m.stripe.network
1 boot.pbstck.com cdn-header-bidding.snack-media.com
1 secure.quantserve.com cmp.quantcast.com
1 forms.mailmunch.co a.mailmunch.co
1 o479328.ingest.sentry.io omny.fm
1 sdks.shopifycdn.com www.betootaadvocate.com
1 cd.connatix.com www.betootaadvocate.com
1 betootaadvocate.com www.betootaadvocate.com
1 widgets.snack-projects.co.uk www.betootaadvocate.com
0 match.rundsp.com Failed us-u.openx.net
0 beacon.lynx.cognitivlabs.com Failed eus.rubiconproject.com
0 match.sync.ad.cpe.dotomi.com Failed visitor.omnitagjs.com
0 sync.1rx.io Failed cs.seedtag.com
0 i.liadm.com Failed cs.seedtag.com
0 sync.targeting.unrulymedia.com Failed cs.seedtag.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 c3.a-mo.net Failed
0 cs.nex8.net Failed snackmedia-d.openx.net
0 sync.search.spotxchange.com Failed cs.seedtag.com
0 api.rlcdn.com Failed cdn-header-bidding.snack-media.com
568 215
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.mailmunch.co
Amazon RSA 2048 M01		 2023-03-01 -
2024-01-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
widgets.snack-projects.co.uk
R3		 2023-09-07 -
2023-12-06		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-31 -
2023-11-30		 4 months crt.sh
connatix.com
GTS CA 1P5		 2023-09-05 -
2023-12-04		 3 months crt.sh
omny.fm
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh
sdks.shopifycdn.com
E1		 2023-10-03 -
2024-01-01		 3 months crt.sh
cdn-header-bidding.snack-media.com
R3		 2023-09-06 -
2023-12-05		 3 months crt.sh
monorail-edge-gateway-east.shopifycloud.com
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
cmp.quantcast.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-08-24		 a year crt.sh
omnycontent.com
Amazon RSA 2048 M02		 2023-03-03 -
2024-03-31		 a year crt.sh
forms.mailmunch.co
R3		 2023-09-15 -
2023-12-14		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
pbstck.com
Cloudflare Inc ECC CA-3		 2023-06-04 -
2024-06-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh
api.edkt.io
GTS CA 1D4		 2023-09-27 -
2023-12-26		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.a-mo.net
R3		 2023-09-25 -
2023-12-24		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
jp-ad-exch-prd-two-eks.prd.eks.jp.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-28		 a year crt.sh
tracking.justpremium.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-01-12		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
myshopify.com
Cloudflare Inc ECC CA-3		 2023-08-23 -
2024-08-21		 a year crt.sh
cdn.shopify.com
E1		 2023-09-10 -
2023-12-09		 3 months crt.sh
analytics.mailmunch.co
R3		 2023-09-16 -
2023-12-15		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-02 -
2024-08-04		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
*.omnitagjs.com
Amazon RSA 2048 M01		 2023-04-17 -
2024-05-16		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
sync-dsp.ad-m.asia
ZeroSSL RSA Domain Secure Site CA		 2023-09-07 -
2023-12-06		 3 months crt.sh
*.ad-server.k8s.or.ggops.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-16		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.w55c.net
Amazon RSA 2048 M02		 2023-05-29 -
2024-06-25		 a year crt.sh
match.prod.bidr.io
Amazon RSA 2048 M01		 2023-07-19 -
2024-08-15		 a year crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-08-28 -
2023-11-26		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh

This page contains 71 frames:

Primary Page: https://www.betootaadvocate.com/
Frame ID: D38645B8A04D4F13DB0CFC12979BC5B7
Requests: 164 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js?cid=a821a8e3-bc2e-4dbf-9d9a-469b20b5afbc
Frame ID: 197678F7209A7FBD737265FE9AE2F5B4
Requests: 1 HTTP requests in this frame

Frame: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Frame ID: D168BD9E61DBA08DE97A2B6A212F84A4
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 5B88D1BDD4D7F89D744EB5F4FF31B990
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: CB5689164DAEF3524931B0B7086A33F6
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Libre+Baskerville%7COpen+Sans%7COpen+Sans%7COpen+Sans%7COpen+Sans%7CLibre+Baskerville%7COpen+Sans%7COpen+Sans
Frame ID: 5FE2C66EE4267510D29C3A8621F1068E
Requests: 7 HTTP requests in this frame

Frame: https://cdn.edkt.io/check/prober.html
Frame ID: 4FCF22132B60153766A78E040EDF41C3
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A5B5C42314F69DEF22E149988178FD9F
Requests: 6 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/postman/embedded/index.css
Frame ID: E88A6002D08A5386272E009BC502B17C
Requests: 6 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/postman/sidebar/index.css
Frame ID: B78AD59071E0208C9102D5FD296C1DA3
Requests: 6 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/postman/popover/index.css
Frame ID: 0AB4B99859DE6308578F802E149F2D64
Requests: 7 HTTP requests in this frame

Frame: https://67483b11274e051c765a5367327c0ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 657D8BDCA63DF34DFCD4BF3682A8C285
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/valnet-snackmedia/b-ef0aa10-269dfc27.js
Frame ID: C25ED5BCF170B49E1699923F672AED76
Requests: 17 HTTP requests in this frame

Frame: https://tagan.adlightning.com/valnet-snackmedia/b-ef0aa10-269dfc27.js
Frame ID: 1BC7A6CF79C410EA1D3CBE04399410DA
Requests: 17 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.betootaadvocate.com&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 55E432C212D687AE7F6E08D9D6D51B63
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 20E3A4052E00E9611B9D63FF6470E873
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE82974AE390041777175C1CF102B44E
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D9D9EA8A9F4CC01DFBA51F9AD1C20DC9
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: E87F9418DD61382848A897F24D542C41
Requests: 19 HTTP requests in this frame

Frame: https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: AD68B3BA8CDE65E01A23AA68232C1708
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 36C2E5070F8A668A47F2B5EB980BBB96
Requests: 11 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Frame ID: 1B8FF0E31566CFA58F74689AB5DF5075
Requests: 19 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 68C4E8F24EEDE170BD96C91E2DD0F69E
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ai2fesp1697417828663
Frame ID: 3B21CB2CD4070AA7AB5FA31BF8FC7B48
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=_e%3DCs8BShd3d3cuYmV0b290YWFkdm9jYXRlLmNvbVILYWFzLTA3ZmFkNmRaCHBiYTEuMy4zahd3d3cuYmV0b290YWFkdm9jYXRlLmNvbfoBBTguNi4w6AIBiAPklLKpBqgDMeoDJDQ2YWM4MWM1LTBmYzgtNGIxMS1hNmRkLTIyMTMyNzJkNDgxZKoEA0RDSLIFA1VTRNIFCTEwNTE5OTU0NtgFAOAFAeoFB2Rlc2t0b3D6BQNzZ3CqBwN3ZWLKBxNiZXRvb3RhYWR2b2NhdGUuY29t
Frame ID: 5A8FB6B5F70A4BF0AEC9E9DEE8C56299
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Frame ID: ED7D412F4A808B52FA78447C22FCF6C9
Requests: 20 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Frame ID: 3F6FAD6762CA71ED994FB03115D6BF4D
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Frame ID: AD338185AD6B670586F326B538EF5994
Requests: 18 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1697417832589&pubconsent=&euconsent=&hasConsent=1&rd=1
Frame ID: 65B40EAEF31D288E72A2B57725FB3C66
Requests: 5 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Frame ID: 021B159D196900F92030D7EE1FF279A7
Requests: 5 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Frame ID: E2974D6C1106852ABA0D92B6ED74DB50
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75601b04186d260
Frame ID: 3EC6D9EAC411C75736A13FEF971DBEB9
Requests: 15 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=373ae8a6-baf2-488c-964f-e3b797688c13&gdpr=0
Frame ID: ED26B69CBC675D54B8D83C158A85C55A
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=7umE1zY5M5Mb&ev=1&us_privacy=&pid=562983
Frame ID: C687242B615054C1EA7BF255FD156AC4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Frame ID: 8DE5C6D615F729651813AA9F34BF1514
Requests: 7 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=6226166435111640801&gdpr=0&gdpr_consent=
Frame ID: D31B2AEB1E1EC8C3014B7D885EFA8B49
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZSyKaQAU38MioQBV&gdpr=0&gdpr_consent=&_test=ZSyKaQAU38MioQBV
Frame ID: CBE27AA977D07536FB6C2B8C7C0B46FE
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8xN2EwNjhiOS0yNTA2LTQ1MmUtODUyOC05MmMxMDMwNDE3ZTE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 6061AAE472D86EF1824E1B66C1262B78
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: E3630707783D3119896498A8868D4880
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=b8d71d56-3008-45a7-be15-ac3dbb11b4d9
Frame ID: 0A571A1E3ED5632BA93260B99E54EA30
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 56769DCE32FC2EE236882A29B591CE6E
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 114459AD39514BDF0AD3C51EBAA4D52E
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 2B01F3C0CA664E68988591ECA7F24701
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: 3BB15F3C7EB2E70E089928A606476E5A
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: D2A6824E5E26404A6E558EE862BBE8FC
Requests: 6 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5075661259466851363&gdpr=0&gdpr_consent=
Frame ID: 5AB61C76BDCE26A6AE1919865A8DA5FD
Requests: 1 HTTP requests in this frame

Frame: https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Frame ID: 8AF8449CC66BC33B3FE14F21076B5941
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=44790866-dd20-4469-8d09-f89c9ae04cd0&user_group=1&ssp=pubmatic&bsw_param=337a7f7f-c354-4fcb-8a7c-c60c9e8d74e2
Frame ID: 5B5D658C31BE8C13DD395A48F13C6638
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4Z6paO_KrT76m_464862b-6fqTP6k_1tsprG0fNL
Frame ID: 0B922CDB1580E5D82F67F75D5345B828
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 77E54E41EF364B4381051F67E1443857
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11ywn99vl3i9
Frame ID: 2D61FAFE9B324968A6344D68CBE4B711
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 4D9F836FC7B82FE50292088DE1642311
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tXQeOi-xUOp_0K2qRUtLH0LLcKg&gdpr=0&gdpr_consent=
Frame ID: 069E05CE209DDC82A62F116015A62C03
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 5750A95B12D1188D5727D7D17504CEF0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6d49e37b47ef4ce682ae4c899b2837a1
Frame ID: 71BE113FE0948A271CC76F225CFCAB69
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DBgRVvPXALSrlgixaoosZQ
Frame ID: 852E08A45C3DE53BED396B7CAB7376F4
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: BA5CB2FB2AF6232A2B730A5D29F750A8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=67353db210bd4cbbacad50ba25c7524c
Frame ID: 09F844B5C078C39CC5CC48B72B13F3C0
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 1CC2A2973AF0F28C5FB030B2BB72D74B
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=9E45E727-AF28-4517-B26A-2859989D7BB5
Frame ID: DD2AE917124B08D3F444436B95CC6EF3
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 055B7D4AC224CF1FF83BA71574F9580A
Requests: 1 HTTP requests in this frame

Frame: https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
Frame ID: EB5B4DB7C4D42F31028A9EB2F27FA39A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 836BAA888E97527806C0455A11006B6A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 05147F193AF8A6D37712362C5A3071C4
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 8C5119299D6A2F13E1151900591A2929
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=9E45E727-AF28-4517-B26A-2859989D7BB5
Frame ID: 7CF18973D47D4C73DF105CABA2CF2D1D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 91BEC67CF8FC1DA321649995392231A5
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: D7CFC1B0C168EE664AF1D9A5BA24C866
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: FBE546776C57E65EF4A933A6DC651EEE
Requests: 12 HTTP requests in this frame

Frame: https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=0
Frame ID: 2C95BBA14ECA30C3A76D482854F8BB21
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Frame ID: 57049DB1913A8D0042D3887E2F6B9D76
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Betoota Advocate - Australia's Oldest And Favourite Newspaper

Page URL History Show full URLs

  1. http://www.betootaadvocate.com/ HTTP 301
    https://www.betootaadvocate.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdks\.shopifycdn\.com
Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

568
Requests

65 %
HTTPS

0 %
IPv6

136
Domains

215
Subdomains

126
IPs

12
Countries

4898 kB
Transfer

12252 kB
Size

189
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.betootaadvocate.com/ HTTP 301
    https://www.betootaadvocate.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106
  • https://www.omnycontent.com/d/clips/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/d9c7e2fa-32ae-4309-bea8-b09c005a0bae/image.jpg?t=1674168181&in_playlist=5f80b78c-7adf-4b90-abed-af8f01765c4d&size=small HTTP 302
  • https://www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Small&t=1674168181
Request Chain 107
  • https://www.omnycontent.com/d/clips/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/d9c7e2fa-32ae-4309-bea8-b09c005a0bae/image.jpg?t=1674168181&in_playlist=5f80b78c-7adf-4b90-abed-af8f01765c4d&size=thumbnail HTTP 302
  • https://www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Thumbnail&t=1674168181
Request Chain 163
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.betootaadvocate.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.betootaadvocate.com%2F&rid=esp&cc=1
Request Chain 183
  • https://match.adsrvr.org/track/cmf/openx?oxid=c81d4c10-e76d-7cbb-c4c2-6b04fa864617&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=c81d4c10-e76d-7cbb-c4c2-6b04fa864617&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&ttd_puid=c81d4c10-e76d-7cbb-c4c2-6b04fa864617&gdpr=0&gdpr_consent=
Request Chain 184
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZSyKZcCo5sMAACDtMqYAAAAA
Request Chain 185
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdSNXzC8zEXkks8AD7ImJ81V0c8AAAGLNfybkA
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ3MjlmZGEtMmUxYS0yMjFmLWQxMjItMzFiZDMwNjQ4ODc3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ3MjlmZGEtMmUxYS0yMjFmLWQxMjItMzFiZDMwNjQ4ODc3&google_tc=
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGGXQ6Qsa6f62h_LnUrN0ao&google_cver=1
Request Chain 251
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 273
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 278
  • https://id5-sync.com/s/441/9.gif?puid=a_17a068b9-2506-452e-8528-92c1030417e1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=a_17a068b9-2506-452e-8528-92c1030417e1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&ttl=%%TTL%% HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/7/3.gif?puid=5075661259466851363&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/6/4.gif?puid=6e2316d0-c22f-4adf-a705-4cae62777e14&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/112/5/5.gif?puid=CF330F8898FA48C3&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F10%2F4%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/441/10/4/6.gif?puid=6226166435111640801&gdpr=0&gdpr_consent=
Request Chain 281
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Request Chain 284
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1697417832589&pubconsent=&euconsent=&hasConsent=1 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1697417832589&pubconsent=&euconsent=&hasConsent=1&rd=1
Request Chain 285
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Request Chain 288
  • https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=373ae8a6-baf2-488c-964f-e3b797688c13&gdpr=0
Request Chain 289
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=7umE1zY5M5Mb&ev=1&us_privacy=&pid=562983
Request Chain 291
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.seedtag.com%252Fcs%252Fcookiesync%252Fappnexus%253Fchanneluid%253D%2524UID HTTP 302
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=5075661259466851363
Request Chain 292
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=2759474869957114172
Request Chain 293
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/seedtag?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__&gdpr=0&gdpr_consent=&puid=&s=2&us_privacy= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=m19d6agvBvIUqlyQe-0Y&gdpr=0
Request Chain 294
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9
Request Chain 297
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F HTTP 303
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=7df2bf99-4cce-4b35-8f6d-1zz1697417826 HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=fafbc36c-fc76-42d0-9db7-6e7009269545&gdpr=0&gdpr_consent=&us_ps=
Request Chain 299
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=fde05a54-b1ff-4f44-b17c-d6ff99e61875
Request Chain 300
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D&s=191730&C=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZSyKaFaZJ5uzO69AjJMJsgAA%264689
Request Chain 301
  • https://ups.analytics.yahoo.com/ups/58427/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58427/occ?verify=true HTTP 302
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-IkGBgDpE2uETaHJdE_dTXbvnLXPEf_I3nZkHLBY-~A
Request Chain 303
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID&sovrn_retry=true HTTP 307
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=Hfi5BLZH3VP7iV2ZSI6qy0Rc
Request Chain 304
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=9a441546-3ed6-486e-925b-d8c09a65b6a7
Request Chain 305
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mk58226aef9f604bae87d2b1ab7a1cbac9
Request Chain 306
  • https://creativecdn.com/cm-notify?pi=seedtag HTTP 302
  • https://creativecdn.com/cm-notify?pi=seedtag&tc=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=b20ExNmGsBp9gNoCufSc&pi=seedtag&tc=1
Request Chain 307
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPUd54849fa7aa14078b94be5fe5d2e7668
Request Chain 312
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=F0vGLE7rxZUitiezKZ98rQ==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 314
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3560998159019865705&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 318
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&us_privacy= HTTP 302
  • https://match.justpremium.com/match/gg?jp_uid=r-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666&ex_uid=a_17a068b9-2506-452e-8528-92c1030417e1
Request Chain 319
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 322
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5639593178088201720
Request Chain 323
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_17a068b9-2506-452e-8528-92c1030417e1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_17a068b9-2506-452e-8528-92c1030417e1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6226166435111640801&ssp=gumgum2
Request Chain 324
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=3f20e860-cf78-44ed-a3b9-7be932d64751
Request Chain 325
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f$ip$66.203.112.168
Request Chain 326
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-m836n.1E2pdjgPX1MOHGzV5kZ6VrRao_BU_L~A
Request Chain 327
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=9b82c21a-74a1-4391-92a0-9f9bc7e04753
Request Chain 328
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=6226166435111640801&gdpr=0&gdpr_consent=
Request Chain 329
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZSyKaQAU38MioQBV HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZSyKaQAU38MioQBV&gdpr=0&gdpr_consent=&_test=ZSyKaQAU38MioQBV
Request Chain 332
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=b8d71d56-3008-45a7-be15-ac3dbb11b4d9
Request Chain 333
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 334
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjg5MzY0NTM0MzYwNzEwMTk0NDIxOQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOIkoWv_sCoF6AzEAn83hMM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 336
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjg5MzY0NTM0MzYwNzEwMTk0NDIxOQ%3D%3D
Request Chain 338
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2893645343607101944219?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eG_o_nFE2oRAZSIttKlnFxy_3tq.httag9y44dkphA--~A&dongle=0883
Request Chain 341
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=3415b3bb-e415-40cd-af3f-c60ad2f4b03a&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 342
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5075661259466851363&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 346
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=5587116499149563320&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 347
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=5587116499149563320&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 349
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=b20ExNmGsBp9gNoCufSc&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
Request Chain 350
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adyoulike HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6226166435111640801&ssp=adyoulike
Request Chain 351
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&name=THE_TRADE_DESK
Request Chain 352
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af9e62c4ae76bee5b9517c4ef4%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=204610120d167e27a256941f5f293d02&gdpr=0&gdpr_consent=
Request Chain 353
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
Request Chain 354
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&s=2 HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=VCys-l-RAZ9kUgc8b9US&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 355
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=fd13e023-64bf-44ea-b5cf-ccb761b67e78%20&gdpr_consent=null&gdpr=0
Request Chain 356
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&rdf=1 HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
Request Chain 357
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09af220400e5db26fc5a9bbe&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Request Chain 358
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f$ip$66.203.112.168&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 359
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=574ddaf9-ee0c-4886-baae-c3a5fda8fb00&gdpr=0&gdpr_consent=
Request Chain 360
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent=&crf=1&rts=-3845875058634637461 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=be258935-74d9-5421-bf81-3ac2daadb0ab&name=BETWEENX&gdpr=0&gdpr_consent=
Request Chain 362
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=68e8858b45a741eda0255d861458facf&gdpr=0&gdpr_consent=
Request Chain 363
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=ae692575-cb43-40cd-8383-cc19d0721a79&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 365
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 366
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 367
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 377
  • https://id.a-mx.com/sync?tao=1&&do=www.betootaadvocate.com HTTP 302
  • https://c3.a-mo.net/b?uid=304ba9dd-8088-449f-a309-2668b930a50a&sh=id.a-mx.com&
Request Chain 378
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=fafbc36c-fc76-42d0-9db7-6e7009269545&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 379
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-VcMBv8JE2uH58AY5Y3p0kC97OxEGqABhIF5H2s8-~A&gdpr=0
Request Chain 380
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LNS6QZEW-1Z-4NR7&gdpr=0&us_privacy=1---
Request Chain 381
  • https://id.a-mx.net/u?&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Damx_com%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=amx_com&uid=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b
Request Chain 382
  • https://rtb.openx.net/sync/prebid?&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=openx&uid=f1c3c3df-5ef2-4f52-af4e-ab117bdd849a
Request Chain 384
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=smartadserver&uid=2759474869957114172
Request Chain 385
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Dpubmatic%26uid%3D9E45E727-AF28-4517-B26A-2859989D7BB5 HTTP 302
  • https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=pubmatic&uid=9E45E727-AF28-4517-B26A-2859989D7BB5
Request Chain 386
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=index_rtb&uid=ZSyKaFaZJ5uzO69AjJMJsgAA%264689
Request Chain 387
  • https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=sovrn&uid=Hfi5BLZH3VP7iV2ZSI6qy0Rc
Request Chain 388
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=appnexus&uid=5075661259466851363
Request Chain 394
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr_consent=undefined&gdpr=0&khaos=LNS6QZEW-1Z-4NR7 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LNS6QZEW-1Z-4NR7&gdpr=0&gdpr_consent=undefined
Request Chain 396
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MzAwMjYzMDI1MTUzMjA3MzIyMA==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEBi5uYgTo2tfEyf77gUW3wE&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 397
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
Request Chain 398
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=3002630251532073220&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=3002630251532073220&gdpr=0&gdpr_consent=&dcc=t
Request Chain 399
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7290354084683184273&gdpr=0&gdpr_consent=
Request Chain 400
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=5352652c-8a6a-4600-9e0a-93ce9ab9580d&gdpr=0&gdpr_consent=
Request Chain 401
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 402
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5075661259466851363
Request Chain 403
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=2a42fc2648946ae13c8b7b03ac4f4&gdpr_consent=&gdpr=0
Request Chain 405
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABizX8rSUQQENIvjQs_tVm9-mt7RA9tTZFJA
Request Chain 406
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=3002630251532073220
Request Chain 407
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
Request Chain 408
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=9E45E727-AF28-4517-B26A-2859989D7BB5
Request Chain 409
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELegwVVuKIaeUU4OerqJc3w&google_cver=1
Request Chain 410
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-VcMBv8JE2uH58AY5Y3p0kC97OxEGqABhIF5H2s8-~A
Request Chain 411
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
Request Chain 412
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=337a7f7f-c354-4fcb-8a7c-c60c9e8d74e2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-uOjoH35E2pkPqxKnRHNFwnYjeKUz0yJbAVJlKw--~A&expires=5&ssp=onetag
Request Chain 414
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABizX8rTbyPRt08kL5kSe1CL8Ulqis2Zmxuw
Request Chain 415
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELegwVVuKIaeUU4OerqJc3w&google_cver=1
Request Chain 416
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=6e96652c-8a6a-4e00-849f-8a5a8f6dd671&gdpr=1&gdpr_consent=
Request Chain 418
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5075661259466851363
Request Chain 419
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=2a42fc2648946ae13c8b7b03ac4f4&gdpr_consent=&gdpr=1
Request Chain 422
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
Request Chain 425
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
Request Chain 428
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/2T5HtHFdBrEOpZC-qBVXw8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tWvhw0FE2oLl4hKigIrwWc5RoXCvLYCLT9Zj8A--~A
Request Chain 429
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=81x1iVRkR567ZWN9umV_vg&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=81x1iVRkR567ZWN9umV_vg&gdpr=0
Request Chain 430
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=&expires=30
Request Chain 431
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 432
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEKgW7JcafHzelZQ9OucNrfM&google_cver=1
Request Chain 433
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5TNlFaRVctMVotNE5SNw==&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEBt8N7qYYVC50_9fFRgd3SU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5TNlFaRVctMVotNE5SNw==&google_push=&gdpr=0
Request Chain 434
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGY2MWZhOTYxZmI5MWVkNjRhM2NiMDc5YTFiYjVkNjhhNDJhZGE2Mw&gdpr=0
Request Chain 435
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UBV5rjIrQS20FnhK_XWURg&rk=usync-other&gdpr=0
Request Chain 436
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAH_G07KWRUAABjUly_Eag&expires=30&gdpr=0
Request Chain 437
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0 HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 438
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 439
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNS6QZEW-1Z-4NR7&redir=true&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNS6QZEW-1Z-4NR7&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1LVmE2cjM5RTJ1SEFDcDRKTXJ1MGl2d2szRk1EVllCb35B&gdpr=0&ovsid=LNS6QZEW-1Z-4NR7&dpid=58160
Request Chain 440
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 441
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9b82c21a-74a1-4391-92a0-9f9bc7e04753&expires=30&gdpr=0
Request Chain 442
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 443
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 444
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5075661259466851363&gdpr=0&gdpr_consent=
Request Chain 445
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://b1sync.zemanta.com/usersync/pubmatic/?gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2 HTTP 302
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2?gdpr=0 HTTP 301
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Request Chain 446
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=337a7f7f-c354-4fcb-8a7c-c60c9e8d74e2 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=337a7f7f-c354-4fcb-8a7c-c60c9e8d74e2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=44790866-dd20-4469-8d09-f89c9ae04cd0&user_group=1&ssp=pubmatic&bsw_param=337a7f7f-c354-4fcb-8a7c-c60c9e8d74e2
Request Chain 447
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4Z6paO_KrT76m_464862b-6fqTP6k_1tsprG0fNL
Request Chain 449
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11ywn99vl3i9
Request Chain 450
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 451
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tXQeOi-xUOp_0K2qRUtLH0LLcKg&gdpr=0&gdpr_consent=
Request Chain 453
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6d49e37b47ef4ce682ae4c899b2837a1
Request Chain 454
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DBgRVvPXALSrlgixaoosZQ
Request Chain 456
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=67353db210bd4cbbacad50ba25c7524c
Request Chain 459
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 460
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f221f5f4-6bbe-11ee-8bf8-6fd23714c75b HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
Request Chain 462
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 465
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nkXnJ68oRReyaihZmJ17tQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 466
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=9E45E727-AF28-4517-B26A-2859989D7BB5 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=9E45E727-AF28-4517-B26A-2859989D7BB5 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6e2316d0-c22f-4adf-a705-4cae62777e14%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&ttd_puid=6e2316d0-c22f-4adf-a705-4cae62777e14%2C%2C
Request Chain 468
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9E45E727-AF28-4517-B26A-2859989D7BB5&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9E45E727-AF28-4517-B26A-2859989D7BB5&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 469
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUU0NUU3MjctQUYyOC00NTE3LUIyNkEtMjg1OTk4OUQ3QkI1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 470
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG--y6T2UAeB4g5w6K5sf3w&google_cver=1
Request Chain 473
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
Request Chain 474
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9E45E727-AF28-4517-B26A-2859989D7BB5&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-k63lEyRE2uWeRBhLhPbxTYxy961Fgsk-~A&gdpr=0
Request Chain 475
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6226166435111640801
Request Chain 476
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3705113347095721577&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
Request Chain 477
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6c76a1af9cc01ef5&is_secure=true&networkId=17100&version=1&nuid=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMG2nJRbAXoQM2lFBhAAAAAAA&expiration=1697504235&nuid=9E45E727-AF28-4517-B26A-2859989D7BB5&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 478
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5075661259466851363
Request Chain 479
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 480
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=3415b3bb-e415-40cd-af3f-c60ad2f4b03a&gdpr=0
Request Chain 481
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=b694090f-4937-4db7-95da-f1454aaad387
Request Chain 482
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=tXQeOi-xUOp_0K2qRUtLH0LLcKg
Request Chain 483
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6226166435111640801
Request Chain 484
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 485
  • https://ad.turn.com/r/cs?pid=6&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3488940564981937769&expires=60&gdpr=0&gdpr_consent=
Request Chain 486
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=5075661259466851363&expires=30&gdpr=0
Request Chain 487
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0 HTTP 302
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1697417834437 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1092031672 HTTP 302
  • https://sync.1rx.io/usersync/turn/3705113347095721577?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6d4b7bf1-520e-43cf-a3c2-bf13bb54a30e-004?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-6d4b7bf1-520e-43cf-a3c2-bf13bb54a30e-004%26expires%3D30
Request Chain 488
  • https://id.rlcdn.com/709414.gif?gdpr=0 HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 489
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr=0 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LNS6QZEW-1Z-4NR7&obUid=&initiator=&gdpr=0
Request Chain 490
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LNS6QZEW-1Z-4NR7&name=RUBICON&gdpr=0
Request Chain 491
  • https://token.rubiconproject.com/token?pid=49096&gdpr=0 HTTP 302
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LNS6QZEW-1Z-4NR7&gdpr=0 HTTP 303
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LNS6QZEW-1Z-4NR7&gdpr=0&_li_chk=true&previous_uuid=180c32eafa39415eacf52037bed0a08e
Request Chain 492
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=1e0db7e7-cd9a-4325-9a13-ebe3f8d0cf7a-652c8a6a-5553&expires=360&gdpr=0&gdpr_consent=
Request Chain 493
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&gdpr=0 HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LNS6QZEW-1Z-4NR7?gdpr=0
Request Chain 495
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LNS6QZEW-1Z-4NR7 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LNS6QZEW-1Z-4NR7&name=RUBICON&gdpr=0
Request Chain 496
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LNS6QZEW-1Z-4NR7&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 497
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LNS6QZEW-1Z-4NR7&gdpr=0 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LNS6QZEW-1Z-4NR7&ts=1697417834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 498
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=0 HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 500
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZSyKaQAU38MioQBV&gdpr=0
Request Chain 501
  • https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon&gdpr=0 HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=rubicon&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=f221f5f4-6bbe-11ee-8bf8-6fd23714c75b&expires=60
Request Chain 502
  • https://um.simpli.fi/rb_match?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8DA2511EED2D4652A27AF3DF5C0B52B8&expires=365
Request Chain 503
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=0 HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=LPaBMmseKODxgcSAfv73GIXsnMZhMiGdLdsvN9R-tmQ&gdpr=0 HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=4d846da295652127&is_secure=true&networkId=12783&version=1&nuid=LPaBMmseKODxgcSAfv73GIXsnMZhMiGdLdsvN9R-tmQ&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMOZx9wIonbAMwNdZ1AAAAAAA&expiration=1697504235&nuid=LPaBMmseKODxgcSAfv73GIXsnMZhMiGdLdsvN9R-tmQ&is_secure=true&gdpr=0
Request Chain 505
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo&gdpr=0 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 506
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7290354084688492701&expires=730&gdpr=0
Request Chain 508
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=7umE1zY5M5Mb&ev=1&pid=560687&gdpr=0
Request Chain 509
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr=0 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 510
  • https://ums.acuityplatform.com/tum?umid=2&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=840801861850&expires=30&us_privacy=1---
Request Chain 511
  • https://b1sync.zemanta.com/usersync/rubicon/?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=VCys-l-RAZ9kUgc8b9US&gdpr=0
Request Chain 512
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 513
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1697417833804.4&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 514
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1697417833804.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 515
  • https://ssc-cms.33across.com/ps/?_=1697417833804.&ri=0010b00002MptHCAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 302
  • https://s.seedtag.com/cs/cookiesync/33across?channeluid=212308014644721
Request Chain 517
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=bb1c7c1a-c3d1-4194-bfcf-76e9022f8f84-652c8a6a-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dbb1c7c1a-c3d1-4194-bfcf-76e9022f8f84-652c8a6a-5553%26partner_url%3Dhttps%253A%252F%252Fssc-cms.33across.com%252Fps%252F%253Fus_privacy%253D%2526xi%253D45%2526xu%253Dbb1c7c1a-c3d1-4194-bfcf-76e9022f8f84-652c8a6a-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=bb1c7c1a-c3d1-4194-bfcf-76e9022f8f84-652c8a6a-5553&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3Dbb1c7c1a-c3d1-4194-bfcf-76e9022f8f84-652c8a6a-5553 HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=bb1c7c1a-c3d1-4194-bfcf-76e9022f8f84-652c8a6a-5553 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=bb1c7c1a-c3d1-4194-bfcf-76e9022f8f84-652c8a6a-5553&ts=1697417835&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 518
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1697417833804.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=5075661259466851363
Request Chain 519
  • https://pixel.rubiconproject.com/exchange/sync.php?p=loopme&gdpr=0 HTTP 302
  • https://csync.loopme.me/?partner_id=1441&vt=&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 520
  • https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=7iGuQ-B1qhX1JPkR7HGxROEgrhj1LPpGvSXX96pb
Request Chain 521
  • https://rbp.mxptint.net/sn.ashx?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R4E330_10A9DAD81_5EB5A8BA&expires=60
Request Chain 522
  • https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon&gdpr=0 HTTP 302
  • https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 523
  • https://match.adsby.bidtheatre.com/rubiconmatch?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=0&gdpr_consent=&put=3a97b8bb-7a92-47f1-9734-ecd265fe6a16
Request Chain 524
  • https://ssbsync.smartadserver.com/api/sync?callerId=87&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=3002630251532073220&gdpr=0&gdpr_consent=
Request Chain 525
  • https://token.rubiconproject.com/token?pid=10362&gdpr=0 HTTP 302
  • https://uipglob.semasio.net/magnite/1/info?sType=sync&sExtCookieId=LNS6QZEW-1Z-4NR7&sInitiator=external&gdpr=0 HTTP 302
  • https://uipglob.semasio.net/magnite/1/info2?sType=sync&sExtCookieId=LNS6QZEW-1Z-4NR7&sInitiator=external&gdpr=0
Request Chain 526
  • https://dmp.brand-display.com/cm/api/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=3b404e16-eb90-c4fb-ceb78677
Request Chain 527
  • https://p.rfihub.com/cm?in=1&pub=64&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1977432094398873212&expires=30
Request Chain 528
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=fgvyAkL81QSbV05&expires=30&gdpr=0
Request Chain 529
  • https://onetag-sys.com/match/?int_id=4&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
Request Chain 530
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=54&gdpr=0 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=54&gdpr=0&ckls=true&ci=DdpYjnmhnY&nc=false&trid=585988045
Request Chain 532
  • https://sync.adotmob.com/cookie/rubicon?r=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D123034%26nid%3D3956%26put%3D%7Buser_token%7D&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=09af220400e5db26fc5a9bbe&expires=1&gdpr=0
Request Chain 533
  • https://ib.adnxs.com/getuid?https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=$UID&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=5075661259466851363&gdpr=0
Request Chain 534
  • https://cm.smadex.com/sync?sm_p=rbc&sm_r=rbc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=ebc6c393-0304-4072-8c5a-fa3930f64547&expires=30
Request Chain 539
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Request Chain 541
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9
Request Chain 542
  • https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Ftoken.rubiconproject.com%2Ftoken%3Fpid%3D35912%26puid%3D%5BMM_UUID%5D&gdpr=0 HTTP 302
  • https://token.rubiconproject.com/token?pid=35912&puid=cb0b652c-8a6a-4600-8932-9fbe59d63588&gdpr=0&gdpr_consent=
Request Chain 543
  • https://www.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
Request Chain 544
  • https://x.bidswitch.net/sync?ssp=rubicon&gdpr=0 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=rubicon&bsw_custom_parameter=fafbc36c-fc76-42d0-9db7-6e7009269545 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=&ssp=rubicon&bsw_param=fafbc36c-fc76-42d0-9db7-6e7009269545
Request Chain 545
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid]&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=3002630251532073220
Request Chain 546
  • https://beacon.lynx.cognitivlabs.com/rb.gif?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=a5ee2239-da7c-41c9-8d8d-ffc9e842d948&expires=365&next=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Drubicon%26inventory_source%3D0 HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=rubicon&inventory_source=0
Request Chain 548
  • https://pixel.rubiconproject.com/token?pid=3&gdpr=0 HTTP 302
  • https://stags.bluekai.com/site/6123?id=LNS6QZEW-1Z-4NR7&limit=1&gdpr=0
Request Chain 549
  • https://rubiconcm.digitaleast.mobi/usersync/rubicon.gif?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=
Request Chain 550
  • https://s.company-target.com/s/rp?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=63577354-6412-40c4-b875-097ee147e9da
Request Chain 551
  • https://rcp.c.appier.net/rbcm?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=tdCGvqsDCF61Ojt1aoosZQ&expires=365
Request Chain 552
  • https://tg.socdm.com/rtb/sync?proto=rubicon&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZSyKasCo5sMAACDtMs8AAAAA
Request Chain 553
  • https://um4.eqads.com/um/rc?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=4aadc648-9b84-498e-b8ac-851dbb5a2e78&expires=30
Request Chain 554
  • https://token.rubiconproject.com/token?pid=6404&gdpr=0 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LNS6QZEW-1Z-4NR7?gdpr=0 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=481&dpuuid=LNS6QZEW-1Z-4NR7
Request Chain 557
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&khaos=LNS6QZEW-1Z-4NR7 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LNS6QZEW-1Z-4NR7&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LNS6QZEW-1Z-4NR7&ts=1697417835&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 560
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=5031ad7e0be2214&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALxzbDEiApAAMZWFv3AAAAAAA&expiration=1697504235&nuid={OX_USER_ID}&is_secure=true
Request Chain 562
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=8DA2511EED2D4652A27AF3DF5C0B52B8
Request Chain 564
  • https://s.amazon-adsystem.com/x/19cb1bfc173dcb98ccec HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=ox&dcc=t
Request Chain 565
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=hpLXghb21QSbV05
Request Chain 566
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZSyKaQAU38MioQBV
Request Chain 567
  • https://tr.blismedia.com/v1/api/sync/openx HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=652C8A6970452A46677FFD51BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D652C8A6970452A46677FFD51BLIS HTTP 302
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=652C8A6970452A46677FFD51BLIS HTTP 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia HTTP 302
  • https://tr.blismedia.com/v1/dpusync/6?uid=LNS6QZEW-1Z-4NR7
Request Chain 568
  • https://bk.r-ad.ne.jp/3/cs HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=56s0vE00pBDHN0066tgk
Request Chain 571
  • https://pm.w55c.net/pingmatch.gif HTTP 302
  • https://pm.w55c.net/pingmatch.gif?scc=1
Request Chain 573
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr=0&gdpr_consent=&gdpr=0&khaos=LNS6QZEW-1Z-4NR7 HTTP 302
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LNS6QZEW-1Z-4NR7&gdpr=0
Request Chain 574
  • https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGhocUFhUjExUVNiVjA1&google_cm HTTP 302
  • https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESELC-6GrtykN8t64BXdzRskk&google_cver=1

568 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.betootaadvocate.com/
Redirect Chain
  • http://www.betootaadvocate.com/
  • https://www.betootaadvocate.com/
296 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f607158c92d9c88b8a13efdb99e0a8332d1e478059892693621e5872ae6b81a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1403
cache-control
max-age=1800
cf-apo-via
tcache
cf-cache-status
HIT
cf-edge-cache
cache,platform=wordpress
cf-ray
816c58897c5ea7ef-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 00:57:06 GMT
last-modified
Mon, 16 Oct 2023 00:33:43 GMT
link
<https://www.betootaadvocate.com/wp-json/>; rel="https://api.w.org/", <https://www.betootaadvocate.com/wp-json/wp/v2/pages/31732>; rel="alternate"; type="application/json", <https://www.betootaadvocate.com/>; rel=shortlink
server
cloudflare
vary
Accept-Encoding, Cookie,User-Agent
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-Cache-Status
BYPASS
CF-Ray
816c58872af8aafc-SYD
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Oct 2023 00:57:06 GMT
Location
https://www.betootaadvocate.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding, Cookie,User-Agent
cf-apo-via
origin,no-cache
x-redirect-by
iThemes Security
x-turbo-charged-by
LiteSpeed
/
www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/ 		1015 KB
114 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/instagram-feed/css/sbi-styles.min.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/give/assets/dist/css/give-donation-summary.css,wp-content/plugins/give-recurring/assets/css/give-recurring.min.css,wp-content/plugins/td-composer/td-multi-purpose/style.css,wp-content/themes/betootaadvocate/style.css,wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css,wp-content/themes/Newspaper/style.css,wp-content/themes/betootaadvocate/lib/css/ba.css,wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b6cd8a88cc0f741f2e3e428ad5d7c0c58598971341db3725bbebd4a7bdc053

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 06 Oct 2023 06:14:07 GMT
server
cloudflare
age
1017
vary
Accept-Encoding,User-Agent
content-type
text/css; charset=utf-8
cache-control
max-age=86400
cf-apo-via
tcache
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c5889bc8aa7ef-SYD
content-length
116600
expires
Tue, 17 Oct 2023 00:40:09 GMT
give.css
www.betootaadvocate.com/wp-content/plugins/give/assets/dist/css/ 		74 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/plugins/give/assets/dist/css/give.css?ver=2.33.2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7685b8c8b0c352fbe006ed5b2f5b8128763e28be5bd78ce79367b4743129b09e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 19 Sep 2023 01:34:42 GMT
server
cloudflare
age
1198
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c5889bc8ba7ef-SYD
content-length
17327
expires
Mon, 23 Oct 2023 00:37:08 GMT
41c52f39-c20d-4e94-b649-19cbe88f59b6
https://www.betootaadvocate.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.betootaadvocate.com/41c52f39-c20d-4e94-b649-19cbe88f59b6
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
/
www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/td-cloud-library/assets/css/tdb_main.css
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04c1992406ec9c6f2aac5a686c636ed33dd24e80edc607559710ec293b571da2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 11 Sep 2023 03:41:23 GMT
server
cloudflare
age
1017
vary
Accept-Encoding,User-Agent
content-type
text/css; charset=utf-8
cache-control
max-age=86400
cf-apo-via
tcache
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c5889dcb5a7ef-SYD
content-length
6806
expires
Tue, 17 Oct 2023 00:40:09 GMT
/
www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/js/jquery/jquery.min.js,wp-content/plugins/give-recurring/assets/js/give-recurring.min.js
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5297f04d86e06325abfc96f65e0f58b051d0b46eda17097408dbec355eb5b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 11 Sep 2023 03:37:21 GMT
server
cloudflare
age
210
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=86400
cf-apo-via
tcache
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c5889ecbca7ef-SYD
content-length
33071
expires
Tue, 17 Oct 2023 00:53:36 GMT
site.js
a.mailmunch.co/app/v1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/site.js
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-60.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
159043fcb16dd5c9a4b6a80581f7a91dc5987665ea5f7851da6c29fba0615a64

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 11:56:45 GMT
content-encoding
gzip
via
1.1 291933b5bb7fbb03efd999a83bb9696a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
46823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8416
last-modified
Thu, 12 Oct 2023 13:37:28 GMT
server
AmazonS3
etag
"a2db3b3d68ca8c03f9b88f2e6607b62c"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
N_nVXjZu8-P16ig75qjebhsuhVCuGrlF4jAKtrn74fKLCGyvQA7KhA==
js
www.googletagmanager.com/gtag/ 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-56468053-1
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4962af7868680d06521e51125c3a6fcb112c5a476e028016bf1ab23736d97639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68155
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 16 Oct 2023 00:57:07 GMT
snack-cmp_v2.min.js
widgets.snack-projects.co.uk/gdpr/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.snack-projects.co.uk/gdpr/snack-cmp_v2.min.js
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SYD1-1151 /
Resource Hash
c23d5ca3e201d4c79f0b3f980beda9287a056df0f5c8c7ddb087a6d95f671210

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cdn-edgestorageid
1151
cdn-storageserver
DE-51
cdn-cachedat
08/08/2023 15:25:35
cdn-pullzone
851110
last-modified
Tue, 08 Aug 2023 15:20:05 GMT
server
BunnyCDN-SYD1-1151
cdn-fileserver
382
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64d25d25-fa0"
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
cf85643b-ef61-4e40-8871-e5ff38046499
cache-control
public, max-age=2592000
cdn-requestid
b9fc17e6b50843c62ac91844f7177d66
cdn-requestcountrycode
AU
cdn-status
200
cdn-requestpullsuccess
True
Betoota-Advocate-Desktop-Header-Logo.svg
betootaadvocate.com/wp-content/uploads/2018/07/ 		93 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://betootaadvocate.com/wp-content/uploads/2018/07/Betoota-Advocate-Desktop-Header-Logo.svg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8752501a9c32832119ff9cddfe47b8f32e51c97d5abbd6d254d3646ca9e6d665

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 01 Jul 2018 23:58:27 GMT
server
cloudflare
age
511505
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c5889ecd0a7ef-SYD
content-length
26165
expires
Tue, 17 Oct 2023 02:52:01 GMT
Betoota-Advocate-Mobile-Header-Logo.svg
www.betootaadvocate.com/wp-content/uploads/2018/07/ 		73 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2018/07/Betoota-Advocate-Mobile-Header-Logo.svg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6eded00baf8989a00ae532498c24904285fcf42a8c7d727f2270ac74cd4d56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 01 Jul 2018 23:58:30 GMT
server
cloudflare
age
1046
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a4d37a7ef-SYD
content-length
21268
expires
Mon, 23 Oct 2023 00:39:40 GMT
siphonman-534x462.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/siphonman-534x462.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f1e07fe881fc78609dbc251da2866d73786f010054045db7c1ba9b89d667ca

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 16 Oct 2023 00:31:59 GMT
server
cloudflare
age
1403
cf-polished
degrade=85, origSize=60724, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c5889ecbea7ef-SYD
content-length
56643
expires
Mon, 23 Oct 2023 00:33:43 GMT
Vote-yes-western-suburbs-533x261.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/Vote-yes-western-suburbs-533x261.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
138feca8288a7af131c0964b2b77cd13d6b0770b9b7b781542902d7dc7ae303c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Sun, 15 Oct 2023 23:12:02 GMT
server
cloudflare
age
1403
cf-polished
degrade=85, origSize=28882, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a0ce7a7ef-SYD
content-length
26714
expires
Mon, 23 Oct 2023 00:33:43 GMT
Jacinta-price-no-calls-265x198.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/Jacinta-price-no-calls-265x198.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769a30685d5b963d6c6c3dc57444210f92ca3c7b58604b9b2122adcafa351f03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Sun, 15 Oct 2023 22:22:55 GMT
server
cloudflare
age
1403
cf-polished
degrade=85, origSize=16671, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a0ce8a7ef-SYD
content-length
15150
expires
Mon, 23 Oct 2023 00:33:43 GMT
Peter-Dutton-kamikaze-265x198.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/Peter-Dutton-kamikaze-265x198.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
127606e67cf033badc3dbe1f6c3596917ce3f2d4512811a0e63d73037d875297

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Fri, 13 Oct 2023 02:48:54 GMT
server
cloudflare
age
562
cf-polished
degrade=85, origSize=19560, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a4d39a7ef-SYD
content-length
17486
expires
Mon, 23 Oct 2023 00:47:44 GMT
Millennial-324x160.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/Millennial-324x160.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e686afffdb81eb7096b4410071c35601da7a0d6ca21142db65353c99f20e0e13

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Tue, 10 Oct 2023 02:38:16 GMT
server
cloudflare
cf-polished
degrade=85, origSize=16601, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a4d3aa7ef-SYD
content-length
15163
expires
Mon, 23 Oct 2023 00:57:06 GMT
White-mans-career-change-324x160.jpg
www.betootaadvocate.com/wp-content/uploads/2023/09/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/09/White-mans-career-change-324x160.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe41c8df307d787c2956ec2242855c8f56d7cb6fe678d952d1a29c039001d86

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Tue, 26 Sep 2023 06:36:05 GMT
server
cloudflare
cf-polished
degrade=85, origSize=10372, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d3ba7ef-SYD
content-length
9568
expires
Mon, 23 Oct 2023 00:57:06 GMT
RUOK-QANTAS-324x160.jpg
www.betootaadvocate.com/wp-content/uploads/2023/09/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/09/RUOK-QANTAS-324x160.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cea1bc9d60f7ed01955dc082bb25bac5d531e6a95f06c976913b4b9f52c2daa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Thu, 14 Sep 2023 00:36:46 GMT
server
cloudflare
cf-polished
degrade=85, origSize=15600, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d3ca7ef-SYD
content-length
13948
expires
Mon, 23 Oct 2023 00:57:06 GMT
soccccer-324x160.jpg
www.betootaadvocate.com/wp-content/uploads/2023/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/08/soccccer-324x160.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a44bc76bb7c55cb1c586a52da9da99537e85e0853f6851d7a5a19aae4c3f93

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Thu, 17 Aug 2023 05:49:28 GMT
server
cloudflare
age
488
cf-polished
degrade=85, origSize=9664, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d3da7ef-SYD
content-length
8964
expires
Mon, 23 Oct 2023 00:48:58 GMT
mumandad-324x160.jpg
www.betootaadvocate.com/wp-content/uploads/2023/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/08/mumandad-324x160.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e49950f678d3573bf2a5ec3b928fb1ecda5d82d53a824cb84d21c72156c61ea6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Thu, 17 Aug 2023 05:36:03 GMT
server
cloudflare
age
773
cf-polished
degrade=85, origSize=12459, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d3ea7ef-SYD
content-length
11473
expires
Mon, 23 Oct 2023 00:44:13 GMT
COMBSY-324x160.jpg
www.betootaadvocate.com/wp-content/uploads/2023/08/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/08/COMBSY-324x160.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71b00f504eb27a71fb020570eaa49f8548244361bf5e063e85bc9369f1eed058

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Thu, 17 Aug 2023 05:15:04 GMT
server
cloudflare
cf-polished
degrade=85, origSize=16566, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d3fa7ef-SYD
content-length
15105
expires
Mon, 23 Oct 2023 00:57:06 GMT
siphonman-324x235.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/siphonman-324x235.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9158b38d44160317b8e6ea028f3403e4762cd377f7f8a401b7802d0aa7c044e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 16 Oct 2023 00:31:59 GMT
server
cloudflare
age
1403
cf-polished
degrade=85, origSize=24688, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d40a7ef-SYD
content-length
22110
expires
Mon, 23 Oct 2023 00:33:43 GMT
shutterstock_479633479-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/shutterstock_479633479-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33678482c74c751f057c482878add31363cadc66690a2574ffb64ac7fd269fff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Fri, 13 Oct 2023 02:17:07 GMT
server
cloudflare
age
772
cf-polished
degrade=85, origSize=3527, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d42a7ef-SYD
content-length
2922
expires
Mon, 23 Oct 2023 00:44:14 GMT
kamal-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/kamal-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cca51d9c2c14af6d9c86da728736661815dc4dce73f465df46f4aa0cd412d52d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Tue, 10 Oct 2023 02:20:56 GMT
server
cloudflare
age
488
cf-polished
degrade=85, origSize=3249, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d43a7ef-SYD
content-length
2709
expires
Mon, 23 Oct 2023 00:48:58 GMT
richlittenerd-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/richlittenerd-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
465b2c4c6b84c1afd5a97981c0a946be56cdce4ed77188cb0d7c0538353df58e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 09 Oct 2023 01:28:39 GMT
server
cloudflare
age
488
cf-polished
degrade=85, origSize=3608, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d44a7ef-SYD
content-length
3007
expires
Mon, 23 Oct 2023 00:48:58 GMT
barnabynovel-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/barnabynovel-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db464ac95b0b45d3035a4ff3ab97048ea4e5fc01fc90b33c08ab763525a3633a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Thu, 05 Oct 2023 06:45:35 GMT
server
cloudflare
cf-polished
degrade=85, origSize=3456, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d45a7ef-SYD
content-length
2904
expires
Mon, 23 Oct 2023 00:57:06 GMT
Jacinta-price-no-calls-324x235.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/Jacinta-price-no-calls-324x235.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99665f6030003d18fb3ad3ca8c848450e17be4400b3ce9ad52d0359abff7daad

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Sun, 15 Oct 2023 22:22:55 GMT
server
cloudflare
age
539
cf-polished
degrade=85, origSize=22430, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d47a7ef-SYD
content-length
20489
expires
Mon, 23 Oct 2023 00:48:07 GMT
albanese-voice-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/albanese-voice-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c597b3bdf71ceb1e7537f8681fb223dab065719865414921e01688e26a9b4ca

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 11 Oct 2023 02:33:45 GMT
server
cloudflare
age
488
cf-polished
degrade=85, origSize=3851, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d48a7ef-SYD
content-length
3620
expires
Mon, 23 Oct 2023 00:48:58 GMT
tassielibs-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/tassielibs-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32be64f15c29dbe50ccb6eea5ccc2c8589b2b5f00bd1bf5f0d429c4f4f8c11e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 Oct 2023 22:25:07 GMT
server
cloudflare
age
1668
cf-polished
degrade=85, origSize=3801, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d49a7ef-SYD
content-length
3172
expires
Mon, 23 Oct 2023 00:29:18 GMT
NDIS-royal-commission-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/09/NDIS-royal-commission-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52923fbd8b1f380954792b9d24d82c2b14c59ebe8718689322afc43526c2bcd8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Fri, 29 Sep 2023 00:34:20 GMT
server
cloudflare
age
488
cf-polished
degrade=85, origSize=3288, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d4aa7ef-SYD
content-length
2769
expires
Mon, 23 Oct 2023 00:48:58 GMT
black-one-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/09/black-one-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff52648b0892f3c55fec9d677eec117c3177feabf1b5bd9d7914b7fa7422b1c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Thu, 28 Sep 2023 00:38:52 GMT
server
cloudflare
age
772
cf-polished
degrade=85, origSize=3936, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d4ba7ef-SYD
content-length
3283
expires
Mon, 23 Oct 2023 00:44:14 GMT
bearing-gifts-324x235.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/bearing-gifts-324x235.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eb3fae0d7e995cb7915fa560bce32d166dfdb6f7db6aa210db1e745817ebacd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Fri, 13 Oct 2023 03:50:55 GMT
server
cloudflare
age
209
cf-polished
degrade=85, origSize=18695, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d4ca7ef-SYD
content-length
17231
expires
Mon, 23 Oct 2023 00:53:37 GMT
eddie-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/eddie-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca0006614891e6894f90f9554a22357a4b107f61b3c2e603ddbed42bc2a1b01

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 03:24:45 GMT
server
cloudflare
age
772
cf-polished
degrade=85, origSize=2812, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d4da7ef-SYD
content-length
2323
expires
Mon, 23 Oct 2023 00:44:14 GMT
Serbian-ultras-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/Serbian-ultras-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c210dced3679813bf7aef99e23336e7c2b28dda407a42358cb0c45a1ed7d032

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Tue, 10 Oct 2023 05:14:23 GMT
server
cloudflare
age
488
cf-polished
degrade=85, origSize=3603, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d4fa7ef-SYD
content-length
3443
expires
Mon, 23 Oct 2023 00:48:58 GMT
beckham-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/beckham-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52b271755c20065434fe7d35e0e5a477a14b649a38bbe78034aaffc7762f126f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 09 Oct 2023 04:36:42 GMT
server
cloudflare
age
772
cf-polished
degrade=85, origSize=2401, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d50a7ef-SYD
content-length
1933
expires
Mon, 23 Oct 2023 00:44:14 GMT
roo-poo-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/roo-poo-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c35559f5e93bdccb8d959fdf5fbda126de7acb2263649eaa210b28055eb495dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Fri, 06 Oct 2023 03:08:40 GMT
server
cloudflare
age
772
cf-polished
degrade=85, origSize=3508, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d51a7ef-SYD
content-length
2963
expires
Mon, 23 Oct 2023 00:44:14 GMT
Queensland-suffer-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/Queensland-suffer-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
664bcdcd633cfe1700f9869f4c1d642de23ab2fbf99d28fe0c4abd80acf4cc71

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 Oct 2023 03:22:37 GMT
server
cloudflare
age
772
cf-polished
degrade=85, origSize=3573, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d53a7ef-SYD
content-length
2993
expires
Mon, 23 Oct 2023 00:44:14 GMT
Peter-Dutton-kamikaze-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/Peter-Dutton-kamikaze-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a4f2225ba4053652a4f745e9b28c84d37a84e92c5d363a758457d1bfa6da22

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Fri, 13 Oct 2023 02:48:54 GMT
server
cloudflare
age
1198
cf-polished
degrade=85, origSize=13519, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d56a7ef-SYD
content-length
12010
expires
Mon, 23 Oct 2023 00:37:08 GMT
Parliament-House-plumber-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/Parliament-House-plumber-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9e2d2dc8b1909f31330c3932c2b921577d3da4e0130f292a07f3131ddd34485

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Fri, 13 Oct 2023 02:50:32 GMT
server
cloudflare
age
959
cf-polished
degrade=85, origSize=4895, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d57a7ef-SYD
content-length
4295
expires
Mon, 23 Oct 2023 00:41:07 GMT
shutterstock_1868703556-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/shutterstock_1868703556-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c7d2a9bfe9ac282d92273c5c5d55b7c16ad2a07a8c3cbf22f446e9f8dbcb1f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 23:05:38 GMT
server
cloudflare
age
209
cf-polished
degrade=85, origSize=11683, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d58a7ef-SYD
content-length
10229
expires
Mon, 23 Oct 2023 00:53:37 GMT
drunken-bloke-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/drunken-bloke-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aead40a33b41b4efc902af7dceff5eb6ed1e2c436c2657850d1b9b3de65b4099

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 05:08:44 GMT
server
cloudflare
age
539
cf-polished
degrade=85, origSize=8226, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d5aa7ef-SYD
content-length
7579
expires
Mon, 23 Oct 2023 00:48:07 GMT
Mining-industry-voice-to-parliament-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/Mining-industry-voice-to-parliament-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6dde364cc68f0831c481943cdc868017f24e916a5c41f1747b9636273cfda0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 11 Oct 2023 23:31:54 GMT
server
cloudflare
age
539
cf-polished
degrade=85, origSize=8570, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d5ca7ef-SYD
content-length
7779
expires
Mon, 23 Oct 2023 00:48:07 GMT
midwives-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/midwives-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18ab7f9b2e5f7ea90d96e19784c93f2c61bb63d56ac6f138e9e634bbf3b0fec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 11 Oct 2023 04:01:19 GMT
server
cloudflare
age
539
cf-polished
degrade=85, origSize=10598, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d5da7ef-SYD
content-length
9575
expires
Mon, 23 Oct 2023 00:48:07 GMT
shutterstock_1283698663-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/shutterstock_1283698663-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4ab78fc12c45e5e87ded01e3c38d555d0c12294a70f1d8aed2d22cd8119c78a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Fri, 13 Oct 2023 04:41:05 GMT
server
cloudflare
age
1185
cf-polished
degrade=85, origSize=6990, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d5ea7ef-SYD
content-length
6321
expires
Mon, 23 Oct 2023 00:37:21 GMT
Screen-Shot-2023-10-13-at-10.55.33-am-218x150.png
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/Screen-Shot-2023-10-13-at-10.55.33-am-218x150.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10c2c2c777394420e707d7a1c19ae1dcd1926f5bc867c8271c73a90425aca730

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 23:55:53 GMT
server
cloudflare
age
539
cf-polished
origSize=56863, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d5fa7ef-SYD
content-length
50265
expires
Mon, 23 Oct 2023 00:48:07 GMT
eat-pray-love-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/eat-pray-love-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e84ca05042121bc17e996460342d5f49f5afa5ca877e0055bdefff099aff425

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 06:32:55 GMT
server
cloudflare
age
539
cf-polished
degrade=85, origSize=9710, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d61a7ef-SYD
content-length
8845
expires
Mon, 23 Oct 2023 00:48:07 GMT
shutterstock_1112530754-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/shutterstock_1112530754-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b0ff4b4a981b3e9fffbb84f18d1d74289633194ab15a04c47ceb29973c9f7e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 05:51:56 GMT
server
cloudflare
age
539
cf-polished
degrade=85, origSize=8303, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d62a7ef-SYD
content-length
7518
expires
Mon, 23 Oct 2023 00:48:07 GMT
emotionally-battered-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/emotionally-battered-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87834a3e4813e502cbc8245782e92f5b2002e06fb09232e62ee409c3e82781c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 05:45:19 GMT
server
cloudflare
age
454
cf-polished
degrade=85, origSize=9020, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d64a7ef-SYD
content-length
8156
expires
Mon, 23 Oct 2023 00:49:32 GMT
pffft-218x150.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/pffft-218x150.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23eec7b30249ab99e76f351542d008faa6a26dc03a6abc484df23453f5a94fec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 04:43:35 GMT
server
cloudflare
age
539
cf-polished
degrade=85, origSize=10672, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d65a7ef-SYD
content-length
9734
expires
Mon, 23 Oct 2023 00:48:07 GMT
berliner-324x235.jpg
www.betootaadvocate.com/wp-content/uploads/2023/10/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/10/berliner-324x235.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dc5f88d4de785d1949d532002c28a8534385d8dcf7b35019dfa3ace764cb9f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 Oct 2023 01:54:00 GMT
server
cloudflare
age
1456
cf-polished
degrade=85, origSize=20507, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d67a7ef-SYD
content-length
18721
expires
Mon, 23 Oct 2023 00:32:50 GMT
chalamat-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/09/chalamat-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d091fb725b5b5b4a9a247d260d9892afda2690843b92f8e713451a97e472e92

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Fri, 08 Sep 2023 03:07:41 GMT
server
cloudflare
age
772
cf-polished
degrade=85, origSize=3579, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d69a7ef-SYD
content-length
3029
expires
Mon, 23 Oct 2023 00:44:14 GMT
dc6hipkins-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/08/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/08/dc6hipkins-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35466f839c13a4021cec4143cba267ba28880a05d5643a18916ad09f5654d0a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 28 Aug 2023 07:11:32 GMT
server
cloudflare
age
1668
cf-polished
degrade=85, origSize=2897, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d6aa7ef-SYD
content-length
2413
expires
Mon, 23 Oct 2023 00:29:18 GMT
carrie-new-york-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/08/carrie-new-york-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7ea841400eabc144febb3b627aa518c0e05487165ed4b0fc14767962be595d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 23 Aug 2023 01:02:51 GMT
server
cloudflare
age
488
cf-polished
degrade=85, origSize=3613, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d6ba7ef-SYD
content-length
3072
expires
Mon, 23 Oct 2023 00:48:58 GMT
japanese-embassy-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/08/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/08/japanese-embassy-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e94548097a6e8f312c6fd690fa13f678ea6fea44c125039b0ab235e6983d93c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Thu, 10 Aug 2023 05:43:07 GMT
server
cloudflare
age
772
cf-polished
degrade=85, origSize=2967, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d6ca7ef-SYD
content-length
2480
expires
Mon, 23 Oct 2023 00:44:14 GMT
usa-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/08/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/08/usa-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72106031e295659b42808c4d806071f80d95b5ec63d4f1e14fb3799f7ec4cd19

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 07 Aug 2023 04:52:28 GMT
server
cloudflare
age
488
cf-polished
degrade=85, origSize=4147, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d6ea7ef-SYD
content-length
3500
expires
Mon, 23 Oct 2023 00:48:58 GMT
Lizzbian-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/08/Lizzbian-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c35c5deb2310a1020090096d759e8b8a98e5c4c19d147881d234aa0643ff24

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 02 Aug 2023 01:31:36 GMT
server
cloudflare
age
1668
cf-polished
degrade=85, origSize=3363, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d6fa7ef-SYD
content-length
2827
expires
Mon, 23 Oct 2023 00:29:18 GMT
markymark-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/07/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/07/markymark-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c6c150af6f0ce27fdbef6f8e369023bdde241b441afae270693122914bcc50f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Fri, 28 Jul 2023 06:24:25 GMT
server
cloudflare
age
1668
cf-polished
degrade=85, origSize=3181, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d70a7ef-SYD
content-length
2624
expires
Mon, 23 Oct 2023 00:29:18 GMT
piers-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/07/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/07/piers-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de4c25b3979875eac99e2816b0675fac41b2f10f4286265801215e997d765bd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Mon, 24 Jul 2023 05:30:50 GMT
server
cloudflare
cf-polished
degrade=85, origSize=2908, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d71a7ef-SYD
content-length
2440
expires
Mon, 23 Oct 2023 00:57:06 GMT
ashes-1-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/07/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/07/ashes-1-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d388e42955086ee0256d12a7cb6c7d3e253d3107dc7292c0b88cd9e4d65d31a7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Sun, 23 Jul 2023 23:52:14 GMT
server
cloudflare
age
488
cf-polished
degrade=85, origSize=2858, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d72a7ef-SYD
content-length
2418
expires
Mon, 23 Oct 2023 00:48:58 GMT
albo-100x70.jpg
www.betootaadvocate.com/wp-content/uploads/2023/07/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/07/albo-100x70.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
608479402f9a9c10758fa4718f5159928520f0354f3859d72cadd8b90590bc03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Jul 2023 06:54:00 GMT
server
cloudflare
age
772
cf-polished
degrade=85, origSize=3230, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d74a7ef-SYD
content-length
2758
expires
Mon, 23 Oct 2023 00:44:14 GMT
Betoota-Advocate-Black-in-Red-Footer-Mark.svg
www.betootaadvocate.com/wp-content/uploads/2018/07/ 		27 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2018/07/Betoota-Advocate-Black-in-Red-Footer-Mark.svg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da4fada3595750f81fdaa0208de38c9526ed2e992e3d9493b8ce5cec75626c30

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 01 Jul 2018 23:58:25 GMT
server
cloudflare
age
712
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a5d76a7ef-SYD
content-length
13818
expires
Mon, 23 Oct 2023 00:45:14 GMT
/
js.stripe.com/v3/ 		542 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/?ver=2.33.2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-83.syd1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
46b9c946d5cc06a76dc2622f8fc4cbea06af1fbf3d9aadbede5a3a8cb3a8a714
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 00:56:55 GMT
via
1.1 49a6e32d0e77764a9e697970808fdae8.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
12
x-cache
Hit from cloudfront
last-modified
Sat, 14 Oct 2023 00:49:21 GMT
server
Cloudfront
etag
W/"2c8506ed62db7c163dafec765b34b823"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
-d5JPCBMkK2VTbVqG_mrhUsAs9xe-JIF3snvfmAT17CqQt4pTBzFSQ==
/
www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/ 		246 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/give/assets/dist/js/give-stripe.js,wp-includes/js/dist/vendor/wp-polyfill-inert.min.js,wp-includes/js/dist/vendor/regenerator-runtime.min.js,wp-includes/js/dist/vendor/wp-polyfill.min.js,wp-includes/js/dist/hooks.min.js,wp-includes/js/dist/i18n.min.js,wp-content/plugins/give/assets/dist/js/give.js,wp-content/plugins/give/assets/dist/js/give-donation-summary.js,wp-content/plugins/give-stripe/assets/dist/js/give-stripe-payment-request.js,wp-includes/js/underscore.min.js
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0a02e6122bdf996f96119d55a826c29725e0d9e8fd4c28bef941a78ea549af6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 19 Sep 2023 01:34:42 GMT
server
cloudflare
age
1668
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=86400
cf-apo-via
tcache
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a2d0fa7ef-SYD
content-length
80750
expires
Tue, 17 Oct 2023 00:29:18 GMT
/
www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/ 		543 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js,wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js,wp-includes/js/comment-reply.min.js,wp-content/themes/betootaadvocate/lib/js/ba.min.js,wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js,wp-content/plugins/instagram-feed/js/sbi-scripts.min.js
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f858c1a94ec5d7ebc46acd4254265e5300514ca8817cdc19dd973cc91aca65b5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 06 Oct 2023 06:14:08 GMT
server
cloudflare
age
1668
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=86400
cf-apo-via
tcache
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588a4d2da7ef-SYD
content-length
131938
expires
Tue, 17 Oct 2023 00:29:18 GMT
connatix.playspace.js
cd.connatix.com/ Frame 1976 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cd.connatix.com/connatix.playspace.js?cid=a821a8e3-bc2e-4dbf-9d9a-469b20b5afbc
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
374783ba32e3b6c017c3b6b5e62415acc413d049612f62be0130a1005dbf3a26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
816c588a8ad2a96d-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
embed
omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/ Frame D168 		384 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91bea587558295b681d6c676693313e054b122f81e85eb29b875ea6f68a0868f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://omny.fm;connect-src 'self' https: https://*.googletagmanager.com https://*.google-analytics.com;script-src 'self' https://www.google-analytics.com https://ssl.google-analytics.com https://*.googletagmanager.com https://static.cloudflareinsights.com 'sha256-6pA+OLZkWFNcDsOkbEY8B8aF2uV+AHr8J3RzrTdq8j0=' https://connect.facebook.net;style-src 'self' 'unsafe-inline';font-src 'self';img-src 'self' data: https://www.omnycontent.com https:;media-src 'self' https:;worker-src 'none';object-src 'none'

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=120
cf-cache-status
HIT
cf-ray
816c588cfa41a980-SYD
content-encoding
br
content-security-policy
default-src 'self' https://omny.fm;connect-src 'self' https: https://*.googletagmanager.com https://*.google-analytics.com;script-src 'self' https://www.google-analytics.com https://ssl.google-analytics.com https://*.googletagmanager.com https://static.cloudflareinsights.com 'sha256-6pA+OLZkWFNcDsOkbEY8B8aF2uV+AHr8J3RzrTdq8j0=' https://connect.facebook.net;style-src 'self' 'unsafe-inline';font-src 'self';img-src 'self' data: https://www.omnycontent.com https:;media-src 'self' https:;worker-src 'none';object-src 'none'
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:57:07 GMT
etag
W/"pt8actediz8f9y"
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
Betoota_Generic_HomePageBanner.jpg
www.betootaadvocate.com/wp-content/uploads/2023/06/ 		186 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2023/06/Betoota_Generic_HomePageBanner.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fe62006eb24f633f53a11d09f19a42e22c7ce960ec2b3f471226fdb5bce3235

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 14 Jun 2023 23:40:06 GMT
server
cloudflare
age
1456
cf-polished
degrade=85, origSize=533023, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588adddfa7ef-SYD
content-length
190008
expires
Mon, 23 Oct 2023 00:32:51 GMT
Betoota-Podcast-Banner.png
www.betootaadvocate.com/wp-content/uploads/2018/07/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2018/07/Betoota-Podcast-Banner.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dea00bf10e0e94309b80e6e574a91e18712ade7cbf6107b42093cf60c74f782

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 02 Jul 2018 04:37:02 GMT
server
cloudflare
age
1456
cf-polished
origSize=197454, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588adde0a7ef-SYD
content-length
169738
expires
Mon, 23 Oct 2023 00:32:51 GMT
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/librebaskerville/v14/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Apr 2022 16:42:07 GMT
server
cloudflare
age
57324
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=1800
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
816c588aede3a7ef-SYD
content-length
27120
KFOmCnqEu92Fr1Mu4mxK.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
cloudflare
age
1115748
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=1800
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
816c588aede4a7ef-SYD
content-length
15744
newspaper.woff
www.betootaadvocate.com/wp-content/themes/Newspaper/images/icons/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?221
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/instagram-feed/css/sbi-styles.min.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/give/assets/dist/css/give-donation-summary.css,wp-content/plugins/give-recurring/assets/css/give-recurring.min.css,wp-content/plugins/td-composer/td-multi-purpose/style.css,wp-content/themes/betootaadvocate/style.css,wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css,wp-content/themes/Newspaper/style.css,wp-content/themes/betootaadvocate/lib/css/ba.css,wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805

Request headers

Referer
https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/instagram-feed/css/sbi-styles.min.css,wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/give/assets/dist/css/give-donation-summary.css,wp-content/plugins/give-recurring/assets/css/give-recurring.min.css,wp-content/plugins/td-composer/td-multi-purpose/style.css,wp-content/themes/betootaadvocate/style.css,wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css,wp-content/themes/Newspaper/style.css,wp-content/themes/betootaadvocate/lib/css/ba.css,wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
last-modified
Tue, 25 Jul 2023 03:58:08 GMT
server
cloudflare
age
1458
vary
User-Agent, Accept-Encoding
content-type
font/woff
cache-control
max-age=1800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588aede5a7ef-SYD
content-length
33488
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
cloudflare
age
1018
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=1800
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
816c588aede6a7ef-SYD
content-length
15920
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/opensans/v36/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
cloudflare
age
1132
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=1800
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
816c588aede7a7ef-SYD
content-length
48432
S6uyw4BMUTPHjx4wXg.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
cloudflare
age
1018
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=1800
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
816c588aede9a7ef-SYD
content-length
23580
S6u9w4BMUTPHh6UVSwiPGQ.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
cloudflare
age
1018
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=1800
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
816c588aedeaa7ef-SYD
content-length
23040
buy-button-storefront.min.js
sdks.shopifycdn.com/buy-button/latest/ 		366 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.146.173.20 , Sweden, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf41f73936eefaed7c45ed6df28b056c2e1f7b44b0ffe63d56d07d081cf7f428
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
2955
content-encoding
br
server-timing
imagery;dur=263.264, imageryFetch;dur=263.034, cfRequestDuration;dur=9.000063
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
323fc645-10d9-43d0-83c0-834982a757a1
last-modified
Sun, 15 Oct 2023 20:47:47 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hXPuTjCgQ93u61wDXfXNgB1qp6xRCvGNCRQjX678SvYfNE7naAx3yGSL1ORlCa%2BqyhZzUl5wTwSIAdZzynd65mPGdU5FjVbzOJ1wqE6hOFaPyBR61EeMFg9ox9yNj5eU4jN93M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
timing-allow-origin
*
link
<https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js>; rel="canonical"
cf-ray
816c588b4f7ba888-SYD
BG-Newsletter.jpg
www.betootaadvocate.com/wp-content/uploads/2018/06/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.betootaadvocate.com/wp-content/uploads/2018/06/BG-Newsletter.jpg
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd84760f0d592333d5d12f51a4ca2b38b77c81e71fad2fa3c0f83a9701275bee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Thu, 28 Jun 2018 10:23:16 GMT
server
cloudflare
age
1456
cf-polished
degrade=85, origSize=253692, status=vary_header_present
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588b6e85a7ef-SYD
content-length
142091
expires
Mon, 23 Oct 2023 00:32:51 GMT
kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/librebaskerville/v14/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Apr 2022 15:45:46 GMT
server
cloudflare
age
57324
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=1800
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
816c588b7e87a7ef-SYD
content-length
27976
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
www.betootaadvocate.com/fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

Referer
https://www.betootaadvocate.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
cloudflare
age
1048005
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=1800
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
816c588b9ea5a7ef-SYD
content-length
15860
2980
cdn-header-bidding.snack-media.com/assets/js/snack-loader/ 		41 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-header-bidding.snack-media.com/assets/js/snack-loader/2980?cb=9
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SYD1-1151 / PHP/8.2.7
Resource Hash
7acfe1349d1f2ebea60d0a2c9278f4235595740d286d10e6ed91d8ee0f0533fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cdn-edgestorageid
1151
x-powered-by
PHP/8.2.7
cdn-cachedat
10/16/2023 00:18:39
cdn-pullzone
145563
server
BunnyCDN-SYD1-1151
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
cf85643b-ef61-4e40-8871-e5ff38046499
cache-control
public, max-age=3600
cdn-requestid
99b473f7751e5916d2dac35b1256cacd
cdn-requestcountrycode
AU
link
<https://header-bidding.snack-media.com/wp-json/>; rel="https://api.w.org/"
cdn-status
200
expires
Mon, 16 Oct 2023 00:57:13 GMT
produce
monorail-edge.shopifysvc.com/v1/ 		0
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.57.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
242.57.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
via
1.1 google
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.betootaadvocate.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
fa5f4717-dad3-4f18-bbdd-4e60d9b1ec98
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f42.1e100.net
Software
sffe /
Resource Hash
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 12:59:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5480
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 12:59:21 GMT
wp-emoji-release.min.js
www.betootaadvocate.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 11 Sep 2023 03:37:21 GMT
server
cloudflare
age
1018
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
816c588c5f6fa7ef-SYD
content-length
5744
expires
Mon, 23 Oct 2023 00:40:09 GMT
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 5B88 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=2.33.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-83.syd1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3237
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:03:11 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Mon, 09 Oct 2023 20:07:21 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 49a6e32d0e77764a9e697970808fdae8.cloudfront.net (CloudFront)
x-amz-cf-id
FHSWzEeVCfDqeOEnXMl0fza8CDG7m9N9lvGIhynKbaHDgoqZBebIcg==
x-amz-cf-pop
SYD1-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
admin-ajax.php
www.betootaadvocate.com/wp-admin/ 		336 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.betootaadvocate.com/wp-admin/admin-ajax.php
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/js/jquery/jquery.min.js,wp-content/plugins/give-recurring/assets/js/give-recurring.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.21.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c00fc21fd70d52ae4d157e55768305f75110de0d445f53404461fbd6bbaf70f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.betootaadvocate.com/
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-edge-cache
cache,platform=wordpress
date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, must-revalidate, max-age=0, no-store
access-control-allow-credentials
true
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex
cf-ray
816c588c7fc2a7ef-SYD
expires
Wed, 11 Jan 1984 05:00:00 GMT
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 5B88 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-83.syd1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Mon, 16 Oct 2023 00:04:51 GMT
x-content-type-options
nosniff
via
1.1 49a6e32d0e77764a9e697970808fdae8.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
3137
x-cache
Hit from cloudfront
content-length
631
last-modified
Mon, 09 Oct 2023 20:07:19 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Ymh3ZfXYJ_hbaNMwwCBgNFp4Si51r1OC6h5vLNYigyRx28EbLj0w4w==
csp-report
q.stripe.com/ Frame 5B88 		0
718 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697417827671089
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697417827670518
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 5B88 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697417827670981
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697417827670533
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f42.1e100.net
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 22:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
94407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 22:43:40 GMT
inner.html
m.stripe.network/ Frame CB56 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-111.syd1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
112
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:55:16 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
x-amz-cf-id
BgniIPLA7UMfcdhiKNjGDgMGYADQHOyEud0jhAJUHhQQnQijZ1lCig==
x-amz-cf-pop
SYD1-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
choice.js
cmp.quantcast.com/choice/0Q_T1ja8r-Dkk/www.betootaadvocate.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/0Q_T1ja8r-Dkk/www.betootaadvocate.com/choice.js?tag_version=V2
Requested by
Host: widgets.snack-projects.co.uk
URL: https://widgets.snack-projects.co.uk/gdpr/snack-cmp_v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b0985500e3236a84c73680579f8da40d6f7505d40f43727bbb9663d22e46df4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
via
1.1 7deef1b127ef20298bc2b899e7c84e4a.cloudfront.net (CloudFront)
last-modified
Thu, 10 Aug 2023 23:29:29 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C2
age
1
x-amz-server-side-encryption
AES256
etag
W/"8ee0efc1d0e23f021a63324ce2c19f17"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
W879b2IO4B28YOMhqNiXzsO8-zr__cxsC6uh16odABHpcJFVe-JNXQ==
704ed1af0f526450.css
omny.fm/_next/static/css/ Frame D168 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/css/704ed1af0f526450.css
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da215db3f2d474c22f8365302f29d5ba126a62461fafd34e9ebadeec97d9b150

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Aug 2023 16:56:22 GMT
server
cloudflare
age
3914755
etag
W/"3ab6-189d613fef0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e5baca980-SYD
alt-svc
h3=":443"; ma=86400
webpack-fcb3864af6f34abc.js
omny.fm/_next/static/chunks/ Frame D168 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/webpack-fcb3864af6f34abc.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2579d24c31ffb85fbc6b65cc3e0d7dd72c0e3542379483e54c88b0190e9ef49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 06:14:48 GMT
server
cloudflare
age
2137308
etag
W/"1183-18ab6606fc0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e5bafa980-SYD
alt-svc
h3=":443"; ma=86400
framework-e80d50c86cecd1b2.js
omny.fm/_next/static/chunks/ Frame D168 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/framework-e80d50c86cecd1b2.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
450b99a8f26cbeda4af46867bebc233cc126e696e321b8ba9a4d2e2e2d31dc63

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 06:14:48 GMT
server
cloudflare
age
1047333
etag
W/"226d4-18ab6606fc0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e7bcda980-SYD
alt-svc
h3=":443"; ma=86400
main-9fc6e3eef03d2e7f.js
omny.fm/_next/static/chunks/ Frame D168 		153 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/main-9fc6e3eef03d2e7f.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14f9143eae1d071e0ae1e1d309264929ca1e1f86cf37b1d21bb60f6b4468340f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 06:14:48 GMT
server
cloudflare
age
2137308
etag
W/"26216-18ab6606fc0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e7bcea980-SYD
alt-svc
h3=":443"; ma=86400
_app-06c26f6bf6efc924.js
omny.fm/_next/static/chunks/pages/ Frame D168 		624 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/pages/_app-06c26f6bf6efc924.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ade1fae800847f7cf96a29237856bd7a4ea1892473a5e0c2aaba595955c103

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 23:50:30 GMT
server
cloudflare
age
253125
etag
W/"9c169-18b264c8170"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e7bcfa980-SYD
alt-svc
h3=":443"; ma=86400
6065-67afd97643376f2e.js
omny.fm/_next/static/chunks/ Frame D168 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/6065-67afd97643376f2e.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b536ded558ccf7c84991908c01dfea31e4a894e52f68356583027d78d35c706

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 06:14:48 GMT
server
cloudflare
age
2137308
etag
W/"c317-18ab6606fc0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e7bd0a980-SYD
alt-svc
h3=":443"; ma=86400
8226-9755d9a83ee9ed50.js
omny.fm/_next/static/chunks/ Frame D168 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/8226-9755d9a83ee9ed50.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fbf6d8d0202c8d7545af100b9865c2341c333220735bebbb8c243430300e46d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 06:14:48 GMT
server
cloudflare
age
141122
etag
W/"3fd3-18ab6606fc0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e7bd1a980-SYD
alt-svc
h3=":443"; ma=86400
7367-3ffbc007cf043124.js
omny.fm/_next/static/chunks/ Frame D168 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/7367-3ffbc007cf043124.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68f9878ec0d1bcae87fa4f7c68767acd4058ec2107e4105646c87aee8334e936

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 06:14:48 GMT
server
cloudflare
age
2137308
etag
W/"294c-18ab6606fc0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e7bd2a980-SYD
alt-svc
h3=":443"; ma=86400
4632-819a2caabbb560a3.js
omny.fm/_next/static/chunks/ Frame D168 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/4632-819a2caabbb560a3.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0f04de453c30ecdd35b7f19f279f888a0146540947582b180d47f1939516536

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 23:50:30 GMT
server
cloudflare
age
253122
etag
W/"2e63-18b264c8170"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e7bd4a980-SYD
alt-svc
h3=":443"; ma=86400
4715-9e01c9c1cc6f75b4.js
omny.fm/_next/static/chunks/ Frame D168 		107 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/4715-9e01c9c1cc6f75b4.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b91c17ed7e0f30dbe51f85b27c376b5d1c509ffae03a73d97583d49696490a5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 23:50:30 GMT
server
cloudflare
age
253122
etag
W/"1ab94-18b264c8170"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e7bd5a980-SYD
alt-svc
h3=":443"; ma=86400
8743-096c1b7b8d2a0fa2.js
omny.fm/_next/static/chunks/ Frame D168 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/8743-096c1b7b8d2a0fa2.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73756a678e8e2a8aa4c3ebec6843b379474c1ecb7bd3124f879157141746475

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 06:14:48 GMT
server
cloudflare
age
2137306
etag
W/"ac2-18ab6606fc0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e7bd6a980-SYD
alt-svc
h3=":443"; ma=86400
3375-7a10121d83385013.js
omny.fm/_next/static/chunks/ Frame D168 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/3375-7a10121d83385013.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f0c2016ec4207a1f68ae53cf67bbd0102e37c451bac9483123aaf2a36b71d5b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 06:14:48 GMT
server
cloudflare
age
2137306
etag
W/"373f-18ab6606fc0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e7bd7a980-SYD
alt-svc
h3=":443"; ma=86400
embed-1009b890646ad060.js
omny.fm/_next/static/chunks/pages/shows/%5BprogramSlug%5D/playlists/%5BplaylistSlug%5D/ Frame D168 		448 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/pages/shows/%5BprogramSlug%5D/playlists/%5BplaylistSlug%5D/embed-1009b890646ad060.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbe874c7392bb5beeed5f6b8d017692c5cbc7c540a3582987d83614ec9be2e15

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 06:14:48 GMT
server
cloudflare
age
2137306
etag
W/"1c0-18ab6606fc0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e7bd8a980-SYD
alt-svc
h3=":443"; ma=86400
_buildManifest.js
omny.fm/_next/static/GwgShPwH7hrsarPQ9pLlr/ Frame D168 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/GwgShPwH7hrsarPQ9pLlr/_buildManifest.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
699d6786cba8479229fa412a5b6347e5eedc69308bd776a815b77bd1a443dd3d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 23:50:08 GMT
server
cloudflare
age
253118
etag
W/"1102-18b264c2b80"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e7bd9a980-SYD
alt-svc
h3=":443"; ma=86400
_ssgManifest.js
omny.fm/_next/static/GwgShPwH7hrsarPQ9pLlr/ Frame D168 		77 B
130 B 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/GwgShPwH7hrsarPQ9pLlr/_ssgManifest.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 23:50:08 GMT
server
cloudflare
age
253125
etag
W/"4d-18b264c2b80"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
816c588e7bdaa980-SYD
alt-svc
h3=":443"; ma=86400
image.jpg
www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/ Frame D168
Redirect Chain
  • https://www.omnycontent.com/d/clips/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/d9c7e2fa-32ae-4309-bea8-b09c005a0bae/image.jpg?t=1674168181&in_playlist=5f80b78c-7adf-4...
  • https://www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Small&t=1674168181
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Small&t=1674168181
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Server
99.84.203.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-203-101.lax3.r.cloudfront.net
Software
cloudflare /
Resource Hash
e22a50c334577787dd805c6fec9388d7001fd7bd4a0b92179e39b62b0179edb0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 00:45:04 GMT
via
1.1 08523828eac58ab546028ccf39ec743c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
LAX3-C3
age
2333524
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
22234
cf-bgj
h2pri
last-modified
Thu, 19 Jan 2023 23:19:47 GMT
server
cloudflare
etag
"0x8DAFA73A7D63E7A"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
808dcdc55e28229f-SJC
x-amz-cf-id
DpXkJhEvPEZD0VvfFtWz9s__YWnpCTJpdWgdSFkShaCMAPxqNuqxeg==

Redirect headers

date
Mon, 16 Oct 2023 00:56:33 GMT
via
1.1 08523828eac58ab546028ccf39ec743c.cloudfront.net (CloudFront)
cf-cache-status
EXPIRED
server
cloudflare
x-amz-cf-pop
LAX3-C3
age
35
vary
Accept-Encoding
x-cache
Hit from cloudfront
access-control-allow-origin
*
location
/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Small&t=1674168181
cache-control
public, max-age=60
cf-ray
816c57bb2c82cf0d-SJC
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
3-TmYYyJn3lXT7oWQQMIBxOuDC5FU0AAMc6YFvmlDZBva_MZxdxcSA==
image.jpg
www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/ Frame D168
Redirect Chain
  • https://www.omnycontent.com/d/clips/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/d9c7e2fa-32ae-4309-bea8-b09c005a0bae/image.jpg?t=1674168181&in_playlist=5f80b78c-7adf-4...
  • https://www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Thumbnail&t=1674168181
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.omnycontent.com/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Thumbnail&t=1674168181
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-betoota-advocate-podcast/playlists/podcast/embed?share=0&download=0&description=0&follow=0&playlistimages=0&playlistshare=1&foreground=f5f2f5&background=232831&highlight=232831
Protocol
H2
Server
99.84.203.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-203-101.lax3.r.cloudfront.net
Software
cloudflare /
Resource Hash
3d230ded0d47548eca5bdbda2107399f501a5c06e2cdd900f449fee17541ee76

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 00:45:04 GMT
via
1.1 08523828eac58ab546028ccf39ec743c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
LAX3-C3
age
2338363
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2768
cf-bgj
h2pri
last-modified
Tue, 24 Jan 2023 11:00:19 GMT
server
cloudflare
etag
"0x8DAFDFA2EE2AEE8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
808dcdc57e3915d8-SJC
x-amz-cf-id
eQmdGXkGemXXtAg8WcsBcpY-jgU_gRJfT2PNzSj9j5H8NSOLvAGnzA==

Redirect headers

date
Mon, 16 Oct 2023 00:56:17 GMT
via
1.1 08523828eac58ab546028ccf39ec743c.cloudfront.net (CloudFront)
cf-cache-status
EXPIRED
server
cloudflare
x-amz-cf-pop
LAX3-C3
age
51
vary
Accept-Encoding
x-cache
Hit from cloudfront
access-control-allow-origin
*
location
/d/playlist/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/5f80b78c-7adf-4b90-abed-af8f01765c4d/image.jpg?size=Thumbnail&t=1674168181
cache-control
public, max-age=60
cf-ray
816c5752ed2f9441-SJC
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
vGcK_yHkYz9asaMkTQgNGSt1-mVUfZ0Lz40StL1D72hFXbogb8PFTw==
open-sans-latin-600-normal.0270e39b.woff2
omny.fm/_next/static/media/ Frame D168 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/media/open-sans-latin-600-normal.0270e39b.woff2
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/css/704ed1af0f526450.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134

Request headers

Referer
https://omny.fm/_next/static/css/704ed1af0f526450.css
Origin
https://omny.fm
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:18 GMT
server
cloudflare
age
3914797
etag
W/"419c-184cdab79f0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
816c588eac0da980-SYD
alt-svc
h3=":443"; ma=86400
content-length
16796
open-sans-latin-700-normal.58fa2153.woff2
omny.fm/_next/static/media/ Frame D168 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/media/open-sans-latin-700-normal.58fa2153.woff2
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/css/704ed1af0f526450.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3

Request headers

Referer
https://omny.fm/_next/static/css/704ed1af0f526450.css
Origin
https://omny.fm
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:18 GMT
server
cloudflare
age
27555522
etag
W/"3fe8-184cdab79f0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
816c588eac0ea980-SYD
alt-svc
h3=":443"; ma=86400
content-length
16360
open-sans-latin-400-normal.abd3eb12.woff2
omny.fm/_next/static/media/ Frame D168 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/media/open-sans-latin-400-normal.abd3eb12.woff2
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/css/704ed1af0f526450.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Request headers

Referer
https://omny.fm/_next/static/css/704ed1af0f526450.css
Origin
https://omny.fm
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:18 GMT
server
cloudflare
age
27555526
etag
W/"4150-184cdab79f0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
816c588eac0fa980-SYD
alt-svc
h3=":443"; ma=86400
content-length
16720
js
www.googletagmanager.com/gtag/ 		225 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4ZLLC2NYSG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56468053-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
31c43209cf08c259d5905088dec284224a18adf88856d22565475ea555c6ce31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80973
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Oct 2023 00:57:07 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-56468053-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 00:12:03 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2705
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 16 Oct 2023 02:12:03 GMT
/
o479328.ingest.sentry.io/api/6149200/envelope/ Frame D168 		2 B
333 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o479328.ingest.sentry.io/api/6149200/envelope/?sentry_key=26e057be21a84efb8189b730ef099727&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.35.0
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/chunks/pages/_app-06c26f6bf6efc924.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://omny.fm/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
css
fonts.googleapis.com/ Frame 5FE2 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Baskerville%7COpen+Sans%7COpen+Sans%7COpen+Sans%7COpen+Sans%7CLibre+Baskerville%7COpen+Sans%7COpen+Sans
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
0c7a2b95686c14f42fff7ea82f42957f1f42fb9ab76eb3d9d899a0dce4333285
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 00:57:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 00:57:08 GMT
waveform
www.omnycontent.com/d/clips/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/d9c7e2fa-32ae-4309-bea8-b09c005a0bae/ Frame D168 		14 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.omnycontent.com/d/clips/d3d56d8d-11c9-411a-aade-af8f001be4a7/9f15e84a-d445-453a-8af2-af8f01765c36/d9c7e2fa-32ae-4309-bea8-b09c005a0bae/waveform?t=1697347785&token=TuvIGnuj0W7Xo0XxaL5L3LbBhfbqSllU
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/chunks/pages/_app-06c26f6bf6efc924.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.203.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-203-101.lax3.r.cloudfront.net
Software
cloudflare /
Resource Hash
1852ef3555966311ab29f605ea10c4bb398df5b14769f7db8f97be90f2dc5858

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:02:57 GMT
content-encoding
br
via
1.1 89a4ab78825672db6312480622f560a0.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
LAX3-C3
age
21251
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 15 Oct 2023 05:29:45 GMT
server
cloudflare
etag
W/"0x8DBCD3FBDBE8B1B"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=5184000
cf-ray
816a51c38fa616a2-SJC
x-amz-cf-id
l8oBHDC0G8Snx2YmPMTrNyziw0fdIIg3N0jf1qQuxrY_3c_NePESmw==
styles.css
a.mailmunch.co/app/v1/ 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/styles.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-60.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 16:03:19 GMT
content-encoding
gzip
via
1.1 291933b5bb7fbb03efd999a83bb9696a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
118429
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2274
last-modified
Thu, 12 Oct 2023 13:37:36 GMT
server
AmazonS3
etag
"2d0ee7991ba0af7c6998c43890c39369"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
ZuH9L8b3LlAcvaclblpoirRMmif4PTf5569zXbXEk2RRoWNUixkDKA==
103219
forms.mailmunch.co/sites/ 		130 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.mailmunch.co/sites/103219
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.204.242.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-242-176.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
c0d9da2fa45f8030b01b43e0ba489d55d5e4c9ed0124fd437a780b981b1bda94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:08 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Powered-By
Express
Connection
keep-alive
Content-Length
130
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1697417828&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=qpoBlLjbqZeEqYC8OWo188nyJx56gUxJTfl9bbg6b0Q%3D
X-Mm-T
Server
Cowboy
Etag
W/"82-Yy9ipGoxPRshVBsQLkE/+x7TVv8"
Vary
Accept-Encoding
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1697417828&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=qpoBlLjbqZeEqYC8OWo188nyJx56gUxJTfl9bbg6b0Q%3D"}]}
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-MM-Comp-Tracking, X-MM-EU-Continent, X-MM-T
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, X-MM-Form-Tool, X-MM-Coupons
csp-report
q.stripe.com/ Frame CB56 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697417827944175
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1697417827943607
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame CB56 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-111.syd1.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 16 Oct 2023 00:55:15 GMT
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
etag
W/"69cb7809b5011312e716f29b3d19dce6"
age
112
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
Vm_I4YVzO-AyiGXvqZ55zacnqN_NKdRi5lyEbBfP77_wiQKttT5wTw==
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/0Q_T1ja8r-Dkk/www.betootaadvocate.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 23 Oct 2023 00:57:08 GMT
cmp2.js
cmp.quantcast.com/tcfv2/ 		160 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.betootaadvocate.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/0Q_T1ja8r-Dkk/www.betootaadvocate.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77bcb4c37f64db9971f05424bd125a9d48fa46729effa3c90cfa90bd6d705bd2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:15:37 GMT
content-encoding
gzip
via
1.1 7deef1b127ef20298bc2b899e7c84e4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
2491
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Thu, 28 Sep 2023 19:02:47 GMT
server
AmazonS3
etag
W/"04d1a85b65b7e4c29bbd9bf3487f3854"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
x-amz-cf-id
ennt63SJ5XCSHDL8QrqSLaSk-fWSFDLGIH-euXtZuBogEf39czqI3w==
op.js
tagan.adlightning.com/valnet-snackmedia/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet-snackmedia/op.js
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/snack-loader/2980?cb=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8df78a622d3bb2beeb96ec57808c0c1e711a14ccf1a3df971e21da2f561d33a4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
KHWXbQWsuH34ll281Qy9dvZAH6QSebEz
content-encoding
gzip
via
1.1 49a6e32d0e77764a9e697970808fdae8.cloudfront.net (CloudFront)
date
Mon, 16 Oct 2023 00:28:57 GMT
x-amz-cf-pop
SYD1-C1
age
1691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7047
x-amz-meta-git_commit
ef0aa10
last-modified
Fri, 13 Oct 2023 00:17:26 GMT
server
AmazonS3
etag
"952d9c5cd9ead9c5e8a103e5082121f0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
P7eDNwSvVmcmXw8GJkQORuOeRrjZxgL6HSF1P-cbCizS-SbobrxX5Q==
d280555d-43c9-4617-8a74-e00bdddc2217
boot.pbstck.com/v1/tag/ 		3 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/tag/d280555d-43c9-4617-8a74-e00bdddc2217
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/snack-loader/2980?cb=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f52ed4fb54c0ac3e3adec10f593ffa691a785d2d72c100f6afb29ba38ad37822

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=120
timing-allow-origin
*
cf-ray
816c58924f3ba7f9-SYD
alt-svc
h3=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/snack-loader/2980?cb=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
7a06a8ebef7061b6c6f768f520d5b98b7a0830c3c3517b3e4f9a99767cf15a9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29780
x-xss-protection
0
server
cafe
etag
804 / 19646 / 31078750 / config-hash: 16770446656291207178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 00:57:08 GMT
prebid-8.6.0-std_v3.js
cdn-header-bidding.snack-media.com/assets/js/ 		489 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/snack-loader/2980?cb=9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SYD1-1151 /
Resource Hash
7cc3f5c2779a9f7886d1138b000c3b2f304428dcc74a9623237142f9795bf827

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
br
cdn-edgestorageid
1151
cdn-cachedat
10/16/2023 00:57:03
cdn-pullzone
145563
last-modified
Thu, 05 Oct 2023 09:19:26 GMT
server
BunnyCDN-SYD1-1151
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"7a2b3-606f49ed4d2be"
vary
Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
cf85643b-ef61-4e40-8871-e5ff38046499
cache-control
max-age=30
cdn-requestid
383fd6299e3cdcf58bf42639c596b18f
cdn-requestcountrycode
AU
cdn-status
200
expires
Mon, 16 Oct 2023 00:57:03 GMT
collect
www.google-analytics.com/g/ 		0
176 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-4ZLLC2NYSG&gtm=45je3ab0&_p=896130630&cid=65793330.1697417828&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1697417827&sct=1&seg=0&dl=https%3A%2F%2Fwww.betootaadvocate.com%2F&dt=The%20Betoota%20Advocate%20-%20Australia%27s%20Oldest%20And%20Favourite%20Newspaper&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4ZLLC2NYSG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b-ef0aa10-269dfc27.js
tagan.adlightning.com/valnet-snackmedia/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet-snackmedia/b-ef0aa10-269dfc27.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fed462ba5f158bfc40e78b0f100ffb6768965b63918853a56a980b293313527b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 17:12:33 GMT
content-encoding
gzip
via
1.1 49a6e32d0e77764a9e697970808fdae8.cloudfront.net (CloudFront)
x-amz-version-id
MuITPnSOJ5ofabNjUgFbEAQ1VHuaPTfX
x-amz-cf-pop
SYD1-C1
age
632674
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28139
x-amz-meta-git_commit
ef0aa10
last-modified
Tue, 19 Sep 2023 17:12:21 GMT
server
AmazonS3
etag
"b23e9b5271a340ca4f053d20d75af4b3"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
GGqjBTuQd4DjqLS7_4QkA5kl8ThYgPUqKMMERpDO6qZHpctVq40FsA==
bl-34df212-52b7662b.js
tagan.adlightning.com/valnet-snackmedia/ 		51 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet-snackmedia/bl-34df212-52b7662b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c2578a23a9cb035d58f7d90010a0b11922175f96ddfa589dc7510e0f439fa89

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 00:27:08 GMT
content-encoding
gzip
via
1.1 49a6e32d0e77764a9e697970808fdae8.cloudfront.net (CloudFront)
x-amz-version-id
D.9jNg09NKQt0_krdmDpP9QBetVD0RGi
x-amz-cf-pop
SYD1-C1
age
261000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21994
x-amz-meta-git_commit
34df212
last-modified
Fri, 13 Oct 2023 00:17:06 GMT
server
AmazonS3
etag
"2e669175d9a3ca7b658211badddea5b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
eTxSxgb4Cec6tFKvJBORvil69M3uRnWg809bdFWP4wetpH-pXjCkcQ==
6
m.stripe.com/ Frame CB56 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.147.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-147-169.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
dd29a94d8e4d6b76b18fff334bd1f11939aa6aa5b55261d62dce91c3ca0d7463
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Mon, 16 Oct 2023 00:57:08 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697417828362952
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1697417828362494
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
edgekit.min.js
cdn.edkt.io/7dDzS0/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/7dDzS0/edgekit.min.js
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ae79e9d258d8a5279ebb7b726485c5a74bab661c29617a3b2cc2d5e0741be191

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 14:45:13 GMT
content-encoding
gzip
age
36715
x-guploader-uploadid
ADPycdvW7csA-6VglXGB41stEyyxGT3nF90cNrienkS2dErIaxhysEKYlYJJLlc-xnnLaJq6W9LaY5QuEsYIZJxcK-K3Ug
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7874
last-modified
Thu, 12 Oct 2023 12:19:02 GMT
server
UploadServer
etag
"a788c0c3f02fac5a7afed43885252e4b"
x-goog-generation
1697113142485917
x-goog-hash
crc32c=4WvP5A==, md5=p4jAw/AvrFp6/tQ4hSUuSw==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
7874
accept-ranges
bytes
expires
Mon, 16 Oct 2023 14:45:13 GMT
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:08 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 02 Oct 2023 15:19:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1157662
ETag
W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FR7mfMhzJiIqpf8bEx6MeSz05ria6tXKnogfSHBQeDRJU7kDefJlQCwoUa%2BgTkkxQrL4586gTz3hs9b42x5%2BDpJf3ACrNi0GmFN%2Bosf2CO6LXHkqS%2FC58qSlproDibuk"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
816c58930ddfaaf3-SYD
fastlane.json
fastlane.rubiconproject.com/a/api/ 		338 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11106&site_id=118386&zone_id=2873482&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!snack-media.com,SNM_2980,1,,,&eid_pubcid.org=d7486357-ffae-4fa2-a1d4-5075871fa2b4%5E1&rf=https%3A%2F%2Fwww.betootaadvocate.com%2F&tg_i.domain=betootaadvocate.com&tg_i.page=https%3A%2F%2Fwww.betootaadvocate.com%2F&tk_flint=pbjs_lite_v8.6.0&l_pb_bid_id=2b49b2eb328d99&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3739250111877783
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
38b70ed8c520a70155b264115c991e54a9aeca37b6ffd988ec82641be6d9f440

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		315 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11106&site_id=118386&zone_id=2873482&size_id=2&gdpr=0&rp_schain=1.0,1!snack-media.com,SNM_2980,1,,,&eid_pubcid.org=d7486357-ffae-4fa2-a1d4-5075871fa2b4%5E1&rf=https%3A%2F%2Fwww.betootaadvocate.com%2F&tg_i.domain=betootaadvocate.com&tg_i.page=https%3A%2F%2Fwww.betootaadvocate.com%2F&tk_flint=pbjs_lite_v8.6.0&l_pb_bid_id=32bbb71743f022&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5782924993236735
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
009b1d256ae58a7c2b6d80c92be4faeb422e382c39479138995d37c7923e4c0f

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
315
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ 		16 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.36 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 16 Oct 2023 00:57:08 GMT
auction
tlx.3lift.com/header/ 		19 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.6.0&referrer=https%3A%2F%2Fwww.betootaadvocate.com%2F&tmax=3000&gdpr=false
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.251.207.23 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-207-23.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:08 GMT
accept-ch
sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height
x-auction-status
29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
cde5a72da3572e4594e1b3b1747ccfced7d7973e4ca720e37bb91d7e5eddab71

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.betootaadvocate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		19 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:08 GMT
an-x-request-uuid
d9ad6e5f-c1c6-417e-a3a4-b4d538ec56ed
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
48796da3f7da8b306e2026c33c14a749dd20df3a922a9ed35d8493c3808c44e4

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 00:57:07 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
230
content-length
4618
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=905384
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ec6448b7aa7fbcc0f2a6bd60da1d59b4c1ed2884bc21f22044f16e4582331af

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0bOc5xqbFfvFkEuVHOODQfssqgyFNg6DEr%2FM5Fu2PKSSzYUETw8%2BjyIQzvDIkwNi7iNzG%2FgwupIBtOVuLsRE294yalTwr%2FA9YXyob37kWN3bLhrNcCax6aj92RkBk85aPEpyXgA"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
816c58914dcda87a-SYD
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
imp
g2.gumgum.com/hbid/ 		649 B
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1697417828038&to=-480&aun=div-gpt-ad-1667393323304-0&pubcid=d7486357-ffae-4fa2-a1d4-5075871fa2b4&t=be3eij5e&pi=2&gdprApplies=0&schain=1.0%2C1!snack-media.com%2CSNM_2980%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.betootaadvocate.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.6.0%22%7D&ogu=https%3A%2F%2Fwww.betootaadvocate.com%2F&ns=10240
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.112.79 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-112-79.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0113fa2d13f90be3c8bfa3eab75a2c17dc84e78665769d28128be5ae884ca2c7

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
xhr
pre.ads.justpremium.com/v/2.0/t/ 		53 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1697417828039
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.16.177 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-16-177.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
928b32acd96edf814334c8e140ab7f46b6a80f2891434a6e1d9a4ad3bb757597

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.betootaadvocate.com
date
Mon, 16 Oct 2023 00:57:08 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
bid
s.seedtag.com/c/hb/ 		88 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
db18b4517a67f9ef230a1565e4c12259a82913da5e35cad3f64c787fa11a0e67

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
gzip
via
1.1 google
server
openresty
etag
W/"58-gPQfRs6ojM+joymVO2S16hMhaZM"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.betootaadvocate.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=896130630&t=pageview&_s=1&dl=https%3A%2F%2Fwww.betootaadvocate.com%2F&ul=en-us&de=UTF-8&dt=The%20Betoota%20Advocate%20-%20Australia%27s%20Oldest%20And%20Favourite%20Newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=619178998&gjid=2078808679&cid=65793330.1697417828&tid=UA-56468053-1&_gid=1733822277.1697417828&_r=1&gtm=457e3ab0&jsscut=1&z=25607912
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 5FE2 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%7COpen+Sans%7COpen+Sans%7COpen+Sans%7COpen+Sans%7CLibre+Baskerville%7COpen+Sans%7COpen+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:49:27 GMT
x-content-type-options
nosniff
age
281261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27120
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:42:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:49:27 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 5FE2 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%7COpen+Sans%7COpen+Sans%7COpen+Sans%7COpen+Sans%7CLibre+Baskerville%7COpen+Sans%7COpen+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 17:51:42 GMT
x-content-type-options
nosniff
age
111926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 17:51:42 GMT
index.html
cdn.edkt.io/check/ Frame 4FCF 		163 B
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/check/index.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3de06d17189e15796e7e8f2640a21b655c2d1562e0fdb88df501f9f3138ad42b

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
35976
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-length
163
content-type
text/html
date
Sun, 15 Oct 2023 14:57:32 GMT
etag
"47b2c3a6d225cdc377a1def2926ff28f"
expires
Mon, 16 Oct 2023 14:57:32 GMT
last-modified
Thu, 12 Oct 2023 12:19:15 GMT
server
UploadServer
x-goog-generation
1690295959061648
x-goog-hash
crc32c=WnJJJw== md5=R7LDptIlzcN3od7ykm/yjw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
163
x-guploader-uploadid
ADPycdskYxB-REH_SFMxuVJsDwmqqIWn3y5l0niMIzimTWd0_cyX6QSbSvkHuOUBbuvSsgQNtZOy19ZT6fPj3tqq7Qur9g
collect
stats.g.doubleclick.net/j/ 		1 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-56468053-1&cid=65793330.1697417828&jid=619178998&gjid=2078808679&_gid=1733822277.1697417828&_u=YADAAUAAAAAAACAAI~&z=759252964
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 16 Oct 2023 00:57:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
prober.html
cdn.edkt.io/check/ Frame 4FCF 		235 B
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/check/prober.html
Requested by
Host: cdn.edkt.io
URL: https://cdn.edkt.io/check/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
38a94dca5d95c210a670a327db5f38030f7b42da54d7ee832a3dd77265b249a0

Request headers

Referer
https://cdn.edkt.io/check/index.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
37317
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-length
235
content-type
text/html
date
Sun, 15 Oct 2023 14:35:11 GMT
etag
"a4b889b9bfd92bab5cf5d117cc7d6cd0"
expires
Mon, 16 Oct 2023 14:35:11 GMT
last-modified
Thu, 12 Oct 2023 12:19:15 GMT
server
UploadServer
x-goog-generation
1690295959055435
x-goog-hash
crc32c=WnrwwA== md5=pLiJub/ZK6tc9dEXzH1s0A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
235
x-guploader-uploadid
ADPycdskriMQwNr6H8n-0zUZV7h6HAQzw_ASpZJ5WhuBGFsiyWrxzWAPRgxm4SgJ5rn31HZ2ccVVTTwo5cQd5QMUt5YoQ-xBGlKZ
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.edkt.io
URL: https://cdn.edkt.io/7dDzS0/edgekit.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51254
x-xss-protection
0
server
cafe
etag
16068306037554946727
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 00:57:08 GMT
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:08 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
816c58952ee45d32-SYD
content-length
3
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:08 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1157261
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 02 Oct 2023 15:19:33 GMT
Server
cloudflare
ETag
W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FEMQxZd9mP%2FSGh1VoHf1VkTAhCCZtWEslxZHlwFNhscZCcW%2Fz%2BYwb4N5bXaMhUZZK93Cq2JK1HjPhes6VuG0HfYYPDxMbjhyuAMa%2FRO6xWZ31tzzrGCgVHYuiDqDhF7"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
816c589509c1aafb-SYD
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/ 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
2c1e314bd40a5d53a2e657710b9a41778f2e105084dd41fb2305dc008d5bffd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 10:18:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
52745
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134705
x-xss-protection
0
server
cafe
etag
4581834702576728701
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 14 Oct 2024 10:18:03 GMT
index-monitoring-bbdc39c.js
cdn.pbstck.com/ 		183 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/index-monitoring-bbdc39c.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/d280555d-43c9-4617-8a74-e00bdddc2217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802e9028483930a2cf1e6cc857183b4404451e72ec9e555845612bacdeec2490

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
SPZDV7Z21SXTJ6NC
age
2202223
alt-svc
h3=":443"; ma=86400
x-amz-id-2
D6yX7vkYPFDcPG/Eaduji+8AZT+Sxvwgu6WmuK3zRaM/2ofg5gkcAsLaOL9wHxpIHtRfPoUL52E=
last-modified
Wed, 13 Sep 2023 12:21:10 GMT
server
cloudflare
etag
W/"a84705dc4e55d0ff74ca5e1edefba3dd"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=604800, immutable
cf-ray
816c58962a54aadb-SYD
index-refresh-bbdc39c.js
cdn.pbstck.com/ 		148 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/index-refresh-bbdc39c.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/d280555d-43c9-4617-8a74-e00bdddc2217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf9bb26263ea7f5b18ab30b3d6c86f7df14c3a0d97cb5a67eea10b485f4d338

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
SPZE4ZTMTKYCKWC2
age
2202223
alt-svc
h3=":443"; ma=86400
x-amz-id-2
nNS/Dzyp8eolaM7w1l8d6KFYz7/SgxrztIYTJ6y77/bs3N8AqMYxOj0OLgcT4c96n6PCEKd+0Yg=
last-modified
Wed, 13 Sep 2023 12:21:10 GMT
server
cloudflare
etag
W/"530f4687c9db064d9c81999237c5da8e"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=604800, immutable
cf-ray
816c58962a55aadb-SYD
collector-d8cb7f0.js
cdn.pbstck.com/ 		61 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/collector-d8cb7f0.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/d280555d-43c9-4617-8a74-e00bdddc2217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6eef34a0c9e985e995c924486d23ac237ae9e428763dd934b07ad65626526c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
JA3M91RMH4SES68S
age
577702
alt-svc
h3=":443"; ma=86400
x-amz-id-2
25vdjb9cKtiUXlRpdvchRuJm/BfI3JpO/1nj1XazWG0/Pec73Pv24ZZYyFXZQJzgEaizmadl7z0=
last-modified
Mon, 09 Oct 2023 08:15:49 GMT
server
cloudflare
etag
W/"73f689884b644651fd0ea2ef750b8713"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=604800, immutable
cf-ray
816c58962a51aadb-SYD
settings-1697338717.json
a.mailmunch.co/forms-cache/103219/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/103219/settings-1697338717.json
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-60.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00ee00f0f4f9549ecce8c62f0e21c14ed7214ea7cd45629532811e1ec1f24c6d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 02:58:46 GMT
content-encoding
gzip
via
1.1 c71e51961956d2c084f13451959744de.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
79103
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 15 Oct 2023 02:58:44 GMT
server
AmazonS3
etag
W/"d366a33fd8f8b3fb289092183d7713c5"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
S7tEXHC-pSLo9Og5Npm3Rw1qyd-2mRzNQ5ateI0l2pIiE3lZFh4Emg==
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-111.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:10:13 GMT
content-encoding
gzip
via
1.1 e677c49086c9d85b00b0230e47b36ec0.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
20817
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
NQMX9gHNKYMYSFfZ_755EfCsoLsxSg6nZUlcvmu_rClokMfKJ-C5lg==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.92.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-92-130.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date
Sun, 15 Oct 2023 19:51:32 GMT
Via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SIN2-P2
Age
18337
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Wed, 06 Sep 2023 03:40:59 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
tCfneh3KJd4uIhAK-6a9RvWdDMeXVHcZwjOcNTKETQHPhhkCBZV4FQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 16 Oct 2023 00:57:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
5592
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-bfi-kbfi7400020-BFI
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 19:28:03 GMT
content-encoding
gzip
age
2006945
x-guploader-uploadid
ADPycdv8f3YNO0Bl6ehLC7C7F5KCcGhCsGDQHw1NpG8oS302u9uzS9T_rQPuDlb8WRrh-fR6FAyiytVwsNgWVb7ffpoR1A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 21 Sep 2024 19:28:03 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-a892"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 17 Oct 2023 00:57:09 GMT
ob.js
cdn-ima.33across.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 18 Sep 2023 17:20:48 GMT
server
cloudflare
age
543747
etag
W/"650886f0-39ac"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
816c58948c50aaf0-SYD
expires
Thu, 19 Oct 2023 00:57:08 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.betootaadvocate.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.betootaadvocate.com%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.betootaadvocate.com%2F&rid=esp&cc=1
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
674f92c4d629877b811e4b962ea5a4e80883cad7497d3d622ffafae5df275f37

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:08 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-Tt63/qRB9TKpiEkhvvOHCAY+9RE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.betootaadvocate.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 16 Oct 2023 00:57:08 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.betootaadvocate.com
location
/esp?url=https%3A%2F%2Fwww.betootaadvocate.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		235 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.186.142 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-186-142.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3ef972e539b22bf48cae6e4037754734e6e78760a52d0040580014014c928b00

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache
x-server
10.42.0.196
access-control-allow-credentials
true
content-length
235
expires
0
rules-p-0Q_T1ja8r-Dkk.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0Q_T1ja8r-Dkk.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-82.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43d395a8ec6d8918aea04372aba3b1609ee79481cf677928925b6daafa09e73c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:32:59 GMT
content-encoding
gzip
via
1.1 23bcdd719bfa269e077f081512f9c624.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
1450
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 14 Oct 2022 00:46:56 GMT
server
AmazonS3
etag
W/"f22058b7a1bf5f832fb5b1e61a3ac691"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
q82hAFdY1BOi9PZYkMs7GyQJKXFZFuQVPkgjX0DZ6WIHrm8sT2502Q==
graphql
betoota-advocate-shed.myshopify.com/api/2023-07/ 		29 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://betoota-advocate-shed.myshopify.com/api/2023-07/graphql
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
0be8c7cf20b0dd91443fc06b8871748edbcb4cffa96669921b8094361b0c797f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-SDK-Version
2.20.0
Accept-Language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
X-SDK-Variant
javascript
Content-Type
application/json
Accept
application/json
X-Shopify-Storefront-Access-Token
adf38735c8f633a344c8351cf196609f
Referer
https://www.betootaadvocate.com/
X-SDK-Variant-Source
buy-button-js

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
x-shopify-api-version
2023-07
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-australia-southeast1,gcp-us-central1,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
server-timing
processing;dur=159;desc="gc:5", db;dur=86, asn;desc="396356", edge;desc="SYD", country;desc="AU", servedBy;desc="2krp", graphql;desc="storefront/query/other", requestID;desc="23737e48-be5f-4cf2-91bc-780606efa873", cfRequestDuration;dur=352.999926
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
7278065
x-request-id
23737e48-be5f-4cf2-91bc-780606efa873
x-shardid
135
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
x-shopid
7278065
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmbptXhfnAebi02qXHD1iD5kDErqyrG%2BnzCXKweA1X7i3U7T7YDmR%2Fbe%2Fyw7pRsQ6QXng%2BBsiRWcG6cUq6dvWJifylpRD%2BIXPZmgoNZSsW2uQlmYARtgESyiAbZaK%2FlvUqRjVCyTtV%2FIMSJFysljEYXAaeKU"}],"group":"cf-nel","max_age":604800}
content-language
en-AU
x-download-options
noopen
cf-ray
816c58969a83aaed-SYD
x-sorting-hat-podid
135
graphql
betoota-advocate-shed.myshopify.com/api/2023-07/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://betoota-advocate-shed.myshopify.com/api/2023-07/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sdk-variant,x-sdk-variant-source,x-sdk-version,x-shopify-storefront-access-token
Access-Control-Request-Method
POST
Origin
https://www.betootaadvocate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type, X-SDK-Variant, X-SDK-Variant-Source, X-SDK-Version, X-Shopify-Storefront-Access-Token, Shopify-Storefront-Private-Token, Shopify-Storefront-Buyer-IP, Shopify-Storefront-Id, Shopify-Storefront-S, Shopify-Storefront-Y, Shopify-Storefront-Extension-Token, Custom-Storefront-Request-Group-ID, shopify-core-canary
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
816c5895495baaed-SYD
content-encoding
br
content-language
en
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:57:08 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDzC3uepy%2BfwQsAY18NGi2adwEWh4Bpu9WekA%2BmIFT4i43KwmU04B95SMPRw4IgjjwzKRdEF5iEsVtHFzjY7VEI9A7awRTRP7rz9micwAxYiH7BdsAkWH%2FrWtLK3w6PF3Yw1YPI5gd1kE8DBBme6aZRQLO6b"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=5;desc="gc:1", db;dur=2, asn;desc="396356", edge;desc="SYD", country;desc="AU", servedBy;desc="pjhw", requestID;desc="b1c40dcf-9f89-406a-8e53-049c5ab53cca" cfRequestDuration;dur=208.000183
vary
Accept-Encoding Accept
x-content-type-options
nosniff
x-dc
gcp-australia-southeast1,gcp-us-central1,gcp-us-central1
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
b1c40dcf-9f89-406a-8e53-049c5ab53cca
x-shardid
135
x-shopid
7278065
x-shopify-stage
production
x-sorting-hat-podid
135
x-sorting-hat-shopid
7278065
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block
embedded.js
a.mailmunch.co/app/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/embedded.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-60.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b846ef170dfb8305947448dbeeec8b1054f73573346678f1a4f9f72f981a4c3d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 16:03:23 GMT
content-encoding
gzip
via
1.1 291933b5bb7fbb03efd999a83bb9696a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
118426
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1097
last-modified
Thu, 12 Oct 2023 13:37:28 GMT
server
AmazonS3
etag
"3ece3acd2ee9fbab5797c20d4330fff2"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
pWhdnwstJ2HZcHeAeBQPi6Dzq6Lxz2tTh4Jo2nFbuAV73dxdL1hjgA==
sidebar.js
a.mailmunch.co/app/v1/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/sidebar.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-60.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03b91cc6b7b75f6aa9e1015ded5196298213496512857cbba8ac41a23ae06c13

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 16:04:33 GMT
content-encoding
gzip
via
1.1 291933b5bb7fbb03efd999a83bb9696a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
118356
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
842
last-modified
Thu, 12 Oct 2023 13:37:30 GMT
server
AmazonS3
etag
"d9a610db8457cf067e038d97e7be7d0a"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
xrRsAwlEsw6Fk7uFxLZyrbuVYh64uYDW97sXc_4j6zX0O65xZS8X6A==
popover.js
a.mailmunch.co/app/v1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/app/v1/popover.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-60.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81a7d8a047857c04f34dee91793ff2474128f76e8339511607f80a27179fc65b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 16:03:50 GMT
content-encoding
gzip
via
1.1 291933b5bb7fbb03efd999a83bb9696a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
118399
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2274
last-modified
Thu, 12 Oct 2023 13:37:29 GMT
server
AmazonS3
etag
"eabfc29b2e20de1e74a8e4f83ce3b343"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
uNVFFK1pXMWool3dLlByLECXuIWh86KFwlgSfTVQ2iz1j7UrppsC1A==
d280555d-43c9-4617-8a74-e00bdddc2217.json
refresh.pbstck.com/ 		23 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://refresh.pbstck.com/d280555d-43c9-4617-8a74-e00bdddc2217.json
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d246bd4d80252554a59596461a53c7c0a58a8a0d4f30ed623f9337e69beb6a11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:08 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
FB1KS9NK5N54D9ER
age
198
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yskPFoHFFv/6rQlSlAbe7A6y+U8R26qVJ232otRbvbkrH6nRDr68f2m/RDehguLs/ZUh+vvy3lo=
last-modified
Fri, 06 Oct 2023 12:53:27 GMT
server
cloudflare
etag
W/"3101779d823346c7f8abaaa57f5a8a03"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cache-control
max-age=14400
cf-ray
816c5896badeaadb-SYD
pixel;r=855581509;source=choice;labels=All.Locale.en_US%2CAll.Url.https%3A%2F%2Fwww%20betootaadvocate%20com%2F%2CAll.Title.The%20Betoota%20Advocate%20-%20Australia's%20Oldest%20And%20Favourite%20Ne...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=855581509;source=choice;labels=All.Locale.en_US%2CAll.Url.https%3A%2F%2Fwww%20betootaadvocate%20com%2F%2CAll.Title.The%20Betoota%20Advocate%20-%20Australia's%20Oldest%20And%20Favourite%20Newspaper%2CAll.Type.website%2CAll.Title.The%20Betoota%20Advocate%20-%20Australia's%20Oldest%20And%20Favourite%20Newspaper%2CAll.Site.The%20Betoota%20Advocate;rf=0;a=p-0Q_T1ja8r-Dkk;url=https%3A%2F%2Fwww.betootaadvocate.com%2F;uht=2;fpan=1;fpa=P0-1263578705-1697417828597;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;us_privacy=1---;ref=;d=betootaadvocate.com;dst=0;et=1697417828951;tzo=-480;ogl=locale.en_US%2Ctype.website%2Ctitle.The%20Betoota%20Advocate%20-%20Australia's%20Oldest%20And%20Favourite%20Newspaper%2Curl.https%3A%2F%2Fwww%252Ebetootaadvocate%252Ecom%2F%2Csite_name.The%20Betoota%20Advocate;ses=1f361731-ce27-48de-bbc1-559b53004519;mdl=
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame A5B5 		484 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d733b0715471845460afe88da1adfc07662b7de25f1a47093fca0c7a2a77966a

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
306
content-type
text/html
date
Mon, 16 Oct 2023 00:57:09 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
index-1697167376.html
a.mailmunch.co/forms-cache/103219/661249/ 		111 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/103219/661249/index-1697167376.html
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-60.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d1c1f074f56ec8caa2fe0f67c0933719bb6fe52ca11b3f6751ae62059404827

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 03:23:06 GMT
content-encoding
gzip
via
1.1 c71e51961956d2c084f13451959744de.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
250443
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 13 Oct 2023 03:23:02 GMT
server
AmazonS3
etag
W/"ccbec341289c7af29616d0df47730246"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
u5xf2Fy8KDza8fT5vykQsbqFgf6kYavw1mlPUygnigbSouzvYMwwqg==
index-1697167376.html
a.mailmunch.co/forms-cache/103219/461061/ 		111 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/103219/461061/index-1697167376.html
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-60.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
584ac38a54a8e9268303d5b2f97f804a9f5122543515f28d81f6a6065d912fe4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 03:23:05 GMT
content-encoding
gzip
via
1.1 c71e51961956d2c084f13451959744de.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
250444
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 13 Oct 2023 03:23:02 GMT
server
AmazonS3
etag
W/"645e32cfbe3eaabbebee87faef123c4a"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
gM39UkXb3SXKo2XCEJ9vi1eJ7_8jN9wRgnfPCYNP75SDTbFziVw0sg==
index-1636686647.html
a.mailmunch.co/forms-cache/103219/134107/ 		111 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/forms-cache/103219/134107/index-1636686647.html
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-60.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bee522edff65917a2a6bf73db010b8de5a7bd6a7c8e0dccd5ef39b0b28302e42

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 17:03:53 GMT
content-encoding
gzip
via
1.1 c71e51961956d2c084f13451959744de.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
1497196
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 08 Sep 2023 01:01:55 GMT
server
AmazonS3
etag
W/"94c488548929c004f366b27e5804be64"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31556952
vary
Accept-Encoding
x-amz-cf-id
_YUQepULx_5O2xXT7_wzJRC9P3XuH6ZJoQHn-wAn_P0qlFEaHiRrsQ==
index.css
a.mailmunch.co/v2/themes/mailmunch/postman/embedded/ Frame E88A 		104 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/v2/themes/mailmunch/postman/embedded/index.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-60.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
966360a88a7e084cfc9cb1372ab8443618fa9a8fa8bd89afeb0f67aff0c37452

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 16:20:55 GMT
content-encoding
gzip
via
1.1 291933b5bb7fbb03efd999a83bb9696a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
117374
x-cache
Hit from cloudfront
last-modified
Wed, 08 Jan 2020 12:09:30 GMT
server
AmazonS3
etag
W/"d9b29476c301e4766e8adb02f005e0b0"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
EKYYiJktP7qAvx-pa2tMZYNhIyHND35KYdmQ7wWmCoins5_roJ7ASw==
index.css
a.mailmunch.co/v2/themes/mailmunch/postman/sidebar/ Frame B78A 		104 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/v2/themes/mailmunch/postman/sidebar/index.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-60.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
561d75b69f4c05ef2d7335bfc99a1f0cad36d53cdc96d58e506426bc7b18c4dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 03:01:14 GMT
content-encoding
gzip
via
1.1 291933b5bb7fbb03efd999a83bb9696a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
165355
x-cache
Hit from cloudfront
last-modified
Wed, 08 Jan 2020 12:09:10 GMT
server
AmazonS3
etag
W/"dab3e654d6bf25d48b431a3755957c27"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
NbMgtK0d6iQo7cqP1UD1_AlbhSi9nNPtHi0i3LiDpAH3j0eQhOF20A==
index.css
a.mailmunch.co/v2/themes/mailmunch/postman/popover/ Frame 0AB4 		106 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.mailmunch.co/v2/themes/mailmunch/postman/popover/index.css
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-60.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b10da3db8bd92838051a2f554d6d8dab5603d0367606f74610f901b0f18da4ee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 09:08:48 GMT
content-encoding
gzip
via
1.1 291933b5bb7fbb03efd999a83bb9696a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
143301
x-cache
Hit from cloudfront
last-modified
Wed, 08 Jan 2020 12:09:20 GMT
server
AmazonS3
etag
W/"d481a0d1e0fc73b9a1a61665e1e49a27"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
ungb0yNZQEcFfFL5ZlfwjdCCrq-xnwkXkmauXa-r9JkuD9gMKRto0w==
css
fonts.googleapis.com/ Frame E88A 		7 KB
878 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/postman/embedded/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
ba1e5134dc2d8f7a128f6af770bb6e17677980509b1b7485f773edf918e2152c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a.mailmunch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 00:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 00:41:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 00:57:09 GMT
css
fonts.googleapis.com/ Frame B78A 		7 KB
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/postman/sidebar/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
ba1e5134dc2d8f7a128f6af770bb6e17677980509b1b7485f773edf918e2152c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a.mailmunch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 00:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 00:57:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 00:57:09 GMT
css
fonts.googleapis.com/ Frame 0AB4 		7 KB
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Requested by
Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/postman/popover/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
ba1e5134dc2d8f7a128f6af770bb6e17677980509b1b7485f773edf918e2152c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://a.mailmunch.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 00:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 00:33:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 00:57:09 GMT
sd
us-u.openx.net/w/1.0/ Frame A5B5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=c81d4c10-e76d-7cbb-c4c2-6b04fa864617&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=c81d4c10-e76d-7cbb-c4c2-6b04fa864617&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&ttd_puid=c81d4c10-e76d-7cbb-c4c2-6b04fa864617&gdpr=0&gdpr_consent=
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&ttd_puid=c81d4c10-e76d-7cbb-c4c2-6b04fa864617&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&ttd_puid=c81d4c10-e76d-7cbb-c4c2-6b04fa864617&gdpr=0&gdpr_consent=
date
Mon, 16 Oct 2023 00:57:09 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame A5B5
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZSyKZcCo5sMAACDtMqYAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZSyKZcCo5sMAACDtMqYAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Mon, 16 Oct 2023 00:57:10 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.168","key":"ZSyKZcCo5sMAACDtMqYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad141"}
X-SO-Key
ZSyKZcCo5sMAACDtMqYAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad141
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZSyKZcCo5sMAACDtMqYAAAAA
Cache-Control
private
X-SO-HostName
m-ad141.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1609
Content-Length
0
X-SO-LB-Hostname
a-tgng40005.dc2p.scaleout.jp
X-SO-IP
66.203.112.168
sd
jp-u.openx.net/w/1.0/ Frame A5B5
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdSNXzC8zEXkks8AD7ImJ81V0c8AAAGLNfybkA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdSNXzC8zEXkks8AD7ImJ81V0c8AAAGLNfybkA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:09 GMT
via
1.1 291933b5bb7fbb03efd999a83bb9696a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdSNXzC8zEXkks8AD7ImJ81V0c8AAAGLNfybkA
cache-control
no-cache
content-length
0
x-amz-cf-id
CjnhhaCk4S3fhjRP-NFZSqX2jbTd2hZhoMSQp1Nw6-PxGbTyQui2Og==
expires
-1
pixel
cm.g.doubleclick.net/ Frame A5B5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ3MjlmZGEtMmUxYS0yMjFmLWQxMjItMzFiZDMwNjQ4ODc3
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ3MjlmZGEtMmUxYS0yMjFmLWQxMjItMzFiZDMwNjQ4ODc3&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ3MjlmZGEtMmUxYS0yMjFmLWQxMjItMzFiZDMwNjQ4ODc3&google_tc=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ3MjlmZGEtMmUxYS0yMjFmLWQxMjItMzFiZDMwNjQ4ODc3&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A5B5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGGXQ6Qsa6f62h_LnUrN0ao&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGGXQ6Qsa6f62h_LnUrN0ao&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGGXQ6Qsa6f62h_LnUrN0ao&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame E88A 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
640b6b434c3af20cd693d80b98bc05f8ffea87d29860184c41f6b3489c7cb658

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E88A 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbcb6e5cfa3dcc69a1da402246274b367d57d7f1407ae92db22096948bbc9ce1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame E88A 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 05:25:47 GMT
x-content-type-options
nosniff
age
329482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 05:25:47 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame E88A 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 19:35:40 GMT
x-content-type-options
nosniff
age
537689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Oct 2024 19:35:40 GMT
truncated
/ Frame 0AB4 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc139bb571ba15adcd2e6f37859679ce715e5de67720f0724595e5b8a6dfe9b5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0AB4 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
640b6b434c3af20cd693d80b98bc05f8ffea87d29860184c41f6b3489c7cb658

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0AB4 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbcb6e5cfa3dcc69a1da402246274b367d57d7f1407ae92db22096948bbc9ce1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 0AB4 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 05:25:47 GMT
x-content-type-options
nosniff
age
329482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 05:25:47 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame 0AB4 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 19:35:40 GMT
x-content-type-options
nosniff
age
537689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Oct 2024 19:35:40 GMT
truncated
/ Frame B78A 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
640b6b434c3af20cd693d80b98bc05f8ffea87d29860184c41f6b3489c7cb658

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B78A 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbcb6e5cfa3dcc69a1da402246274b367d57d7f1407ae92db22096948bbc9ce1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame B78A 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 05:25:47 GMT
x-content-type-options
nosniff
age
329482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 05:25:47 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame B78A 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif|Open+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 19:35:40 GMT
x-content-type-options
nosniff
age
537689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Oct 2024 19:35:40 GMT
graphql
betoota-advocate-shed.myshopify.com/api/2023-07/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://betoota-advocate-shed.myshopify.com/api/2023-07/graphql
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sdk-variant,x-sdk-variant-source,x-sdk-version,x-shopify-storefront-access-token
Access-Control-Request-Method
POST
Origin
https://www.betootaadvocate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type, X-SDK-Variant, X-SDK-Variant-Source, X-SDK-Version, X-Shopify-Storefront-Access-Token, Shopify-Storefront-Private-Token, Shopify-Storefront-Buyer-IP, Shopify-Storefront-Id, Shopify-Storefront-S, Shopify-Storefront-Y, Shopify-Storefront-Extension-Token, Custom-Storefront-Request-Group-ID, shopify-core-canary
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
816c58997866aad2-SYD
content-encoding
br
content-language
en
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:57:09 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tua5koGFzfXKCWhuKdnMccuUBtv6Fv9yNOvc97yg4W94b0%2FLA1ph49br0aK17dI17SWKrzTzaJdo%2BYka8D1LOnU3ZozdF8Ln07UI%2BwZ%2FvPQVB7WdX1nstc%2Bzemztis0yZtVOSos5tQXZpRqqKa4vyTaSAp5b"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=5, db;dur=2, asn;desc="396356", edge;desc="SYD", country;desc="AU", servedBy;desc="dhvh", requestID;desc="f68fd875-b337-45e5-964a-5717cad604f4" cfRequestDuration;dur=207.000017
vary
Accept-Encoding Accept
x-content-type-options
nosniff
x-dc
gcp-australia-southeast1,gcp-us-central1,gcp-us-central1
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
f68fd875-b337-45e5-964a-5717cad604f4
x-shardid
135
x-shopid
7278065
x-shopify-stage
production
x-sorting-hat-podid
135
x-sorting-hat-shopid
7278065
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block
P1033346_550x825.jpg
cdn.shopify.com/s/files/1/0727/8065/products/ Frame 5FE2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/P1033346_550x825.jpg?v=1607652906
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
dcad94b6a32ec5030d3516820428da0de61a374e46c97d555b087a78e0ab004a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
337576
source-type
image/jpeg
server-timing
imagery;dur=531.947, imageryFetch;dur=113.666, imageryProcess;dur=244.835;desc="image", cfRequestDuration;dur=11.000156
source-length
2225628
content-length
16552
x-xss-protection
1; mode=block
x-request-id
e6200411-edba-4a0c-b624-87687b823d42
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 10 Oct 2023 06:34:25 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLAPDgDpNPqdQHPoPtOwuBdkIUvVmMiKX9c%2BmKa4tRekCfUN%2BnABxh0ZrTpjdLs018D8wg5Z%2Fq9Y24PU22nRNsq3vvlHmN9AGKk%2Fxt3ZvvPHeiS0dPCMyhC5n%2FhlHu37XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/P1033346_550x825.jpg>; rel="canonical"
cf-ray
816c58997e1f5d34-SYD
P1022786_550x825.jpg
cdn.shopify.com/s/files/1/0727/8065/products/ Frame 5FE2 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/P1022786_550x825.jpg?v=1676599195
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
c6700c5a885f3443c90d50a4281ab9038d374b8c5edcfe6d7e3f5aa7e1870b7a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
341814
source-type
image/jpeg
server-timing
imagery;dur=267.008, imageryFetch;dur=48.072, imageryProcess;dur=216.799;desc="image", cfRequestDuration;dur=14.999866
source-length
588152
content-length
18298
x-xss-protection
1; mode=block
x-request-id
2c5ddc3d-79ad-4326-8207-72c5591288b5
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 10 Oct 2023 02:26:37 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rVnFvCqeNi29vQfEVpvD%2BwklQXVcOGc4UpMW86eGakChb8DCwsjgsjMfd%2BSdxYaMjGPa3NtoK5iWX95XiqEtK0ldGlqh32WrS7GVQ25wqIQAarmQl8EEAvDMNbeGKIDlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/P1022786_550x825.jpg>; rel="canonical"
cf-ray
816c58997e1c5d34-SYD
DugongsHat2_550x825.png
cdn.shopify.com/s/files/1/0727/8065/products/ Frame 5FE2 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/DugongsHat2_550x825.png?v=1657243227
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
b919dcb87ce9dd2e66882154d391c80a6f91ee4ba3d352fa88657729d61cd6c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
305833
source-type
image/png
server-timing
imagery;dur=520.368, imageryFetch;dur=120.789, imageryProcess;dur=398.878;desc="image", cfRequestDuration;dur=12.000084
source-length
3113548
content-length
19474
x-xss-protection
1; mode=block
x-request-id
dc0dfee6-f766-456d-aae6-f8dd71e240a8
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Jun 2023 09:16:10 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpMlhOrzOfCrT4N0rn6WhHbobTK%2FCqQFqoCe6mh5UoYMQ5gGvl4WQ6eG3VyPiubn9%2BruiXBWbK0Qm5%2BN%2B45Y%2Bn2f%2BuR97oGOVErOxQ4yQCFPn%2Ff%2BBZQgzPlBeyQCuTzNqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/DugongsHat2_550x825.png>; rel="canonical"
cf-ray
816c58997e1e5d34-SYD
2500x2500OutNow_550x825.jpg
cdn.shopify.com/s/files/1/0727/8065/products/ Frame 5FE2 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/2500x2500OutNow_550x825.jpg?v=1669697473
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
b4351bb8f000ae7aa9d6a168799c09e57a49e6564520b5f25be3488b5075513a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
327637
source-type
image/jpeg
server-timing
imagery;dur=548.549, imageryFetch;dur=179.807, imageryProcess;dur=367.988;desc="image", cfRequestDuration;dur=12.000084
source-length
4219545
content-length
83632
x-xss-protection
1; mode=block
x-request-id
f4184acb-d03a-4e57-96ef-e1bea5066c19
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 09 Aug 2023 21:14:46 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbU5FkocJMxaBVVb2pDjOnupdOrSY7DXo%2FakG9ZgJVM5D8TiZ5BjqzSu%2F9LCFCCBsDNv6nU34iPPHCe0IRQRP%2FauqjDljohanl1b%2FuuwOELzhuQCl4tPXGtWmmHVbpC0IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/2500x2500OutNow_550x825.jpg>; rel="canonical"
cf-ray
816c58997e215d34-SYD
P1033346_550x825.jpg
cdn.shopify.com/s/files/1/0727/8065/products/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/P1033346_550x825.jpg?v=1607652906
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
dcad94b6a32ec5030d3516820428da0de61a374e46c97d555b087a78e0ab004a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
337576
source-type
image/jpeg
server-timing
imagery;dur=531.947, imageryFetch;dur=113.666, imageryProcess;dur=244.835;desc="image", cfRequestDuration;dur=11.000156
source-length
2225628
content-length
16552
x-xss-protection
1; mode=block
x-request-id
e6200411-edba-4a0c-b624-87687b823d42
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 10 Oct 2023 06:34:25 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59po5pfJ8wUGefS7eya8IZxqiFdLx5MfvoChvEiIh3gvu0zpkUAP%2Brtn4ikxBu5mo7srkORYKrDmEO3kgfkpO%2Bf4XpCcmNeDw36GcfD4HDn%2Fj7eNjVunCcDe%2F5rVk32YDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/P1033346_550x825.jpg>; rel="canonical"
cf-ray
816c58997e225d34-SYD
P1022786_550x825.jpg
cdn.shopify.com/s/files/1/0727/8065/products/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/P1022786_550x825.jpg?v=1676599195
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
c6700c5a885f3443c90d50a4281ab9038d374b8c5edcfe6d7e3f5aa7e1870b7a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
341814
source-type
image/jpeg
server-timing
imagery;dur=267.008, imageryFetch;dur=48.072, imageryProcess;dur=216.799;desc="image", cfRequestDuration;dur=15.000105
source-length
588152
content-length
18298
x-xss-protection
1; mode=block
x-request-id
2c5ddc3d-79ad-4326-8207-72c5591288b5
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 10 Oct 2023 02:26:37 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4mm94vhaNv%2BbsIbG0GMkihyuUOcvbinWVVqN7k%2FcWFZAp5O67wCALRUw4AfaaAkVHVYWOc23L%2Bhp06tQHQl9zfKLnfKpB9WrU0ouMRqNy45IAw4VYEo51HhUQDx2VKSuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/P1022786_550x825.jpg>; rel="canonical"
cf-ray
816c58997e235d34-SYD
DugongsHat2_550x825.png
cdn.shopify.com/s/files/1/0727/8065/products/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/DugongsHat2_550x825.png?v=1657243227
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
b919dcb87ce9dd2e66882154d391c80a6f91ee4ba3d352fa88657729d61cd6c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
305833
source-type
image/png
server-timing
imagery;dur=520.368, imageryFetch;dur=120.789, imageryProcess;dur=398.878;desc="image", cfRequestDuration;dur=12.999773
source-length
3113548
content-length
19474
x-xss-protection
1; mode=block
x-request-id
dc0dfee6-f766-456d-aae6-f8dd71e240a8
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Jun 2023 09:16:10 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iF1MEkYLe5bK6kRR2Y%2B2zAHwTwl6p6S9lb%2BUz%2F1uyPLBJp7ZsZG9b7AJSF%2Bhp5uw3ANxotjwEFv9OiXoKnp6Oy0tdxunC8%2FDkD4rvv3vnd1%2F7YKQPR4G0qFQ4VsmiZYQYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/DugongsHat2_550x825.png>; rel="canonical"
cf-ray
816c58999e395d34-SYD
2500x2500OutNow_550x825.jpg
cdn.shopify.com/s/files/1/0727/8065/products/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0727/8065/products/2500x2500OutNow_550x825.jpg?v=1669697473
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
b4351bb8f000ae7aa9d6a168799c09e57a49e6564520b5f25be3488b5075513a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
327637
source-type
image/jpeg
server-timing
imagery;dur=548.549, imageryFetch;dur=179.807, imageryProcess;dur=367.988;desc="image", cfRequestDuration;dur=10.999918
source-length
4219545
content-length
83632
x-xss-protection
1; mode=block
x-request-id
f4184acb-d03a-4e57-96ef-e1bea5066c19
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 09 Aug 2023 21:14:46 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTZalf%2FPfQFKzgHSG%2FcTn3hUkEmXueuIRby0D35FdUu2LkgQAp2eah2uJCB0VMYHciSbRtfIbhQ55PoHmzXMRU0yP%2FeQ8olFXbkgUVam4rvJE%2FCLqn69nU8YBVlLI%2B0DLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0727/8065/products/2500x2500OutNow_550x825.jpg>; rel="canonical"
cf-ray
816c58999e3a5d34-SYD
graphql
betoota-advocate-shed.myshopify.com/api/2023-07/ 		171 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://betoota-advocate-shed.myshopify.com/api/2023-07/graphql
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
aa338f9f28f12ceffb790ce01497cb31c32a8265f59a82fce44b56ea6af525eb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-SDK-Version
2.20.0
Accept-Language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
X-SDK-Variant
javascript
Content-Type
application/json
Accept
application/json
X-Shopify-Storefront-Access-Token
adf38735c8f633a344c8351cf196609f
Referer
https://www.betootaadvocate.com/
X-SDK-Variant-Source
buy-button-js

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-content-type-options
nosniff
x-shopify-api-version
2023-07
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-australia-southeast1,gcp-us-central1,gcp-us-central1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
server-timing
processing;dur=32;desc="gc:2", db;dur=11, asn;desc="396356", edge;desc="SYD", country;desc="AU", servedBy;desc="qkbg", graphql;desc="storefront/query/other", requestID;desc="b9a83e96-5a30-4ebd-ad65-15bde31e0d21", cfRequestDuration;dur=228.000164
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-sorting-hat-shopid
7278065
x-request-id
b9a83e96-5a30-4ebd-ad65-15bde31e0d21
x-shardid
135
x-storefront-renderer-rendered
1
x-shopify-stage
production
server
cloudflare
x-shopid
7278065
vary
Accept-Encoding, Accept
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqvOD33iJBz2Psi8Louj95o2Qf5VTO3SxNsQEkOCz%2BYsb%2BXOqLO6yRGoYALKgevnYC5er68KlDtJKI8FP34ZkwFNEWOJxUkVs5xd2ALEiuwOEk%2BG5dRZRJt2popObUGktfWk2vfyq0RcJlU4%2BOjB5JWok78p"}],"group":"cf-nel","max_age":604800}
content-language
en-AU
x-download-options
noopen
cf-ray
816c589ad9eaaad2-SYD
x-sorting-hat-podid
135
produce
monorail-edge.shopifysvc.com/v1/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: sdks.shopifycdn.com
URL: https://sdks.shopifycdn.com/buy-button/latest/buy-button-storefront.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.57.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
242.57.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
via
1.1 google
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.betootaadvocate.com
access-control-allow-credentials
true
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
a151ec09-20c0-48d5-a1d1-1481c8364ec5
/
analytics.mailmunch.co/event/ 		35 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.mailmunch.co/event/?site_id=103219&widget_id=661249&event_name=views&cache=1697417829457&referrer=https%3A%2F%2Fwww.betootaadvocate.com%2F&visitor_id=2556bff3-db4d-4658-9fc0-90d7f1598425
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.220.57.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-57-224.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:10 GMT
Via
1.1 vegur
Server
Cowboy
X-Powered-By
Express
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
/
analytics.mailmunch.co/event/ 		35 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.mailmunch.co/event/?site_id=103219&widget_id=461061&event_name=views&cache=1697417829460&referrer=https%3A%2F%2Fwww.betootaadvocate.com%2F&visitor_id=2556bff3-db4d-4658-9fc0-90d7f1598425
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.220.57.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-57-224.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:09 GMT
Via
1.1 vegur
Server
Cowboy
X-Powered-By
Express
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
g_pbst
1x1.a-mo.net/hbx/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbst?A=amx&w=728&h=90&bid=29372b0c526d5e1&c1=banner&np=0.0065633904&aud=16a65196a10bf7e&a=div-gpt-ad-1667393209112-0&c2=hb_bidder%3Damx%26hb_adid%3D29372b0c526d5e1%26hb_pb%3D0.00%26hb_size%3D728x90%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_adomain%3Dsling.com%26hb_crid%3D455052940&ts=1697417829492&eid=302e89ae4bf36bb
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.115.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-115-246.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ 		68 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3117026828330450&correlator=2693009189035000&eid=31077978%2C31078704%2C31078750%2C31078787%2C31078789%2C31070233%2C31078662&output=ldjh&gdfp_req=1&vrg=202310090101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6428571%3A91222893%2Cbetootaadvocate.com-Unit1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=1&didk=3984493654&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697417829505&lmt=1697387623&adxs=315&adys=190&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.betootaadvocate.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=65793330.1697417828&ga_sid=1697417830&ga_hid=896130630&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDM1MTU4NzcxN2MyOWI2ZGM4NjVlZThhMzEyYmYxNmQ1MzkzODc5MWZjYzVlMmQyNWZlMTgxMWZmNjBhYjdmODkYyrTyr7MxSAASGwoMMzNhY3Jvc3MuY29tGL2x8q-zMUgAUgIIZBI7CgpwdWJjaWQub3JnEiRkNzQ4NjM1Ny1mZmFlLTRmYTItYTFkNC01MDc1ODcxZmEyYjQY-rfyr7MxSAASHQoOZXNwLmNyaXRlby5jb20YvbHyr7MxSABSAghkEhkKCnVpZGFwaS5jb20YvbHyr7MxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVJ6ZEdlbE5WTjNGUk1IbGxSa3RRYzI1eFJqRTJaejA5SW4wPRjatPKvszFIAA..&cbidsp=CoQDCAESFwoHcnViaWNvbhCyCyACUgdydWJpY29uEhMKBXRlYWRzEM4BIAJSBXRlYWRzEh0KCnRyaXBsZWxpZnQQqQIgAlIKdHJpcGxlbGlmdBITCgVvcGVueBC8ASACUgVvcGVueBIZCghhcHBuZXh1cxDcByACUghhcHBuZXh1cxKpAQoDYW14EKEHGpcBCg8yOTM3MmIwYzUyNmQ1ZTEQozMaA1VTRCIJaGJfYmlkZGVyIgdoYl9hZGlkIgVoYl9wYiIHaGJfc2l6ZSIJaGJfZm9ybWF0Ig1oYl9iaWRkZXJfYW14IgtoYl9hZGlkX2FteCIJaGJfcGJfYW14IgtoYl9zaXplX2FteCINaGJfZm9ybWF0X2FteCgBOgUI2AUQWkDeNyABUgNhbXgSDQoCaXgQiwEgAlICaXgSDQoCaXgQiwEgAlICaXgYAiIkYzdkNDNmNzktMzg5MC00NTk5LWFlYTUtN2JjYTBkY2E0ZWRiKgQIAyAAMgZ2OC42LjBAuBdKAA..&dlt=1697417826831&idt=1695&prev_scp=hb_format_amx%3Dbanner%26hb_size_amx%3D728x90%26hb_pb_amx%3D0.00%26hb_adid_amx%3D29372b0c526d5e1%26hb_bidder_amx%3Damx%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D29372b0c526d5e1%26hb_bidder%3Damx&adks=2520725984&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
918ecb4e1e53542dee3bb52b56c1b0e39dfa622af8f007de26da715ed8a95cee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14611
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.betootaadvocate.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		66 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3117026828330450&correlator=2693009189035000&eid=31077978%2C31078704%2C31078750%2C31078787%2C31078789%2C31070233%2C31078662&output=ldjh&gdfp_req=1&vrg=202310090101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=6428571%3A91222893%2Cbetootaadvocate.com-Desktop-Sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&didk=2488237265&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697417829514&lmt=1697387623&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.betootaadvocate.com%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=65793330.1697417828&ga_sid=1697417830&ga_hid=896130630&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDM1MTU4NzcxN2MyOWI2ZGM4NjVlZThhMzEyYmYxNmQ1MzkzODc5MWZjYzVlMmQyNWZlMTgxMWZmNjBhYjdmODkYyrTyr7MxSAASGwoMMzNhY3Jvc3MuY29tGL2x8q-zMUgAUgIIZBI7CgpwdWJjaWQub3JnEiRkNzQ4NjM1Ny1mZmFlLTRmYTItYTFkNC01MDc1ODcxZmEyYjQY-rfyr7MxSAASHQoOZXNwLmNyaXRlby5jb20YvbHyr7MxSABSAghkEhkKCnVpZGFwaS5jb20YvbHyr7MxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVJ6ZEdlbE5WTjNGUk1IbGxSa3RRYzI1eFJqRTJaejA5SW4wPRjatPKvszFIAA..&cbidsp=CqUCCAESFwoHcnViaWNvbhCyCyACUgdydWJpY29uEh0KCnRyaXBsZWxpZnQQqgIgAlIKdHJpcGxlbGlmdBITCgVvcGVueBC8ASACUgVvcGVueBIZCghhcHBuZXh1cxDcByACUghhcHBuZXh1cxIPCgNhbXgQpAcgAlIDYW14Eg0KAml4EIsBIAJSAml4Eg0KAml4EIsBIAJSAml4EhUKBmd1bWd1bRDSAiACUgZndW1ndW0SHwoLanVzdHByZW1pdW0Q8AQgAlILanVzdHByZW1pdW0SFwoHc2VlZHRhZxDrAiACUgdzZWVkdGFnGAIiJDMyNjZjNTU4LTdkYzctNGMzMi1iODg1LTE1NjFlYTE2Y2IxNCoECAMgADIGdjguNi4wQLgXSgA.&dlt=1697417826831&idt=1695&adks=4188313527&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
de72e45b8a4d4fbdc2eea4c174734332b7168789358913a04eadf660d042325d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14284
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.betootaadvocate.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
67483b11274e051c765a5367327c0ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 657D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://67483b11274e051c765a5367327c0ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.161 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s22-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 00:57:10 GMT
expires
Tue, 15 Oct 2024 00:57:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics
api.edkt.io/ 		0
128 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.edkt.io/analytics
Requested by
Host: cdn.edkt.io
URL: https://cdn.edkt.io/7dDzS0/edgekit.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Edkt-Load-Id
2475035d-40b7-48a7-b5fa-3ebac8902ad6
Referer
https://www.betootaadvocate.com/
X-Edkt-Api-Key
rEtH1NV2wMPwBAnnGqBv
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 16 Oct 2023 00:57:10 GMT
via
1.1 google
server
Google Frontend
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
cache-status
uncacheable
vary
Origin
access-control-max-age
86400
content-type
text/html
access-control-allow-origin
https://www.betootaadvocate.com
x-cloud-trace-context
38f5236e31039b035645a33b4e6bce1e
access-control-allow-credentials
true
cache-id
SYD-85eb07e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
analytics
api.edkt.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.edkt.io/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-edkt-api-key,x-edkt-load-id
Access-Control-Request-Method
POST
Origin
https://www.betootaadvocate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-edkt-api-key,x-edkt-load-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.betootaadvocate.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-id
SYD-85eb07e
cache-status
uncacheable
content-length
0
content-type
text/html
date
Mon, 16 Oct 2023 00:57:09 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
ab039a89b4da87fa3b04452a6a410ac7
b-ef0aa10-269dfc27.js
tagan.adlightning.com/valnet-snackmedia/ Frame C25E 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet-snackmedia/b-ef0aa10-269dfc27.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/b-ef0aa10-269dfc27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fed462ba5f158bfc40e78b0f100ffb6768965b63918853a56a980b293313527b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 17:12:33 GMT
content-encoding
gzip
via
1.1 49a6e32d0e77764a9e697970808fdae8.cloudfront.net (CloudFront)
x-amz-version-id
MuITPnSOJ5ofabNjUgFbEAQ1VHuaPTfX
x-amz-cf-pop
SYD1-C1
age
632677
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28139
x-amz-meta-git_commit
ef0aa10
last-modified
Tue, 19 Sep 2023 17:12:21 GMT
server
AmazonS3
etag
"b23e9b5271a340ca4f053d20d75af4b3"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ZrixIdaOYmqfqWOyqAZOssAtvPugF0Cs6x9YaHKxb9Qe_k-gu52_2w==
auction
intake.pbstck.com/v1/intake/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/auction?tId=d280555d-43c9-4617-8a74-e00bdddc2217&c=2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 16 Oct 2023 00:57:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
816c589ebb87aadb-SYD
alt-svc
h3=":443"; ma=86400
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309290141000/ Frame C25E 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:52 GMT
age
459798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56111
x-xss-protection
0
server
sffe
etag
"196a98f213e9af2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:52 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C25E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:52 GMT
age
459798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5226
x-xss-protection
0
server
sffe
etag
"b67abf1ac5d05c62"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:52 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C25E 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:52 GMT
age
459798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29036
x-xss-protection
0
server
sffe
etag
"f80aeafaeae93075"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:52 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C25E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:52 GMT
age
459798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1915
x-xss-protection
0
server
sffe
etag
"5fa0b581892e5d76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:52 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C25E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:52 GMT
age
459798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"f431afcc9b21c868"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:52 GMT
css
fonts.googleapis.com/ Frame C25E 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 00:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 00:16:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 00:57:10 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C25E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f1.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 11:04:03 GMT
x-content-type-options
nosniff
server
cafe
age
49987
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Mon, 16 Oct 2023 11:04:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C25E 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 12:46:07 GMT
x-content-type-options
nosniff
server
cafe
age
43863
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 16 Oct 2023 12:46:07 GMT
l
www.google.com/ads/measurement/ Frame C25E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZi0unxyLz6fluk4366V_PlYpDGtj2aEcJ_ZoktPqH9MGzQQbn2l0O9kBCamktX8l3qLDtguYip_oDg9jyoAviFwJpxA
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/15936407650527714668/ Frame C25E 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15936407650527714668/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f1.1e100.net
Software
sffe /
Resource Hash
a8f5b8eced6782714d0dcabbba53bc1e6d8e205a338848ea22d59dc1b2bd178c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 07:26:44 GMT
x-content-type-options
nosniff
age
495026
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28057
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 04:15:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Oct 2024 07:26:44 GMT
truncated
/ Frame C25E 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C25E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C25E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a3543d5f398aaedb9fbf4bade2f2a74505fcdc2b43f11dcfbc9224c345ce113

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
b-ef0aa10-269dfc27.js
tagan.adlightning.com/valnet-snackmedia/ Frame 1BC7 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/valnet-snackmedia/b-ef0aa10-269dfc27.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/b-ef0aa10-269dfc27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-51.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fed462ba5f158bfc40e78b0f100ffb6768965b63918853a56a980b293313527b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 17:12:33 GMT
content-encoding
gzip
via
1.1 49a6e32d0e77764a9e697970808fdae8.cloudfront.net (CloudFront)
x-amz-version-id
MuITPnSOJ5ofabNjUgFbEAQ1VHuaPTfX
x-amz-cf-pop
SYD1-C1
age
632677
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28139
x-amz-meta-git_commit
ef0aa10
last-modified
Tue, 19 Sep 2023 17:12:21 GMT
server
AmazonS3
etag
"b23e9b5271a340ca4f053d20d75af4b3"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
HwXxijih0v1RrCVcxer0pFQNPsTg6fBCMly4nBmghR9zruiTOAmmDQ==
syncframe
gum.criteo.com/ Frame 55E4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.betootaadvocate.com&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 00:57:10 GMT
server
Kestrel
server-processing-duration-in-ticks
561495
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012309290141000/ Frame 1BC7 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:52 GMT
age
459798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56111
x-xss-protection
0
server
sffe
etag
"196a98f213e9af2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:52 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 1BC7 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:52 GMT
age
459798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5226
x-xss-protection
0
server
sffe
etag
"b67abf1ac5d05c62"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:52 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 1BC7 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:52 GMT
age
459798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29036
x-xss-protection
0
server
sffe
etag
"f80aeafaeae93075"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:52 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 1BC7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:52 GMT
age
459798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1915
x-xss-protection
0
server
sffe
etag
"5fa0b581892e5d76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:52 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 1BC7 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Oct 2023 17:13:52 GMT
age
459798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"f431afcc9b21c868"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 09 Oct 2024 17:13:52 GMT
css
fonts.googleapis.com/ Frame 1BC7 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 00:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 15 Oct 2023 23:14:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 00:57:10 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1BC7 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 12:46:07 GMT
x-content-type-options
nosniff
server
cafe
age
43863
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 16 Oct 2023 12:46:07 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1BC7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en_bl.png
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f1.1e100.net
Software
cafe /
Resource Hash
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 14:08:44 GMT
x-content-type-options
nosniff
server
cafe
age
38906
etag
3004170791804808702
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2980
x-xss-protection
0
expires
Mon, 16 Oct 2023 14:08:44 GMT
l
www.google.com/ads/measurement/ Frame 1BC7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTdEqfUGd0amIqWxcTZE4iJFQabxoHIWfbvlsAznijy1pRP4-Yph273Pz50l_HArl536XPd97N2yi56txQUtDdSElF92A
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C25E 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 11:44:01 GMT
x-content-type-options
nosniff
age
133989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 11:44:01 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/2481029209872049665/ Frame 1BC7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2481029209872049665/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f1.1e100.net
Software
sffe /
Resource Hash
59726d87e72c58a02caa598dae1d09a931f664464849df5c142ebdb5e9f02004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 07:26:45 GMT
x-content-type-options
nosniff
age
495025
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3141
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 00:47:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Oct 2024 07:26:45 GMT
truncated
/ Frame 1BC7 		161 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1BC7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a26fda16b09439f709d82b9ec062fb072289bdcc3248dcd636c1100a8699ae6b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1BC7 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.betootaadvocate.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 11:44:01 GMT
x-content-type-options
nosniff
age
133989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 11:44:01 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1BC7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Redirect headers

date
Mon, 16 Oct 2023 00:57:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame C25E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4aJIZYosZcDqJK7MmsMP3Za7mAKIxcDEc6a9xsD0Ed7ZHhABIJvBxR1gpYCAgJABoAH52O7iKMgBCeACAKgDAcgDCqoEyAJP0DaTGnmPpOoZHJOksMKUQcaQbx9Y_D41ZqEX-Vo7LvgUDg4bTqf9rXRage3D-wTKdqps3iKmdDN_qP0IEJhxGj9Pn-__-1J6zaQOiKrLUiIm_WtKijeZP4eIPrryZKcnNy0Hh2ERqiKC7uedJ9mDJuY2yeMhEmLqd2zi99s8FfE_TCO0GukeSm9b2qF5d0Q7eemVHSf88fMJfH49QEyhX7BsNboAGtHKy2mALKKI5TWhKPox7EijVFjnFEGvJ1xyJOjUIivr1AnIHqlgcjOXilTjxUNgIifrtrldttUORUoEpX1QUlrqLHpFIKiq7Pl83WPBGRQDAaFTJ1DeXkxqMbDSqI0w-cGds7CJaeoLh4Ef4wiZbNiYT_DudEtFNatCX-VKoX-kMepEK-5kgC6XahJPF0z7-oT7r2PplBzSIpnrzgjLl2F-wASksdqYvwTgBAGIBdfjyu5MkgUECAQYAZIFBAgFGASgBi6AB9Dp3q4DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQgdkk0ggUCIBhEAEYHTICigI6AoBASL39wTqaCXlodHRwczovL3Nvcy1wYy5raW5nc2dyb3VwZ2FtZXMuY29tL2dnL2xhbmRpbmctOTgtZW4uaHRtbD91dG1fY2FtcGFpZ249MjA2MzMwMDY1NTEmdXRtX21lZGl1bT0xNTQ0MDIxOTk3MTYmYWQ9Njc2MzU0MDM0MDc3gAoDyAsB2gwQCgoQ4NzIkNfDyZg5EgIBA-INEwjNnpKWrvmBAxUupmYCHV3LDiPYEw3QFQGAFwGyFx4KHAgAEhRwdWItNDEyMTQwNjc0MDkzMjM0Nxj72hE&sigh=fb2Vd9WvjNs&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNs7E77vyAKuPvfmX9hNWd8fI1xNjEWXf-TakSV_95jtXh3M9jywkOBGjGD9XFSxPbUa2CQ7uMcRgB&template_id=5000&cbvp=2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 1BC7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRzbiZYosZcbJN6DGmsMP7Yq2yAjhvYi1c6f1jfnuEdqF3YHDMxABIJvBxR1gpYCAgJABoAHX-caFA8gBAakCE9-0ykEgpT7gAgCoAwHIAwqqBM8CT9B9S5dxRClmnwPyPVeWNPiyJPLiei4UTEh65oDw9y_SOdVU4aZ0Pa3VDJq5ni_8ixZkw1B0KKX3kptmPbxdV11g0dCYZ-t95neSeAVa-boyJ0LQWbvR_2e8_W3bIYJINa_j52FNKEw7oJxVyv5FyRqHdLyTDnr9q9RuS5zTe6V1nNgBgyP0UZMv40CH9U7myCHSJdxkcuADMiDjpOZsRQ9IANTQxmtPMBS_b_ru9Kwq6AIp-zm-QA4mWfrB1jmj_BAKdHMNaMGs558CQPs8o4Cpl9dvmKRM4iZumFeiI1tIgRUICOojwO1NPVg4PItzj9MAQBfYhIXtRRlzTcd5bD0y-AsMF3KYIMjwiaRVDfqbb-egc4SwEEW_iDJs5yVNhRO2-Io_GugdscfmqmU0gWYJZ_YgrFUzFnDsXtapWZnRwT6OS__4JJABREUZAXrABJT848zbBOAEAYgFoZK2x0ySBQQIBBgBkgUECAUYBIAHkYa5eqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJKyDtIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgk1aHR0cHM6Ly93d3cudGFuZ2VyaW5ldGVsZWNvbS5jb20uYXUvbmJuL25ibi1icm9hZGJhbmSACgPICwHaDBAKChDwmYukic_v_UkSAgED4g0TCM_8l5au-YEDFSCjZgIdbYUNidgTDYgUA9AVAZgWAYAXAbIXHgocCAASFHB1Yi00MTIxNDA2NzQwOTMyMzQ3GPvaEQ&sigh=7aoaWjxbtr0&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNWuyJ2srmVk91sLihy6b08OvWP8DSJLDooKkeRKhMDCsgHyK8wvU3xnLw4Dc2DMQMgpquUfwuGAE&template_id=5001&cbvp=2
Requested by
Host: www.betootaadvocate.com
URL: https://www.betootaadvocate.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 55E4 		443 B
568 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=betootaadvocate.com&sn=ChromeSyncframe&so=0&topUrl=www.betootaadvocate.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.betootaadvocate.com&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
c69aafddc08710be73496c338fceccbf98610549f80261fe35615a4a95dd7056
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.betootaadvocate.com&gdpr=0&gdpr_consent=&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1594579
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090101/pubads_impl.js?cb=31078750
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
14f475e4054dc033cccc4e0bf37234b8cf5981a00a357dc1a77a60ecab80f66f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11976
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 16 Oct 2023 00:57:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C25E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscDNEWeOzhKlk8ap9S0lOc97VzpPp8yG-LtW3te3boIfLQyll-9UYy_ne840yTrv2tZQ7oTUz_uARGhdFoCDn1JTbL6Jd15wO1R0No2F81T26JkKuwg11d-UBkVZsneIMwFPflkVR2JA&sai=AMfl-YQwGMFB9DsA4ydgxdlHcKeKjWz95NHFxFDjEIlweiW8jdqgn1pYI8FEpBi6sfWYbQEXFjZbNndNhUa2a46liNz3GcDjOVtG97cucrHfdfS0ZPW3o62wEMcjmidD&sig=Cg0ArKJSzAexNjfQgapuEAE&cid=CAQSPADICaaNs7E77vyAKuPvfmX9hNWd8fI1xNjEWXf-TakSV_95jtXh3M9jywkOBGjGD9XFSxPbUa2CQ7uMcRgB&id=ampim&o=315,190&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=852&tls=1852&g=100&h=100&tt=1853&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1BC7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0_BBDZsTjhaaPIceD--fAWdkefhtSR2m5FBXvPJaF1_AHySoB7P9mNjsFBY1xnbXI2wO1W7QygEBjuX67tl9q1UiRX6yXuU3E2pbYnD3F1GEsZM5ZkYuI0VdizMQ7t93XQ2BYL8s6gw&sai=AMfl-YT1le2GuMVj1JRDlxmgfVikrt_959JbBlYA_wiV009gOYqiv7tXqt8uCPSIv9xOj870Y1-cz8LusxpG0jMrnt7A4ysFtn-csB-CJArN-foJHOMXrQ13g_ITrNI&sig=Cg0ArKJSzPsPEGJ61AjhEAE&cid=CAQSOwDICaaNWuyJ2srmVk91sLihy6b08OvWP8DSJLDooKkeRKhMDCsgHyK8wvU3xnLw4Dc2DMQMgpquUfwuGAE&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1017&mtos=0,0,1017,1017,1017&tos=0,0,1017,0,0&tfs=545&tls=1562&g=100&h=100&tt=1562&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 20E3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
43967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 15 Oct 2023 12:44:25 GMT
expires
Mon, 14 Oct 2024 12:44:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DE82 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f4.1e100.net
Software
GSE /
Resource Hash
3166495759173f1ec421b49684ac35e715870639916515ca0772426bdb79268d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xbpf9ELwOStsWMTCN945gA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-xbpf9ELwOStsWMTCN945gA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 00:57:12 GMT
expires
Mon, 16 Oct 2023 00:57:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 20E3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 12:21:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
45369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Oct 2024 12:21:03 GMT
generate_204
tpc.googlesyndication.com/ Frame 20E3 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CUqaUA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame DE82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310090101&jk=3117026828330450&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.betootaadvocate.com%2F&domain=www.betootaadvocate.com&cw=1&pbt=1&lsw=1&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.betootaadvocate.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 16 Oct 2023 00:57:13 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
383281
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		474 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.betootaadvocate.com%2F&domain=www.betootaadvocate.com&cw=1&pbt=1&lsw=1&gdpr=0
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0fed184c46fcbc337ae224a99364cb9ff795b5c825f642f96565dc47b08e1b9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
765418
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		141 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=269&_it=prebid
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6123255ebd752ae68bf7a6b608c7eab22d39f678f875727d7914880245cea05

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Oct 2023 00:57:12 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
816c58af39f1dfb5-SYD
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		135 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
ffa8224d00f5beeb81f99ee4320499e896e07cf2dfa3690db9f0351d285bb62b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.betootaadvocate.com
date
Mon, 16 Oct 2023 00:57:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		152 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&c=17227
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.186.142 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-186-142.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b4dbfeeadd90ab0e35d5ee417185835f74cc08635e1bfbcf9e29c44fed57a5d1

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:12 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache
x-server
10.42.3.6
access-control-allow-credentials
true
content-length
152
expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame D9D9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.52.98 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-52-98.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 16 Oct 2023 00:57:12 GMT
ETag
"623de86a-cf34"
Expires
Tue, 17 Oct 2023 00:57:14 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
usync.html
eus.rubiconproject.com/ Frame E87F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Oct 2023 00:57:12 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
snackmedia-d.openx.net/w/1.0/ Frame AD68 		458 B
609 B 		Document
General
Check archive.org
Download Go to
Full URL
https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ce74de0d00a75934edad3801e57874c463d031f4cb0111e927fec2ff8074d779

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
294
content-type
text/html
date
Mon, 16 Oct 2023 00:57:12 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame 36C2
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
9ba7fe60f7251f35dd15a59a1d4cc5f856be473241f498f9ec0edc0b1606f99d

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1300
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:57:12 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 16 Oct 2023 00:57:12 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs.html
cs.seedtag.com/ Frame 1B8F 		51 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92627de3f8247ba3779c04c97da834843cd2ce0f9b8bcbc90d5de669286c1812

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
581
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
816c58ad3c1aa817-SYD
content-encoding
br
content-type
text/html
date
Mon, 16 Oct 2023 00:57:12 GMT
etag
W/"2ff9eb522fbbcad21bb6774305a2a0c2"
expires
Tue, 17 Oct 2023 00:57:12 GMT
last-modified
Mon, 17 Jul 2023 13:43:40 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1689601420843860
x-goog-hash
crc32c=DckRUw== md5=L/nrUi+7ytIbtndDBaKgwg==
x-goog-metageneration
2
x-goog-storage-class
REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
15461
x-guploader-uploadid
ADPycdsj2bcNPOk31Tzj8udQkBY6nrW7rcv6KR7_lPk-ISnP3MfiQVDGMr3vuFX0yHi9uOom8tL27B3MJumSJaVcKyzfuw
ixmatch.html
js-sec.indexww.com/um/ Frame 68C4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
793
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
816c58ad3f1fa832-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 00:57:12 GMT
expires
Mon, 16 Oct 2023 04:57:12 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 3B21 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ai2fesp1697417828663
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.16.177 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-16-177.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
04113df1ffb14d915c6e87aade072de6b5ae9783b26534c0d1f8190264fb6449

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
public, no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:57:12 GMT
isyn
prebid.a-mo.net/ Frame 5A8F 		2 KB
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=_e%3DCs8BShd3d3cuYmV0b290YWFkdm9jYXRlLmNvbVILYWFzLTA3ZmFkNmRaCHBiYTEuMy4zahd3d3cuYmV0b290YWFkdm9jYXRlLmNvbfoBBTguNi4w6AIBiAPklLKpBqgDMeoDJDQ2YWM4MWM1LTBmYzgtNGIxMS1hNmRkLTIyMTMyNzJkNDgxZKoEA0RDSLIFA1VTRNIFCTEwNTE5OTU0NtgFAOAFAeoFB2Rlc2t0b3D6BQNzZ3CqBwN3ZWLKBxNiZXRvb3RhYWR2b2NhdGUuY29t
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
9433f59f632df52f8acc2b5eada79d9d814eaf4a7556b8b2067cbd1f765974a5

Request headers

Referer
https://www.betootaadvocate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
692
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:57:12 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
2
6.gif
id5-sync.com/c/441/10/4/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=a_17a068b9-2506-452e-8528-92c1030417e1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=a_17a068b9-2506-452e-8528-92c1030417e1&gdpr=0&gdpr_consent=&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&ttl=%%TTL%%
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/7/3.gif?puid=5075661259466851363&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/6/4.gif?puid=6e2316d0-c22f-4adf-a705-4cae62777e14&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/112/5/5.gif?puid=CF330F8898FA48C3&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F10%2F4%2F6.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/441/10/4/6.gif?puid=6226166435111640801&gdpr=0&gdpr_consent=
0
0
usync.js
eus.rubiconproject.com/ Frame E87F 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9e7b5f7f2437b40f376000a5d11f20b0e4e958363239915d054c071d5bfc492e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:12 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Oct 2023 23:48:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82256
Connection
keep-alive
Content-Length
10838
Expires
Mon, 16 Oct 2023 23:48:08 GMT
khaos.json
token.rubiconproject.com/ Frame E87F 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
usync.html
eus.rubiconproject.com/ Frame ED7D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Oct 2023 00:57:12 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 16 Oct 2023 00:57:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
server
AkamaiGHost
CookieSync.html
csync.smartadserver.com/rtb/csync/ Frame 3F6F 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.5.111 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-5-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Mon, 16 Oct 2023 00:57:12 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524912.090457"
Last-Modified
Tue, 22 Feb 2022 09:59:55 GMT
Server
AkamaiNetStorage
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AD33 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.54.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-54-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157194
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 16 Oct 2023 00:57:12 GMT
expires
Tue, 17 Oct 2023 20:37:06 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 65B4
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1697417832589&pubconsent=&euconsent=&hasConsent=1
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1697417832589&pubconsent=&euconsent=&hasConsent=1&rd=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1697417832589&pubconsent=&euconsent=&hasConsent=1&rd=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
c634ffc44a7cfef297050fd5b5da23126abe7ef12f5e04f9ccb66d63972ed1e1

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 00:57:06 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 00:57:06 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1697417832589&pubconsent=&euconsent=&hasConsent=1&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
/
hde.tynt.com/deb/ Frame 021B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
4441d80afe22505a2610228b3133b20fb8e227a60bcf2f34c61e52299ddf8fa3

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2147
content-type
text/html
date
Mon, 16 Oct 2023 00:57:13 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
isync
visitor.omnitagjs.com/visitor/ Frame E297 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
942ccdff9127e824951b7e783a5f2a45e01aa2eeb218d7a195c8f33713304a0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1447
content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 00:57:12 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
10
/
onetag-sys.com/usync/ Frame 3EC6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75601b04186d260
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
56260e98153310a37d99e5366a5a03ca3bd1828e2c565a384aea598a0f07070b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1410
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sharethrough
s.seedtag.com/cs/cookiesync/ Frame ED26
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=
  • https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=373ae8a6-baf2-488c-964f-e3b797688c13&gdpr=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=373ae8a6-baf2-488c-964f-e3b797688c13&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Oct 2023 00:57:13 GMT
server
openresty
via
1.1 google

Redirect headers

content-length
0
date
Mon, 16 Oct 2023 00:57:12 GMT
location
https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=373ae8a6-baf2-488c-964f-e3b797688c13&gdpr=0
pulsepoint
s.seedtag.com/cs/cookiesync/ Frame C687
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=7umE1zY5M5Mb&ev=1&us_privacy=&pid=562983
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=7umE1zY5M5Mb&ev=1&us_privacy=&pid=562983
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Oct 2023 00:57:13 GMT
server
openresty
via
1.1 google

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-AU
cw-server
bh-deployment-6965b64474-5vh9p
expires
-1
location
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=7umE1zY5M5Mb&ev=1&us_privacy=&pid=562983
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
s
s.seedtag.com/cs/st/ Frame 1B8F 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/st/s
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
appnexus
s.seedtag.com/cs/cookiesync/ Frame 1B8F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.seedtag.com%252Fcs%252Fcookiesync%252Fappnexus%253Fchanneluid%253D%2524UID
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=5075661259466851363
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=5075661259466851363
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
an-x-request-uuid
72631abc-80e2-4b8b-a935-286ea8ad1a4f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=5075661259466851363
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
smart
s.seedtag.com/cs/cookiesync/ Frame 1B8F
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=2759474869957114172
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/smart?channeluid=2759474869957114172
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/smart?channeluid=2759474869957114172
pragma
no-cache
date
Mon, 16 Oct 2023 00:57:12 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
outbrain
s.seedtag.com/cs/cookiesync/ Frame 1B8F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/seedtag?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__&gdpr=0&gdpr_consent=&puid=&s=2&us_privacy=
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=m19d6agvBvIUqlyQe-0Y&gdpr=0
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=m19d6agvBvIUqlyQe-0Y&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:14 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=m19d6agvBvIUqlyQe-0Y&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
110
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ttd
s.seedtag.com/cs/cookiesync/ Frame 1B8F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9
date
Mon, 16 Oct 2023 00:57:12 GMT
server
Kestrel
content-length
205
sync
x.bidswitch.net/ Frame 1B8F 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
partner
sync.search.spotxchange.com/ Frame 1B8F 		0
0
/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame 1B8F
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=7df2bf99-4cce-4b35-8f6d-1zz1697417826
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=fafbc36c-fc76-42d0-9db7-6e7009269545&gdpr=0&gdpr_consent=&us_ps=
95 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=fafbc36c-fc76-42d0-9db7-6e7009269545&gdpr=0&gdpr_consent=&us_ps=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/png
date
Mon, 16 Oct 2023 00:57:07 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=fafbc36c-fc76-42d0-9db7-6e7009269545&gdpr=0&gdpr_consent=&us_ps=
Date
Mon, 16 Oct 2023 00:57:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
partner
sync.search.spotxchange.com/ Frame 1B8F 		0
0
improvedigital
s.seedtag.com/cs/cookiesync/ Frame 1B8F
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=fde05a54-b1ff-4f44-b17c-d6ff99e61875
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=fde05a54-b1ff-4f44-b17c-d6ff99e61875
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=fde05a54-b1ff-4f44-b17c-d6ff99e61875
access-control-allow-origin
*
date
Mon, 16 Oct 2023 00:57:12 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
indexexchange
s.seedtag.com/cs/cookiesync/ Frame 1B8F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D&s=191730&C=1
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZSyKaFaZJ5uzO69AjJMJsgAA%264689
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZSyKaFaZJ5uzO69AjJMJsgAA%264689
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:12 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SX5LQnRdX7VNKemnjcieCFQSMwF4R%2F2zmWBU%2FP17Bx3%2B9g4LcD2q78s1wa72NHI0FbylHXVmUkyyCDo%2Ft9I4R%2FMdzAzFzp62f%2Bktxg3NPKPvn6oMa0RWcJZtwjj4tlbbePy1znpO6kEHHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZSyKaFaZJ5uzO69AjJMJsgAA%264689
cache-control
no-cache
cf-ray
816c58ae796aa87a-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
verizon
s.seedtag.com/cs/cookiesync/ Frame 1B8F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58427/occ
  • https://ups.analytics.yahoo.com/ups/58427/occ?verify=true
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-IkGBgDpE2uETaHJdE_dTXbvnLXPEf_I3nZkHLBY-~A
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-IkGBgDpE2uETaHJdE_dTXbvnLXPEf_I3nZkHLBY-~A
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-IkGBgDpE2uETaHJdE_dTXbvnLXPEf_I3nZkHLBY-~A
date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
cm.adform.net/ Frame 1B8F 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
server
nginx
content-length
43
content-type
image/gif
sovrn
s.seedtag.com/cs/cookiesync/ Frame 1B8F
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID&sovrn_retry=true
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=Hfi5BLZH3VP7iV2ZSI6qy0Rc
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=Hfi5BLZH3VP7iV2ZSI6qy0Rc
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Date
Mon, 16 Oct 2023 00:57:13 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=Hfi5BLZH3VP7iV2ZSI6qy0Rc
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
openx
s.seedtag.com/cs/cookiesync/ Frame 1B8F
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=9a441546-3ed6-486e-925b-d8c09a65b6a7
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/openx?channeluid=9a441546-3ed6-486e-925b-d8c09a65b6a7
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

date
Mon, 16 Oct 2023 00:57:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://s.seedtag.com/cs/cookiesync/openx?channeluid=9a441546-3ed6-486e-925b-d8c09a65b6a7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
yeahmobi
s.seedtag.com/cs/cookiesync/ Frame 1B8F
Redirect Chain
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid=
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mk58226aef9f604bae87d2b1ab7a1cbac9
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mk58226aef9f604bae87d2b1ab7a1cbac9
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mk58226aef9f604bae87d2b1ab7a1cbac9
date
Mon, 16 Oct 2023 00:57:13 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
rtbhouse
s.seedtag.com/cs/cookiesync/ Frame 1B8F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=seedtag
  • https://creativecdn.com/cm-notify?pi=seedtag&tc=1
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=b20ExNmGsBp9gNoCufSc&pi=seedtag&tc=1
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=b20ExNmGsBp9gNoCufSc&pi=seedtag&tc=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=b20ExNmGsBp9gNoCufSc&pi=seedtag&tc=1
pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT, Mon, 16 Oct 2023 00:57:14 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
opera
s.seedtag.com/cs/cookiesync/ Frame 1B8F
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPUd54849fa7aa14078b94be5fe5d2e7668
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPUd54849fa7aa14078b94be5fe5d2e7668
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPUd54849fa7aa14078b94be5fe5d2e7668
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
111
expires
Mon, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame ED7D 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9e7b5f7f2437b40f376000a5d11f20b0e4e958363239915d054c071d5bfc492e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:12 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Oct 2023 23:48:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82256
Connection
keep-alive
Content-Length
10838
Expires
Mon, 16 Oct 2023 23:48:08 GMT
pxd
dps.jp.cinarra.com/ Frame AD68 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=1&USER_ID=aeafd110-f9b8-86f7-ceca-d950691af9e9
Requested by
Host: snackmedia-d.openx.net
URL: https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.206.55.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-206-55-56.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://snackmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:12 GMT
content-length
0
5cda2a54-77c1-eef2-f515-7df105d18b5e
pr-bh.ybp.yahoo.com/sync/openx/ Frame AD68 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/5cda2a54-77c1-eef2-f515-7df105d18b5e?gdpr=0
Requested by
Host: snackmedia-d.openx.net
URL: https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.129.164 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-129-164.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://snackmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
openx
cs.nex8.net/cs/ Frame AD68 		0
0
dds
rtb.openx.net/sync/ Frame AD68
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=F0vGLE7rxZUitiezKZ98rQ==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: snackmedia-d.openx.net
URL: https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://snackmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:12 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame AD68 		43 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by
Host: snackmedia-d.openx.net
URL: https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://snackmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:13 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
expires
-1
sd
us-u.openx.net/w/1.0/ Frame AD68
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3560998159019865705&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3560998159019865705&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: snackmedia-d.openx.net
URL: https://snackmedia-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://snackmedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3560998159019865705&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
PugMaster
image6.pubmatic.com/AdServer/ Frame AD33 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47784842&p=157743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
fe5b18d5a1533bfd1c441135aa8e4f401de5eaf3af16dd8abaadae1d66c076f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 16 Oct 2023 00:57:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.json
token.rubiconproject.com/ Frame ED7D 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
jp
rtb.gumgum.com/usync/ Frame 8DE5 		2 KB
914 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ai2fesp1697417828663
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.112.79 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-112-79.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0b1e4cdf8bdc12d82290ec2d664510181e621c3383650633696330d1c1672fd8

Request headers

Referer
https://pre.ads.justpremium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 16 Oct 2023 00:57:12 GMT
etag
W/"0e704130580d9ebbe57103199edcac76e"
server
nginx
timing-allow-origin
*
gg
match.justpremium.com/match/ Frame 3B21
Redirect Chain
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&us_privacy=
  • https://match.justpremium.com/match/gg?jp_uid=r-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666&ex_uid=a_17a068b9-2506-452e-8528-92c1030417e1
43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/gg?jp_uid=r-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666&ex_uid=a_17a068b9-2506-452e-8528-92c1030417e1
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ai2fesp1697417828663
Protocol
H2
Server
13.113.16.177 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-16-177.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pre.ads.justpremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:12 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://match.justpremium.com/match/gg?jp_uid=r-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666&ex_uid=a_17a068b9-2506-452e-8528-92c1030417e1
date
Mon, 16 Oct 2023 00:57:12 GMT
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-AU
bounce
ib.adnxs.com/ Frame D9D9
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Protocol
H2
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
an-x-request-uuid
f8dd72b5-fc2a-4428-a9db-f7acc787f717
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:12 GMT
an-x-request-uuid
0c988e62-53cd-4058-b788-94288656eb6e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310090101&jk=3117026828330450&bg=!-_il-LfNAAbFpEfJ5aQ7ADQBe5WfOOeQ1G-V7QYbVpnpiD0XG-a2b1s1LNLQhTy4tK5iiOwNxwrRKEpDZ8L2C0lrgBBgAgAAAD5SAAAABmgBB5kDBP0HAiA-SMh21t72jyJKIRARb7zaUmLb8JwyflarppgMarNQe47D4ogq3w7mx4Pw-x3EyKxbYLlkOjVjuThkZQIkfS6zHYfPckz9BZbgNwlQeOvgSi8qQFvbl5kTpEDsug6TSZTmgot5RlmKfRlotmlFRuhpCsJ8-Krh41T2c76J5GuYgwdmIzmb7WYvEkZlXv4nDOTsK1Wpt_KWhMRoDszfF1BnLmMjQ8qSFTLASG-8w0iNHIhlvSecmJO-M9ecQt4eAcGILdKVSsQJ-TehGcG9qSkJhV7Cdt5m1Hm_c9p4qcnRtWC9SFIC1wLWjAWLQp9Y6-FSJXZEReMRuVM1LmJmZO8AYCJZ9LPxhmefxCTfjmps4JJ2PlWYv8BYt29AYPTzJupfMa-Oty8F2DErr03rnysvVz18SfH2z4SmztlugWqTEKbUctzSKfmIF6JVXbHmwmErsu1HRDgxw04kgCwvfqRL5F62MCwzNV0a-w8XCy1FVg_IId9Hw7pvtWkQvGlqfu7Uv9hqW2VG9ex6cyVNnDQbrYda-VvUtNYs-eoIGLRJdXy_ooaOEpkrice1tjbarQTVYWANWXbpPswPFVQjrd-5N_KP-Ol2iQEoPkDaac2Rh7Jp0WnH_-OI0Oc9fScAa7vG_w9u2PsqtJXk27JEXY7lx_z-GDB600sQ5N3BXshS_SsXDY49OA8J0xA-XQvrUUjXZAtuLlKjewXoCeq5VbbQAYAhfLpEkD-i8f9OeVydTOWZOk-EjXOvPIRjmt8vxnL7_b1l5hKg0aAUZN1KhGLYmSbR7nlsUR4boccHLKr-x9om-8062vaUOLEJjT5XIDDwSltd8nPXDe_skgYZbfUzOI6TpEBlPJeY_B56l_1coKyd5O-fC1XmdKzzBo5ies7a0vFwTWdMhAD3N7W5u2IoOpV-A70C9RTrgPag20aAG8OwZZTE1MjA4NX_Eokt4TCl-dcQD-x7QR7Jj8pPfvyUnycKoGG1Pb3r6HSmuOeZWB1vIab2qRx-SB6OKoRDjPY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.betootaadvocate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
cframe.js
assets.a-mo.net/js/ Frame 5A8F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=_e%3DCs8BShd3d3cuYmV0b290YWFkdm9jYXRlLmNvbVILYWFzLTA3ZmFkNmRaCHBiYTEuMy4zahd3d3cuYmV0b290YWFkdm9jYXRlLmNvbfoBBTguNi4w6AIBiAPklLKpBqgDMeoDJDQ2YWM4MWM1LTBmYzgtNGIxMS1hNmRkLTIyMTMyNzJkNDgxZKoEA0RDSLIFA1VTRNIFCTEwNTE5OTU0NtgFAOAFAeoFB2Rlc2t0b3D6BQNzZ3CqBwN3ZWLKBxNiZXRvb3RhYWR2b2NhdGUuY29t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.158.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d7f9289b9e9b768f4add47941d29f127d5e3343774de111f7e68a9af81e33f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 f7807c0a57cfa18eb5f00429067b5f6a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
SYD1-C1
age
488
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 13 Oct 2023 17:01:58 GMT
server
cloudflare
etag
W/"d89490fe715814f9971fe560ac2c7b5c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
816c58b09feea864-SYD
x-amz-cf-id
8LtNDYiaa3a49Fg4uDyp29VgqhsOyjU18EOPwmIVtnx_GZuUIxriWg==
expires
Mon, 16 Oct 2023 01:57:13 GMT
usersync
usersync.gumgum.com/ Frame 8DE5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5639593178088201720
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5639593178088201720
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
an-x-request-uuid
d2ca3b48-bede-4640-9015-a58c07ae7628
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5639593178088201720
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 8DE5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_17a068b9-2506-452e-8528-92c1030417e1&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=a_17a068b9-2506-452e-8528-92c1030417e1&gdpr=0&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6226166435111640801&ssp=gumgum2
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=6226166435111640801&ssp=gumgum2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=6226166435111640801&ssp=gumgum2
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync
usersync.gumgum.com/ Frame 8DE5
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=3f20e860-cf78-44ed-a3b9-7be932d64751
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=3f20e860-cf78-44ed-a3b9-7be932d64751
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 16 Oct 2023 00:57:12 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=3f20e860-cf78-44ed-a3b9-7be932d64751
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 8DE5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f$ip$66.203.112.168
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f$ip$66.203.112.168
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f$ip$66.203.112.168
Date
Mon, 16 Oct 2023 00:57:13 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 8DE5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-m836n.1E2pdjgPX1MOHGzV5kZ6VrRao_BU_L~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-m836n.1E2pdjgPX1MOHGzV5kZ6VrRao_BU_L~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-m836n.1E2pdjgPX1MOHGzV5kZ6VrRao_BU_L~A
content-length
0
usersync
usersync.gumgum.com/ Frame 8DE5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=9b82c21a-74a1-4391-92a0-9f9bc7e04753
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=9b82c21a-74a1-4391-92a0-9f9bc7e04753
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=9b82c21a-74a1-4391-92a0-9f9bc7e04753
Date
Mon, 16 Oct 2023 00:57:13 GMT
Connection
keep-alive
X-CI-RTID
b4b1b9c4-810e-441f-be3b-c228719f6678
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame D31B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=6226166435111640801&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=6226166435111640801&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.112.79 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-112-79.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Mon, 16 Oct 2023 00:57:13 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=6226166435111640801&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersync
usersync.gumgum.com/ Frame CBE2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZSyKaQAU38MioQBV
  • https://usersync.gumgum.com/usersync?b=atm&i=ZSyKaQAU38MioQBV&gdpr=0&gdpr_consent=&_test=ZSyKaQAU38MioQBV
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZSyKaQAU38MioQBV&gdpr=0&gdpr_consent=&_test=ZSyKaQAU38MioQBV
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 16 Oct 2023 00:57:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZSyKaQAU38MioQBV&gdpr=0&gdpr_consent=&_test=ZSyKaQAU38MioQBV
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-bfi-krnt7300061-BFI
x-timer
S1697417833.416254,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 6061 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8xN2EwNjhiOS0yNTA2LTQ1MmUtODUyOC05MmMxMDMwNDE3ZTE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 00:57:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E363 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.54.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-54-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157194
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 16 Oct 2023 00:57:12 GMT
expires
Tue, 17 Oct 2023 20:37:06 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 0A57
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=b8d71d56-3008-45a7-be15-ac3dbb11b4d9
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=b8d71d56-3008-45a7-be15-ac3dbb11b4d9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.38.203.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-203-118.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 16 Oct 2023 00:57:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Mon, 16 Oct 2023 00:57:12 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=b8d71d56-3008-45a7-be15-ac3dbb11b4d9
server
Kestrel
xuid
eb2.3lift.com/ Frame 36C2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 16 Oct 2023 00:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&dongle=0cfd&gdpr=0&gdpr_consent=
date
Mon, 16 Oct 2023 00:57:12 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 36C2
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjg5MzY0NTM0MzYwNzEwMTk0NDIxOQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 36C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOIkoWv_sCoF6AzEAn83hMM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOIkoWv_sCoF6AzEAn83hMM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOIkoWv_sCoF6AzEAn83hMM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 36C2
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjg5MzY0NTM0MzYwNzEwMTk0NDIxOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjg5MzY0NTM0MzYwNzEwMTk0NDIxOQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjg5MzY0NTM0MzYwNzEwMTk0NDIxOQ%3D%3D
date
Mon, 16 Oct 2023 00:57:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 36C2 		0
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2893645343607101944219&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: D4E1B265103D409FB2600954DDAEA9FF Ref B: SYD03EDGE0711 Ref C: 2023-10-16T00:57:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYHyuL9xeh915cVfIlrdA==
xuid
eb2.3lift.com/ Frame 36C2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2893645343607101944219?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-eG_o_nFE2oRAZSIttKlnFxy_3tq.httag9y44dkphA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eG_o_nFE2oRAZSIttKlnFxy_3tq.httag9y44dkphA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-eG_o_nFE2oRAZSIttKlnFxy_3tq.httag9y44dkphA--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame 36C2 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2893645343607101944219&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:12 GMT
last-modified
Wed, 30 Aug 2023 15:12:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2C0238EEBB624171B5AB526B93BC3813 Ref B: SYD03EDGE0908 Ref C: 2023-10-16T00:57:13Z
etag
"4b119d5f54dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
sync
x.bidswitch.net/ Frame 36C2 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=2893645343607101944219&gdpr=0&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame 36C2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=3415b3bb-e415-40cd-af3f-c60ad2f4b03a&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=3415b3bb-e415-40cd-af3f-c60ad2f4b03a&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=3415b3bb-e415-40cd-af3f-c60ad2f4b03a&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1934495
content-length
0
expires
Mon, 16 Oct 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 36C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5075661259466851363&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5075661259466851363&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
an-x-request-uuid
e6da16bc-a202-4b1c-a185-51f27832b0df
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=5075661259466851363&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 3F6F 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.97.24 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-97-24.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2023 08:27:40 GMT
Server
AkamaiNetStorage
ETag
"9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3066
CookieSync.min.js
csync.smartadserver.com/rtb/csync/ Frame 3F6F 		74 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.5.111 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-5-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Sep 2023 14:59:02 GMT
Server
AkamaiNetStorage
ETag
"2e7af823a6191edd63dbc7a8121f87fb:1694531219.530885"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
TemplatePool.min.js
csync.smartadserver.com/rtb/csync/ Frame 3F6F 		148 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.5.111 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-5-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
14a32594b479cf64cb7525d2b3a369076e0b8b048f96bfb0222799ddd8ec949c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Sep 2023 14:59:02 GMT
Server
AkamaiNetStorage
ETag
"745875b7aa8e6449073842688e9dec51:1694531219.892985"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4013
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a0...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=5587116499149563320&gdpr=0&gdpr_consent=&gdpr=0&gd...
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=5587116499149563320&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
an-x-request-uuid
7c2f1a25-067c-49d7-817f-cf5f16978207
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=5587116499149563320&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%2...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=5587116499149563320&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=5587116499149563320&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
12
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
an-x-request-uuid
16fd3f7b-63bb-4c28-b623-6070a48ad131
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=5587116499149563320&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ayl_pixel
api-2-0.spot.im/pixels/ Frame E297 		0
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=b4550e330d15234e4f8764af61e3bc1b
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-22.syd1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 bc447bebac6752b9d1351a9e5ee7d13a.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SYD1-C1
x-amz-cf-id
jgpavuebSI9Tkf4uakWyOLZTA_vUHJ3kiu6TEDY5H09DDJrv9VbcwQ==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=b20ExNmGsBp9gNoCufSc&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=b20ExNmGsBp9gNoCufSc&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=b20ExNmGsBp9gNoCufSc&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT, Mon, 16 Oct 2023 00:57:14 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame E297
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adyoulike
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6226166435111640801&ssp=adyoulike
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=6226166435111640801&ssp=adyoulike
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=6226166435111640801&ssp=adyoulike
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
visitor.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&name=THE_TRADE_DESK
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&name=THE_TRADE_DESK
date
Mon, 16 Oct 2023 00:57:13 GMT
server
Kestrel
content-length
319
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De770...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=204610120d167e27a256941f5f293d02&gdpr=0&gdpr_consent=
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=204610120d167e27a256941f5f293d02&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
33
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

date
Mon, 16 Oct 2023 00:57:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=204610120d167e27a256941f5f293d02&gdpr=0&gdpr_consent=
access-control-allow-credentials
true
cf-ray
816c58b0c975a80e-SYD
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
aul
match.prod.bidr.io/cookie-sync/ Frame E297
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
52.195.78.103 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-78-103.ap-northeast-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
3b4790db39169dba45a44fd79ec37da5557302627546df0adcde836570ace0bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
20
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
Date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26v...
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26v...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=VCys-l-RAZ9kUgc8b9US&gdpr=0&gdpr_consent=&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=VCys-l-RAZ9kUgc8b9US&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:14 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=VCys-l-RAZ9kUgc8b9US&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
225
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=fd13e023-64bf-44ea-b5cf-ccb761b67e78%20&gdpr_consent=null&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=fd13e023-64bf-44ea-b5cf-ccb761b67e78%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=fd13e023-64bf-44ea-b5cf-ccb761b67e78 &gdpr_consent=null&gdpr=0
date
Mon, 16 Oct 2023 00:57:13 GMT
server
_
content-length
0
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visi...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visi...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
13
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
date
Mon, 16 Oct 2023 00:57:14 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09af220400e5db26fc5a9bbe&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09af220400e5db26fc5a9bbe&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09af220400e5db26fc5a9bbe&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
date
Mon, 16 Oct 2023 00:57:13 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f$ip$66.203.112.168&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f$ip$66.203.112.168&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f$ip$66.203.112.168&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Mon, 16 Oct 2023 00:57:13 GMT
Connection
keep-alive
Content-Length
220
Content-Type
text/html; charset=utf-8
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNT...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=574ddaf9-ee0c-4886-baae-c3a5fda8fb00&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=574ddaf9-ee0c-4886-baae-c3a5fda8fb00&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
server
nginx
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=574ddaf9-ee0c-4886-baae-c3a5fda8fb00&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=be258935-74d9-5421-bf81-3ac2daadb0ab&name=BETWEENX&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=be258935-74d9-5421-bf81-3ac2daadb0ab&name=BETWEENX&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=be258935-74d9-5421-bf81-3ac2daadb0ab&name=BETWEENX&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pixel
ap.lijit.com/ Frame E297 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.152 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Oct 2023 00:57:13 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45...
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=68e8858b45a741eda0255d861458facf&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=68e8858b45a741eda0255d861458facf&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Date
Mon, 16 Oct 2023 00:57:14 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=68e8858b45a741eda0255d861458facf&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
sync
visitor.omnitagjs.com/visitor/ Frame E297
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=ae692575-cb43-40cd-8383-cc19d0721a79&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=ae692575-cb43-40cd-8383-cc19d0721a79&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

x-servername
track003-sjc
pragma
no-cache
date
Mon, 16 Oct 2023 00:56:39 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=ae692575-cb43-40cd-8383-cc19d0721a79&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control
private,no-cache
content-length
315
expires
-1
711333.gif
id.rlcdn.com/ Frame E297 		42 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usync.html
eus.rubiconproject.com/ Frame 5676
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Oct 2023 00:57:13 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 1144
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Oct 2023 00:57:13 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 2B01
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Oct 2023 00:57:13 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 3BB1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
3c0ff616c4a4ba55ac39879cf07c33751bb4f794e56314d63a92e55cda47802a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1435
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame D2A6 		899 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
565242a8db7c60f6e17b44e7e38f6ea5c14f1e217a1e69fb869316a5d80b854e

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
899
content-type
text/html
date
Mon, 16 Oct 2023 00:57:12 GMT
usync.js
eus.rubiconproject.com/ Frame 2B01 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9e7b5f7f2437b40f376000a5d11f20b0e4e958363239915d054c071d5bfc492e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Oct 2023 23:48:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82255
Connection
keep-alive
Content-Length
10838
Expires
Mon, 16 Oct 2023 23:48:08 GMT
usync.js
eus.rubiconproject.com/ Frame 5676 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9e7b5f7f2437b40f376000a5d11f20b0e4e958363239915d054c071d5bfc492e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Oct 2023 23:48:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82255
Connection
keep-alive
Content-Length
10838
Expires
Mon, 16 Oct 2023 23:48:08 GMT
usync.js
eus.rubiconproject.com/ Frame 1144 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9e7b5f7f2437b40f376000a5d11f20b0e4e958363239915d054c071d5bfc492e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Oct 2023 23:48:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82255
Connection
keep-alive
Content-Length
10838
Expires
Mon, 16 Oct 2023 23:48:08 GMT
khaos.json
token.rubiconproject.com/ Frame 2B01 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
khaos.json
token.rubiconproject.com/ Frame 5676 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
khaos.json
token.rubiconproject.com/ Frame 1144 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
idl.js
assets.a-mo.net/js/ Frame 5A8F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.betootaadvocate.com&e=27&uid=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.158.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2239a36b676f56ac4569b253bebe7fd244c22f91c76cee060640386cb16020d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 53c1b15bee05a74bbf23a945358028ec.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
SYD1-C1
age
543
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 27 Jun 2023 16:12:52 GMT
server
cloudflare
etag
W/"a61ed4db59070cd66af981cbd85859ca"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
816c58b1d8b9a864-SYD
x-amz-cf-id
A_AH8EEOlcxBV7Wy8hbost2yoS_uLukLcdZTO3r3paatiC5Rq_1NiQ==
expires
Mon, 16 Oct 2023 01:57:13 GMT
b
c3.a-mo.net/ Frame 5A8F
Redirect Chain
  • https://id.a-mx.com/sync?tao=1&&do=www.betootaadvocate.com
  • https://c3.a-mo.net/b?uid=304ba9dd-8088-449f-a309-2668b930a50a&sh=id.a-mx.com&
0
0
setuid
prebid.a-mo.net/ Frame 5A8F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=fafbc36c-fc76-42d0-9db7-6e7009269545&gdpr=0&gdpr_consent=&us_privacy=1---
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=fafbc36c-fc76-42d0-9db7-6e7009269545&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=fafbc36c-fc76-42d0-9db7-6e7009269545&gdpr=0&gdpr_consent=&us_privacy=1---
Date
Mon, 16 Oct 2023 00:57:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame 5A8F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-VcMBv8JE2uH58AY5Y3p0kC97OxEGqABhIF5H2s8-~A&gdpr=0
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-VcMBv8JE2uH58AY5Y3p0kC97OxEGqABhIF5H2s8-~A&gdpr=0
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-VcMBv8JE2uH58AY5Y3p0kC97OxEGqABhIF5H2s8-~A&gdpr=0
date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 5A8F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LNS6QZEW-1Z-4NR7&gdpr=0&us_privacy=1---
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LNS6QZEW-1Z-4NR7&gdpr=0&us_privacy=1---
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LNS6QZEW-1Z-4NR7&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
setuid
prebid.a-mo.net/ Frame 5A8F
Redirect Chain
  • https://id.a-mx.net/u?&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Damx_com%26uid%3D
  • https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=amx_com&uid=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b
0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=amx_com&uid=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:15 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=amx_com&uid=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b
date
Mon, 16 Oct 2023 00:57:14 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 5A8F
Redirect Chain
  • https://rtb.openx.net/sync/prebid?&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=openx&uid=f1c3c3df-5ef2-4f52-af4e-ab117bdd849a
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=openx&uid=f1c3c3df-5ef2-4f52-af4e-ab117bdd849a
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=openx&uid=f1c3c3df-5ef2-4f52-af4e-ab117bdd849a
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
cookie
cm.adform.net/ Frame 5A8F 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?&gdpr=0&gdpr_consent=&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Dadform%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
prebid.a-mo.net/ Frame 5A8F
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bid...
  • https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=smartadserver&uid=2759474869957114172
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=smartadserver&uid=2759474869957114172
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=smartadserver&uid=2759474869957114172
date
Mon, 16 Oct 2023 00:57:13 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 5A8F
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Dpubmatic%26uid%3D9E45E727-AF28-4517-B...
  • https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=pubmatic&uid=9E45E727-AF28-4517-B26A-2859989D7BB5
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=pubmatic&uid=9E45E727-AF28-4517-B26A-2859989D7BB5
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=pubmatic&uid=9E45E727-AF28-4517-B26A-2859989D7BB5
date
Mon, 16 Oct 2023 00:57:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame 5A8F
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Dindex_rtb%2...
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=index_rtb&uid=ZSyKaFaZJ5uzO69AjJMJsgAA%264689
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?us_privacy=1---&A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=index_rtb&uid=ZSyKaFaZJ5uzO69AjJMJsgAA%264689
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCd%2FQZXq4JzZBW6nIh6Drwa%2Bz8pednaGw3ODcE9AKVpk2M8DULirAOiGv1HePjRWQeigT2BukqaAI7S3YmDi86LvQPpq1miSVDNvr%2BnIFfhMaZMNLEQ%2BIicmpVL6WGw3JsYpxySA"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?us_privacy=1---&A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=index_rtb&uid=ZSyKaFaZJ5uzO69AjJMJsgAA%264689
cache-control
no-cache
cf-ray
816c58b1ebe5a87a-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame 5A8F
Redirect Chain
  • https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=sovrn&uid=Hfi5BLZH3VP7iV2ZSI6qy0Rc
0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=sovrn&uid=Hfi5BLZH3VP7iV2ZSI6qy0Rc
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
6
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Mon, 16 Oct 2023 00:57:13 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=sovrn&uid=Hfi5BLZH3VP7iV2ZSI6qy0Rc
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame 5A8F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=appnexus&uid=5075661259466851363
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=appnexus&uid=5075661259466851363
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
an-x-request-uuid
2fbca013-ffa2-4fa0-a236-0704cabeae56
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid.a-mo.net/setuid?A=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&bidder=appnexus&uid=5075661259466851363
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 5A8F 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&do=www.betootaadvocate.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
an-x-request-uuid
72bcb7b9-68b4-4961-a59a-a1815b63c558
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 5A8F 		86 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&do=www.betootaadvocate.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.77 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:10 GMT
Content-Length
86
Content-Type
image/png
setuid
prebid-server.rubiconproject.com/ Frame 5A8F 		86 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b&do=www.betootaadvocate.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0
81e08b36-ac42-4cf8-8677-3b491876beae
https://prebid.a-mo.net/ Frame 5A8F 		184 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://prebid.a-mo.net/81e08b36-ac42-4cf8-8677-3b491876beae
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7a78545b22f0d63e605a66b029a8e5a156d32938e8c4dd2fb756cf1b1663052

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
184
Content-Type
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a70ba31dc15edb10ee1acd1a95b433145489b893f320bd0b7a070acd3be054d2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.betootaadvocate.com
date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
Rubicon
s.seedtag.com/cs/cookiesync/ Frame ED7D
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr_consent=undefined&gdpr=0&khaos=LNS6QZEW-1Z-4NR7
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LNS6QZEW-1Z-4NR7&gdpr=0&gdpr_consent=undefined
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LNS6QZEW-1Z-4NR7&gdpr=0&gdpr_consent=undefined
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:15 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LNS6QZEW-1Z-4NR7&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame D2A6 		49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=3002630251532073220&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
12
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame D2A6
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MzAwMjYzMDI1MTUzMjA3MzIyMA==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEBi5uYgTo2tfEyf77gUW3wE&gdpr=0&gdpr_consent=&google_cver=1
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEBi5uYgTo2tfEyf77gUW3wE&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.39 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEBi5uYgTo2tfEyf77gUW3wE&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame D2A6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.39 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
date
Mon, 16 Oct 2023 00:57:13 GMT
server
Kestrel
content-length
299
dcm
aax-eu.amazon-adsystem.com/s/ Frame D2A6
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3D...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=3002630251532073220&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=3002630251532073220&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=3002630251532073220&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.95.126.138 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
85P87Q905NTJFTE2DAQ6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GZQD0WYP9P5XHXN9EADH
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=3002630251532073220&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame D2A6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7290354084683184273&gdpr=0&gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7290354084683184273&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.106.127.39 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7290354084683184273&gdpr=0&gdpr_consent=
Date
Mon, 16 Oct 2023 00:57:14 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
onetag-sys.com/match/ Frame 3BB1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=5352652c-8a6a-4600-9e0a-93ce9ab9580d&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=5352652c-8a6a-4600-9e0a-93ce9ab9580d&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 16 Oct 2023 00:57:14 GMT
Server
MT3 1075 283b7e3 master hkg hkg-pixel-x20 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=5352652c-8a6a-4600-9e0a-93ce9ab9580d&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 16 Oct 2023 00:57:13 GMT
/
onetag-sys.com/match/ Frame 3BB1
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LNS6QZEW-1Z-4NR7&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
/
onetag-sys.com/match/ Frame 3BB1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5075661259466851363
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5075661259466851363
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
an-x-request-uuid
6ad1ac8b-5bea-40bf-b80a-88d528c79d06
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5075661259466851363
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 3BB1
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=2a42fc2648946ae13c8b7b03ac4f4&gdpr_consent=&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=2a42fc2648946ae13c8b7b03ac4f4&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=2a42fc2648946ae13c8b7b03ac4f4&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1697417833670050-68
Expires
Mon, 16 Oct 2023 00:57:13 GMT
tap.php
pixel.rubiconproject.com/ Frame 3BB1 		42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=op2ZP-qTHmiQN0dAs2JJNtiMXUyCqV0Gt7z_oYB1n6g
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3BB1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABizX8rSUQQENIvjQs_tVm9-mt7RA9tTZFJA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABizX8rSUQQENIvjQs_tVm9-mt7RA9tTZFJA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABizX8rSUQQENIvjQs_tVm9-mt7RA9tTZFJA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 3BB1
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=3002630251532073220
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=3002630251532073220
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=3002630251532073220
date
Mon, 16 Oct 2023 00:57:13 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 3BB1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
465CDHRJKQ1GV8J3B6H9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 3BB1
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=9E45E727-AF28-4517-B26A-2859989D7BB5
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=9E45E727-AF28-4517-B26A-2859989D7BB5
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=9E45E727-AF28-4517-B26A-2859989D7BB5
date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 3BB1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELegwVVuKIaeUU4OerqJc3w&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELegwVVuKIaeUU4OerqJc3w&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELegwVVuKIaeUU4OerqJc3w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 3BB1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-VcMBv8JE2uH58AY5Y3p0kC97OxEGqABhIF5H2s8-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-VcMBv8JE2uH58AY5Y3p0kC97OxEGqABhIF5H2s8-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-VcMBv8JE2uH58AY5Y3p0kC97OxEGqABhIF5H2s8-~A
date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 3BB1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
date
Mon, 16 Oct 2023 00:57:13 GMT
server
Kestrel
content-length
233
sync
x.bidswitch.net/ Frame 3BB1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=337a7f7f-c354-4fcb-8a7c-c60c9e8d74e2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-uOjoH35E2pkPqxKnRHNFwnYjeKUz0yJbAVJlKw--~A&expires=5&ssp=onetag
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-uOjoH35E2pkPqxKnRHNFwnYjeKUz0yJbAVJlKw--~A&expires=5&ssp=onetag
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-uOjoH35E2pkPqxKnRHNFwnYjeKUz0yJbAVJlKw--~A&expires=5&ssp=onetag
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 3BB1 		49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=f04f5c55f88ffea7a3ce5b2d908a6e71&visitor=op2ZP-qTHmiQN0dAs2JJNtiMXUyCqV0Gt7z_oYB1n6g
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
12
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
pixel
cm.g.doubleclick.net/ Frame 3EC6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABizX8rTbyPRt08kL5kSe1CL8Ulqis2Zmxuw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABizX8rTbyPRt08kL5kSe1CL8Ulqis2Zmxuw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABizX8rTbyPRt08kL5kSe1CL8Ulqis2Zmxuw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 3EC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESELegwVVuKIaeUU4OerqJc3w&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELegwVVuKIaeUU4OerqJc3w&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESELegwVVuKIaeUU4OerqJc3w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 3EC6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=6e96652c-8a6a-4e00-849f-8a5a8f6dd671&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=6e96652c-8a6a-4e00-849f-8a5a8f6dd671&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 16 Oct 2023 00:57:14 GMT
Server
MT3 1075 283b7e3 master hkg hkg-pixel-x20 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=6e96652c-8a6a-4e00-849f-8a5a8f6dd671&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 16 Oct 2023 00:57:13 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3EC6 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 3EC6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5075661259466851363
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5075661259466851363
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
an-x-request-uuid
a3589dca-6114-4328-919e-1776fbe893c3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5075661259466851363
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 3EC6
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=2a42fc2648946ae13c8b7b03ac4f4&gdpr_consent=&gdpr=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=2a42fc2648946ae13c8b7b03ac4f4&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=2a42fc2648946ae13c8b7b03ac4f4&gdpr_consent=&gdpr=1
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1697417833664028-45
Expires
Mon, 16 Oct 2023 00:57:13 GMT
tap.php
pixel.rubiconproject.com/ Frame 3EC6 		42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame 3EC6 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 3EC6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WA1KJVNJ501YZ9S4WA8C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 3EC6 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.79 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:12 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 3EC6 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 3EC6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.79.152.76 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
date
Mon, 16 Oct 2023 00:57:13 GMT
server
Kestrel
content-length
233
sync
x.bidswitch.net/ Frame 3EC6 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
onetag
s.seedtag.com/cs/cookiesync/ Frame 3EC6 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/onetag?a=3&channeluid=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
tap.php
pixel.rubiconproject.com/ Frame E87F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/2T5HtHFdBrEOpZC-qBVXw8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tWvhw0FE2oLl4hKigIrwWc5RoXCvLYCLT9Zj8A--~A
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tWvhw0FE2oLl4hKigIrwWc5RoXCvLYCLT9Zj8A--~A
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 16 Oct 2023 00:57:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tWvhw0FE2oLl4hKigIrwWc5RoXCvLYCLT9Zj8A--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame E87F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=81x1iVRkR567ZWN9umV_vg&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=81x1iVRkR567ZWN9umV_vg&gdpr=0
0
0
tap.php
pixel.rubiconproject.com/ Frame E87F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=&expires=30
date
Mon, 16 Oct 2023 00:57:13 GMT
server
Kestrel
content-length
289
setuid
px.ads.linkedin.com/ Frame E87F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNS6QZEW-1Z-4NR7&gdpr=0
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNS6QZEW-1Z-4NR7&gdpr=0
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3BF2411B3F154AC48774D7EBF0A5AC38 Ref B: SYD03EDGE0711 Ref C: 2023-10-16T00:57:14Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYHyuMJk1QN7PhWalC/XA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNS6QZEW-1Z-4NR7&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame E87F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEKgW7JcafHzelZQ9OucNrfM&google_cver=1
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEKgW7JcafHzelZQ9OucNrfM&google_cver=1
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEKgW7JcafHzelZQ9OucNrfM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E87F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5TNlFaRVctMVotNE5SNw==&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEBt8N7qYYVC50_9fFRgd3SU&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5TNlFaRVctMVotNE5SNw==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5TNlFaRVctMVotNE5SNw==&google_push=&gdpr=0
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5TNlFaRVctMVotNE5SNw==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
pixel
cm.g.doubleclick.net/ Frame E87F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGY2MWZhOTYxZmI5MWVkNjRhM2NiMDc5YTFiYjVkNjhhNDJhZGE2Mw&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGY2MWZhOTYxZmI5MWVkNjRhM2NiMDc5YTFiYjVkNjhhNDJhZGE2Mw&gdpr=0
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGY2MWZhOTYxZmI5MWVkNjRhM2NiMDc5YTFiYjVkNjhhNDJhZGE2Mw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
pixel.rubiconproject.com/ Frame E87F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UBV5rjIrQS20FnhK_XWURg&rk=usync-other&gdpr=0
0
0
tap.php
pixel.rubiconproject.com/ Frame E87F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAH_G07KWRUAABjUly_Eag&expires=30&gdpr=0
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAH_G07KWRUAABjUly_Eag&expires=30&gdpr=0
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAH_G07KWRUAABjUly_Eag&expires=30&gdpr=0
Date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/prebid/ Frame E87F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNS6QZEW-1Z-4NR7&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Protocol
H2
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
an-x-request-uuid
ab401c78-55ee-40df-9cf1-a8480a17d5f5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame E87F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNS6QZEW-1Z-4NR7&gdpr=0
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNS6QZEW-1Z-4NR7&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNS6QZEW-1Z-4NR7&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync
hb.yahoo.net/ Frame E87F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNS6QZEW-1Z-4NR7&redir=true&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNS6QZEW-1Z-4NR7&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1LVmE2cjM5RTJ1SEFDcDRKTXJ1MGl2d2szRk1EVllCb35B&gdpr=0&ovsid=LNS6QZEW-1Z-4NR7&dpid=58160
53 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1LVmE2cjM5RTJ1SEFDcDRKTXJ1MGl2d2szRk1EVllCb35B&gdpr=0&ovsid=LNS6QZEW-1Z-4NR7&dpid=58160
Protocol
H2
Server
23.206.242.194 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 16 Oct 2023 00:57:14 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 16 Oct 2023 00:57:14 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1LVmE2cjM5RTJ1SEFDcDRKTXJ1MGl2d2szRk1EVllCb35B&gdpr=0&ovsid=LNS6QZEW-1Z-4NR7&dpid=58160
date
Mon, 16 Oct 2023 00:57:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
liveCS.php
live.primis.tech/live/ Frame E87F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNS6QZEW-1Z-4NR7&gdpr=0
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNS6QZEW-1Z-4NR7&gdpr=0
Protocol
H2
Server
13.227.254.114 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:15 GMT
via
1.1 58b09a46630ea2f6a75154a66e58b2e6.cloudfront.net (CloudFront)
server
CloudFront
x-amzn-waf-action
challenge
x-amz-cf-pop
SIN52-C3
x-cache
Error from cloudfront
content-type
text/html; charset=UTF-8
cache-control
no-store, max-age=0
content-length
0
x-amz-cf-id
pq_FVJwhHvOeRwNh7hg4aIbIao4ADq_TqMa6y1r9_ghKW9hzYCeTSw==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNS6QZEW-1Z-4NR7&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
tap.php
pixel.rubiconproject.com/ Frame E87F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9b82c21a-74a1-4391-92a0-9f9bc7e04753&expires=30&gdpr=0
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9b82c21a-74a1-4391-92a0-9f9bc7e04753&expires=30&gdpr=0
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=9b82c21a-74a1-4391-92a0-9f9bc7e04753&expires=30&gdpr=0
Date
Mon, 16 Oct 2023 00:57:14 GMT
Connection
keep-alive
X-CI-RTID
4134717e-42c2-452a-b26c-798ec5b7ebfd
Content-Length
155
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame E87F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNS6QZEW-1Z-4NR7&gdpr=0
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNS6QZEW-1Z-4NR7&gdpr=0
Protocol
H2
Server
52.76.54.83 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-54-83.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:15 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNS6QZEW-1Z-4NR7&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame E87F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
  • https://prebid.a-mo.net/setuid/magnite?uid=LNS6QZEW-1Z-4NR7&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LNS6QZEW-1Z-4NR7&gdpr=0
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:15 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LNS6QZEW-1Z-4NR7&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5AB6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5075661259466851363&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5075661259466851363&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 00:57:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
9313e051-8362-4a67-9a3a-8da615d3a554
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:57:13 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5075661259466851363&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2
b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/ Frame 8AF8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://b1sync.zemanta.com/usersync/pubmatic/?gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s=2
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid%3A%24UID&s...
  • https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
19 B
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Content-Length
19
Content-Type
text/plain; charset=utf-8
Date
Mon, 16 Oct 2023 00:57:14 GMT
X-Content-Type-Options
nosniff

Redirect headers

Content-Length
216
Content-Type
text/html; charset=utf-8
Date
Mon, 16 Oct 2023 00:57:14 GMT
Location
/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
sync
x.bidswitch.net/ Frame 5B5D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=337a7f7f-c354-4fcb-8a7c-c60c9e8d74e2
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=337a7f7f-c354-4fcb-8a7c-c60c9e8d74e2
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=44790866-dd20-4469-8d09-f89c9ae04cd0&user_group=1&ssp=pubmatic&bsw_param=337a7f7f-c354-4fcb-8a7c-c60c9e8d74e2
43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=44790866-dd20-4469-8d09-f89c9ae04cd0&user_group=1&ssp=pubmatic&bsw_param=337a7f7f-c354-4fcb-8a7c-c60c9e8d74e2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 16 Oct 2023 00:57:15 GMT
Server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 16 Oct 2023 00:57:15 GMT
Location
//x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=44790866-dd20-4469-8d09-f89c9ae04cd0&user_group=1&ssp=pubmatic&bsw_param=337a7f7f-c354-4fcb-8a7c-c60c9e8d74e2
Pug
image2.pubmatic.com/AdServer/ Frame 0B92
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4Z6paO_KrT76m_464862b-6fqTP6k_1tsprG0fNL
42 B
564 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4Z6paO_KrT76m_464862b-6fqTP6k_1tsprG0fNL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 15 Oct 2023 19:52:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4Z6paO_KrT76m_464862b-6fqTP6k_1tsprG0fNL
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 77E5 		85 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 16 Oct 2023 00:57:13 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-krnt7300061-BFI
x-timer
S1697417834.731242,VS0,VE127
Pug
simage2.pubmatic.com/AdServer/ Frame 2D61
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11ywn99vl3i9
1 B
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11ywn99vl3i9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:28:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11ywn99vl3i9
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
1
Pug
simage2.pubmatic.com/AdServer/ Frame 4D9F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 00:57:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 00:57:13 GMT
expires
Mon, 16 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
945697
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 069E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tXQeOi-xUOp_0K2qRUtLH0LLcKg&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tXQeOi-xUOp_0K2qRUtLH0LLcKg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 00:57:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 16 Oct 2023 00:57:13 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tXQeOi-xUOp_0K2qRUtLH0LLcKg&gdpr=0&gdpr_consent=
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 5750 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 71BE
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6d49e37b47ef4ce682ae4c899b2837a1
42 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6d49e37b47ef4ce682ae4c899b2837a1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 00:57:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:57:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6d49e37b47ef4ce682ae4c899b2837a1
pragma
no-cache
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 852E
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DBgRVvPXALSrlgixaoosZQ
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DBgRVvPXALSrlgixaoosZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 00:26:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:57:14 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DBgRVvPXALSrlgixaoosZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame BA5C 		43 B
214 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 16 Oct 2023 00:57:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 09F8
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=67353db210bd4cbbacad50ba25c7524c
42 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=67353db210bd4cbbacad50ba25c7524c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 00:57:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Mon, 16 Oct 2023 00:57:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=67353db210bd4cbbacad50ba25c7524c
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 1CC2 		0
0
pxd
dps.jp.cinarra.com/ Frame DD2A 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=9E45E727-AF28-4517-B26A-2859989D7BB5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.206.55.56 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-206-55-56.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
i.match
s.tribalfusion.com/z/ Frame 055B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
816c58b80f80aae3-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 00:57:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
816c58b6febbaae3-SYD
content-type
text/html
date
Mon, 16 Oct 2023 00:57:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
319
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame EB5B
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f221f5f4-6bbe-11ee-8bf8-6fd23714c75b
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
49 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Mon, 16 Oct 2023 00:57:15 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
8

Redirect headers

cache-control
private,max-age=86400
content-length
220
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:57:15 GMT
location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookiesync
core.iprom.net/ Frame 836B 		43 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 16 Oct 2023 00:57:14 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-2cea9099e22e@version_1.573
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 0514
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:57:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
141
match.deepintent.com/usersync/ Frame 8C51 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
server
b
pubmatic
s.seedtag.com/cs/cookiesync/ Frame 7CF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=9E45E727-AF28-4517-B26A-2859989D7BB5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Oct 2023 00:57:14 GMT
server
openresty
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AD33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nkXnJ68oRReyaihZmJ17tQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Server
104.74.54.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-54-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=157193
accept-ranges
bytes
content-length
5606
expires
Tue, 17 Oct 2023 20:37:06 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame AD33
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=9E45E727-AF28-4517-B26A-2859989D7BB5
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=9E45E727-AF28-4517-B26A-2859989D7BB5
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6e2316d0-c22f-4adf-a705-4cae62777e14%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&ttd_puid=6e2316d0-c22f-4adf-a705-4cae62777e14%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&ttd_puid=6e2316d0-c22f-4adf-a705-4cae62777e14%2C%2C
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&ttd_puid=6e2316d0-c22f-4adf-a705-4cae62777e14%2C%2C
date
Mon, 16 Oct 2023 00:57:13 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame AD33 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.186.142 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-186-142.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.2.131
content-length
49
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame AD33
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9E45E727-AF28-4517-B26A-2859989D7BB5&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9E45E727-AF28-4517-B26A-2859989D7BB5&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9E45E727-AF28-4517-B26A-2859989D7BB5&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
HTTP/1.1
Server
119.9.108.211 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:58:06 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:58:06 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=9E45E727-AF28-4517-B26A-2859989D7BB5&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AD33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUU0NUU3MjctQUYyOC00NTE3LUIyNkEtMjg1OTk4OUQ3QkI1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Server
207.65.33.82 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 00:57:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AD33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG--y6T2UAeB4g5w6K5sf3w&google_cver=1
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG--y6T2UAeB4g5w6K5sf3w&google_cver=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Server
207.65.33.82 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 00:40:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG--y6T2UAeB4g5w6K5sf3w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame AD33 		43 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.142.175.23 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
23.175.142.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 15 Oct 2023 00:57:13 GMT
9E45E727-AF28-4517-B26A-2859989D7BB5
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AD33 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/9E45E727-AF28-4517-B26A-2859989D7BB5?gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.129.164 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-129-164.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame AD33
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
42 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b8d71d56-3008-45a7-be15-ac3dbb11b4d9&gdpr=0&gdpr_consent=
date
Mon, 16 Oct 2023 00:57:13 GMT
server
Kestrel
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame AD33
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9E45E727-AF28-4517-B26A-2859989D7BB5&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-k63lEyRE2uWeRBhLhPbxTYxy961Fgsk-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-k63lEyRE2uWeRBhLhPbxTYxy961Fgsk-~A&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Server
67.199.150.85 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-k63lEyRE2uWeRBhLhPbxTYxy961Fgsk-~A&gdpr=0
date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame AD33
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6226166435111640801
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6226166435111640801
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6226166435111640801
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
visitor-us-west-2.omnitagjs.com/visitor/ Frame AD33
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3705113347095721577&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:15 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
11
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-us-west-2.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
date
Mon, 16 Oct 2023 00:57:14 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame AD33
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6c76a1af9cc01ef5&is_secure=true&networkId=17100&version=1&nuid=9E45E727-AF28-4517-B26A-2859989D7BB5&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMG2nJRbAXoQM2lFBhAAAAAAA&expiration=1697504235&nuid=9E45E727-AF28-4517-B26A-2859989D7BB5&...
42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMG2nJRbAXoQM2lFBhAAAAAAA&expiration=1697504235&nuid=9E45E727-AF28-4517-B26A-2859989D7BB5&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 00:57:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:15 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMG2nJRbAXoQM2lFBhAAAAAAA&expiration=1697504235&nuid=9E45E727-AF28-4517-B26A-2859989D7BB5&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame AD33
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5075661259466851363
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5075661259466851363
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 16 Oct 2023 00:57:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
an-x-request-uuid
32c3951f-e77d-4701-b2db-ca7f8f49af65
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5075661259466851363
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame ED7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LNS6QZEW-1Z-4NR7&gdpr=0
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LNS6QZEW-1Z-4NR7&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
HTTP/1.1
Server
209.191.163.152 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:14 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LNS6QZEW-1Z-4NR7&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
tap.php
pixel.rubiconproject.com/ Frame ED7D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=3415b3bb-e415-40cd-af3f-c60ad2f4b03a&gdpr=0
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=3415b3bb-e415-40cd-af3f-c60ad2f4b03a&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=3415b3bb-e415-40cd-af3f-c60ad2f4b03a&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
641809
content-length
0
expires
Mon, 16 Oct 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame ED7D
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=b694090f-4937-4db7-95da-f1454aaad387
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=b694090f-4937-4db7-95da-f1454aaad387
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
track004-sjc
pragma
no-cache
date
Mon, 16 Oct 2023 00:56:39 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=b694090f-4937-4db7-95da-f1454aaad387
cache-control
private,no-cache
content-length
223
expires
-1
tap.php
pixel.rubiconproject.com/ Frame ED7D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=tXQeOi-xUOp_0K2qRUtLH0LLcKg
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=tXQeOi-xUOp_0K2qRUtLH0LLcKg
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=tXQeOi-xUOp_0K2qRUtLH0LLcKg
Date
Mon, 16 Oct 2023 00:57:14 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame ED7D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6226166435111640801
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6226166435111640801
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6226166435111640801
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Rubicon
s.seedtag.com/cs/cookiesync/ Frame ED7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LNS6QZEW-1Z-4NR7&gdpr=0
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LNS6QZEW-1Z-4NR7&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LNS6QZEW-1Z-4NR7&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
tap.php
pixel.rubiconproject.com/ Frame ED7D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3488940564981937769&expires=60&gdpr=0&gdpr_consent=
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3488940564981937769&expires=60&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3488940564981937769&expires=60&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame ED7D
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=5075661259466851363&expires=30&gdpr=0
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=5075661259466851363&expires=30&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
an-x-request-uuid
f517fd14-07ed-4694-a51f-f9cb1bf3e7b9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=5075661259466851363&expires=30&gdpr=0
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
RX-6d4b7bf1-520e-43cf-a3c2-bf13bb54a30e-004
sync.targeting.unrulymedia.com/csync/ Frame ED7D
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1697417834437
  • https://ad.turn.com/r/cs?pid=45&rndcb=1092031672
  • https://sync.1rx.io/usersync/turn/3705113347095721577?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-6d4b7bf1-520e-43cf-a3c2-bf13bb54a30e-004?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-6d4b7bf1-520e-43...
0
0
esync
token.rubiconproject.com/ Frame ED7D
Redirect Chain
  • https://id.rlcdn.com/709414.gif?gdpr=0
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame ED7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr=0
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LNS6QZEW-1Z-4NR7&obUid=&initiator=&gdpr=0
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LNS6QZEW-1Z-4NR7&obUid=&initiator=&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
HTTP/1.1
Server
38.133.127.159 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:15 GMT
Cache-Control
no-cache
X-TraceId
62c43d70e31c6edc39f174f62cca48c8
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LNS6QZEW-1Z-4NR7&obUid=&initiator=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame ED7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LNS6QZEW-1Z-4NR7&name=RUBICON&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LNS6QZEW-1Z-4NR7&name=RUBICON&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:15 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LNS6QZEW-1Z-4NR7&name=RUBICON&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
60909
i.liadm.com/s/ Frame ED7D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=49096&gdpr=0
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LNS6QZEW-1Z-4NR7&gdpr=0
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LNS6QZEW-1Z-4NR7&gdpr=0&_li_chk=true&previous_uuid=180c32eafa39415eacf52037bed0a08e
0
0
tap.php
pixel.rubiconproject.com/ Frame ED7D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=1e0db7e7-cd9a-4325-9a13-ebe3f8d0cf7a-652c8a6a-5553&expires=360&gdpr=0&gdpr_consent=
0
0
LNS6QZEW-1Z-4NR7
sync.1rx.io/usersync/rubicon/ Frame ED7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&gdpr=0
  • https://sync.1rx.io/usersync/rubicon/LNS6QZEW-1Z-4NR7?gdpr=0
0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame ED7D 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 2B01
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LNS6QZEW-1Z-4NR7
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LNS6QZEW-1Z-4NR7&name=RUBICON&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LNS6QZEW-1Z-4NR7&name=RUBICON&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
52.25.216.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-216-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:15 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
5
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LNS6QZEW-1Z-4NR7&name=RUBICON&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 2B01
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=LNS6QZEW-1Z-4NR7&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LNS6QZEW-1Z-4NR7&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X96YX4XF4M7ANYPX4DBA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LNS6QZEW-1Z-4NR7&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
match
events-ssc.33across.com/ Frame 2B01
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LNS6QZEW-1Z-4NR7&gdpr=0
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LNS6QZEW-1Z-4NR7&ts=1697417834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LNS6QZEW-1Z-4NR7&ts=1697417834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LNS6QZEW-1Z-4NR7&ts=1697417834&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
setuid
s2s.t13.io/ Frame 2B01
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=0
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LNS6QZEW-1Z-4NR7&gdpr=0
86 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
34.107.140.113 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
143
match.deepintent.com/usersync/ Frame 2B01 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/143?gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
content-length
0
server
b
tap.php
pixel.rubiconproject.com/ Frame 2B01
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZSyKaQAU38MioQBV&gdpr=0
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZSyKaQAU38MioQBV&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-bfi-krnt7300061-BFI
pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697417834.896811,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZSyKaQAU38MioQBV&gdpr=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 2B01
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon&gdpr=0
  • https://cm.adgrx.com/bridge.gif?AG_PID=rubicon&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=f221f5f4-6bbe-11ee-8bf8-6fd23714c75b&expires=60
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=f221f5f4-6bbe-11ee-8bf8-6fd23714c75b&expires=60
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
server
Cowboy
content-type
image/gif
location
https://pixel.rubiconproject.com/tap.php?v=144054&nid=4032&put=f221f5f4-6bbe-11ee-8bf8-6fd23714c75b&expires=60
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
aws-apsoutheast1a-delivery-1
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
tap.php
pixel.rubiconproject.com/ Frame 2B01
Redirect Chain
  • https://um.simpli.fi/rb_match?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8DA2511EED2D4652A27AF3DF5C0B52B8&expires=365
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8DA2511EED2D4652A27AF3DF5C0B52B8&expires=365
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8DA2511EED2D4652A27AF3DF5C0B52B8&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 15 Oct 2023 00:57:13 GMT
tap.php
pixel.rubiconproject.com/ Frame 2B01
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=0
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=LPaBMmseKODxgcSAfv73GIXsnMZhMiGdLdsvN9R-tmQ&gdpr=0
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=4d846da295652127&is_secure=true&networkId=12783&version=1&nuid=LPaBMmseKODxgcSAfv73GIXsnMZhMiGdLdsvN9R-tmQ&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMOZx9wIonbAMwNdZ1AAAAAAA&expiration=1697504235&nuid=LPaBMmseKODxgcSAfv73GIXsnMZhMiGdLdsvN9R-tmQ&is_secure=true&gdpr=0
0
0
rubicon
tr.blismedia.com/v1/api/sync/ Frame 2B01 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/rubicon?gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
ads.yieldmo.com/ Frame 2B01
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo&gdpr=0
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LNS6QZEW-1Z-4NR7&gdpr=0
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LNS6QZEW-1Z-4NR7&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
18.143.217.97 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LNS6QZEW-1Z-4NR7&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 2B01
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7290354084688492701&expires=730&gdpr=0
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7290354084688492701&expires=730&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7290354084688492701&expires=730&gdpr=0
Date
Mon, 16 Oct 2023 00:57:14 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
i.match
a.tribalfusion.com/ Frame 2B01 		43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
816c58b87fc9aae3-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 2B01
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=7umE1zY5M5Mb&ev=1&pid=560687&gdpr=0
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=7umE1zY5M5Mb&ev=1&pid=560687&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-AU
location
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=7umE1zY5M5Mb&ev=1&pid=560687&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6965b64474-5vh9p
expires
-1
sync
usr.undertone.com/userPixel/ Frame 2B01
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr=0
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LNS6QZEW-1Z-4NR7&gdpr=0
0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
13.35.147.97 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:15 GMT
via
1.1 b7d2e60db967a855c811c683a85c3286.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
content-length
0
x-amz-cf-id
X-wrtk1xw5y7tkHPJh18OBs46sYfMwPlB-pd--fHC1PBkshRjYMHjQ==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 2B01
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=2&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=840801861850&expires=30&us_privacy=1---
0
0
tap.php
pixel.rubiconproject.com/ Frame 2B01
Redirect Chain
  • https://b1sync.zemanta.com/usersync/rubicon/?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=VCys-l-RAZ9kUgc8b9US&gdpr=0
0
0
usync.html
eus.rubiconproject.com/ Frame 91BE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Oct 2023 00:57:13 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D7CF
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1697417833804.4&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.74.54.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-54-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157192
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 16 Oct 2023 00:57:14 GMT
expires
Tue, 17 Oct 2023 20:37:06 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP001
x-33x-status
40000000008200000A
cm
us-u.openx.net/w/1.0/ Frame FBE5
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1697417833804.6&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
1 KB
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7ce3557eacebff06b6dab13629d491c9e92e47f6d240e3c4a5762d188d203f2e

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
588
content-type
text/html
date
Mon, 16 Oct 2023 00:57:14 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 16 Oct 2023 00:57:13 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP005
x-33x-status
40000000008200000A
33across
s.seedtag.com/cs/cookiesync/ Frame 021B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1697417833804.&ri=0010b00002MptHCAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERI...
  • https://s.seedtag.com/cs/cookiesync/33across?channeluid=212308014644721
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/33across?channeluid=212308014644721
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://s.seedtag.com/cs/cookiesync/33across?channeluid=212308014644721
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
sync
x.bidswitch.net/ Frame 021B 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
match
events-ssc.33across.com/ Frame 021B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=bb1c7c1a-c3d1-4194-bfcf-76e9022f8f84-652c8a6a-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=bb1c7c1a-c3d1-4194-bfcf-76e9022f8f84-652c8a6a-5553&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26...
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=bb1c7c1a-c3d1-4194-bfcf-76e9022f8f84-652c8a6a-5553
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=bb1c7c1a-c3d1-4194-bfcf-76e9022f8f84-652c8a6a-5553&ts=1697417835&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=bb1c7c1a-c3d1-4194-bfcf-76e9022f8f84-652c8a6a-5553&ts=1697417835&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:15 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=bb1c7c1a-c3d1-4194-bfcf-76e9022f8f84-652c8a6a-5553&ts=1697417835&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 021B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1697417833804.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=5075661259466851363
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=5075661259466851363
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
an-x-request-uuid
92cc8d2f-45df-4806-9858-eaaa0866b079
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=5075661259466851363
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
csync.loopme.me/ Frame 5676
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=loopme&gdpr=0
  • https://csync.loopme.me/?partner_id=1441&vt=&uid=LNS6QZEW-1Z-4NR7&gdpr=0
0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1441&vt=&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
35.214.206.1 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
1.206.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:15 GMT
server
_

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://csync.loopme.me/?partner_id=1441&vt=&uid=LNS6QZEW-1Z-4NR7&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 5676
Redirect Chain
  • https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=7iGuQ-B1qhX1JPkR7HGxROEgrhj1LPpGvSXX96pb
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=7iGuQ-B1qhX1JPkR7HGxROEgrhj1LPpGvSXX96pb
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=7iGuQ-B1qhX1JPkR7HGxROEgrhj1LPpGvSXX96pb
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5676
Redirect Chain
  • https://rbp.mxptint.net/sn.ashx?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R4E330_10A9DAD81_5EB5A8BA&expires=60
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R4E330_10A9DAD81_5EB5A8BA&expires=60
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R4E330_10A9DAD81_5EB5A8BA&expires=60
Date
Mon, 16 Oct 2023 00:57:13 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-380422634; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
227
Content-Type
text/html; charset=utf-8
user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame 5676
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon&gdpr=0
  • https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LNS6QZEW-1Z-4NR7&gdpr=0
0
0
tap.php
pixel.rubiconproject.com/ Frame 5676
Redirect Chain
  • https://match.adsby.bidtheatre.com/rubiconmatch?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=0&gdpr_consent=&put=3a97b8bb-7a92-47f1-9734-ecd265fe6a16
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=0&gdpr_consent=&put=3a97b8bb-7a92-47f1-9734-ecd265fe6a16
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=0&gdpr_consent=&put=3a97b8bb-7a92-47f1-9734-ecd265fe6a16
Date
Mon, 16 Oct 2023 00:57:14 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
tap.php
pixel.rubiconproject.com/ Frame 5676
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=87&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=3002630251532073220&gdpr=0&gdpr_consent=
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=3002630251532073220&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=3002630251532073220&gdpr=0&gdpr_consent=
date
Mon, 16 Oct 2023 00:57:13 GMT
content-length
0
info2
uipglob.semasio.net/magnite/1/ Frame 5676
Redirect Chain
  • https://token.rubiconproject.com/token?pid=10362&gdpr=0
  • https://uipglob.semasio.net/magnite/1/info?sType=sync&sExtCookieId=LNS6QZEW-1Z-4NR7&sInitiator=external&gdpr=0
  • https://uipglob.semasio.net/magnite/1/info2?sType=sync&sExtCookieId=LNS6QZEW-1Z-4NR7&sInitiator=external&gdpr=0
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/magnite/1/info2?sType=sync&sExtCookieId=LNS6QZEW-1Z-4NR7&sInitiator=external&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
119.9.108.211 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:58:06 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:58:06 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/magnite/1/info2?sType=sync&sExtCookieId=LNS6QZEW-1Z-4NR7&sInitiator=external&gdpr=0
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5676
Redirect Chain
  • https://dmp.brand-display.com/cm/api/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=3b404e16-eb90-c4fb-ceb78677
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=3b404e16-eb90-c4fb-ceb78677
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=3b404e16-eb90-c4fb-ceb78677
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
tap.php
pixel.rubiconproject.com/ Frame 5676
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=64&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1977432094398873212&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1977432094398873212&expires=30
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1977432094398873212&expires=30
Date
Mon, 16 Oct 2023 00:57:14 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5676
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=0
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=fgvyAkL81QSbV05&expires=30&gdpr=0
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=fgvyAkL81QSbV05&expires=30&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:14 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-015e06b625cd64536@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=fgvyAkL81QSbV05&expires=30&gdpr=0
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5676
Redirect Chain
  • https://onetag-sys.com/match/?int_id=4&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 5676
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=54&gdpr=0
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=54&gdpr=0&ckls=true&ci=DdpYjnmhnY&nc=false&trid=585988045
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=54&gdpr=0&ckls=true&ci=DdpYjnmhnY&nc=false&trid=585988045
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
13.35.147.78 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:15 GMT
via
1.1 b7d2e60db967a855c811c683a85c3286.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
4kFyKtbXdMGp5OdaBSYGhwLib8GgoYDpa2U3nkcKV8YX8KNxSxo6BQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:15 GMT
via
1.1 b7d2e60db967a855c811c683a85c3286.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=54&gdpr=0&ckls=true&ci=DdpYjnmhnY&nc=false&trid=585988045
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
ScGEbEfG5XvhjrzqolWRUA-Mx_hVGY_dRyUtLGOErDq4n1i9VDGDxQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieSyncRubicon
rtb.adentifi.com/ Frame 5676 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncRubicon?gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.39.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:15 GMT
tap.php
pixel.rubiconproject.com/ Frame 5676
Redirect Chain
  • https://sync.adotmob.com/cookie/rubicon?r=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D123034%26nid%3D3956%26put%3D%7Buser_token%7D&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=09af220400e5db26fc5a9bbe&expires=1&gdpr=0
0
0
tap.php
pixel.rubiconproject.com/ Frame 5676
Redirect Chain
  • https://ib.adnxs.com/getuid?https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=$UID&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=5075661259466851363&gdpr=0
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=5075661259466851363&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
an-x-request-uuid
859d0bfe-9e03-479f-95ec-21c38e9570db
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=5075661259466851363&gdpr=0
x-proxy-origin
66.203.112.168; 66.203.112.168; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5676
Redirect Chain
  • https://cm.smadex.com/sync?sm_p=rbc&sm_r=rbc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=ebc6c393-0304-4072-8c5a-fa3930f64547&expires=30
0
0
cms-2c-rubicon.html
cti.w55c.net/ct/ Frame 2C95 		52 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-89.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecb740996ce05e9b7823c9690564a0d7b3840becad640d37e929cd4f4ee1cdf4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eus.rubiconproject.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
290519
cache-control
must-revalidate
content-encoding
gzip
content-type
text/html
date
Thu, 12 Oct 2023 16:15:16 GMT
etag
W/"7549d51888f0142460ac70be66758bc9"
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 7a7cbcc9a496cf341e54c90ad14e02d4.cloudfront.net (CloudFront)
x-amz-cf-id
KnTumoIHKxcaJFwt7BiHSn1TleHTAZjd3uNpCMLgjiRwDhEeXBtyrg==
x-amz-cf-pop
SYD1-C1
x-amz-replication-status
COMPLETED
x-amz-version-id
eM8rKv5bLrMqGrCvH619GCOhuiLqCbex
x-cache
Hit from cloudfront
usync.js
eus.rubiconproject.com/ Frame 91BE 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9e7b5f7f2437b40f376000a5d11f20b0e4e958363239915d054c071d5bfc492e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Oct 2023 23:48:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82255
Connection
keep-alive
Content-Length
10838
Expires
Mon, 16 Oct 2023 23:48:08 GMT
khaos.json
token.rubiconproject.com/ Frame 91BE 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LNS6QZEW-1Z-4NR7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
/
track.adform.net/Serving/Cookie/ Frame 65B4 		92 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1697417832589&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ecbf82909db5e4cddbc9ed6d0d619b60977d45a5826b0a6505aa9e99a7939000
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
201
expires
-1
usync.html
eus.rubiconproject.com/ Frame 5704
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1697417832589&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 16 Oct 2023 00:57:14 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 16 Oct 2023 00:57:14 GMT
location
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
server
AkamaiGHost
richaudience&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 65B4 		29 B
29 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/richaudience&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1697417832589&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.78.103 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-78-103.ap-northeast-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
5e270cc0c5a4d0571518dbdf4c5f347fdc16b43cdc920837de0e7bd422607ea7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
29
content-type
text/plain
/
sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/ Frame 65B4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9
95 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1697417832589&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/png
date
Mon, 16 Oct 2023 00:57:07 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=b8d71d56-3008-45a7-be15-ac3dbb11b4d9
date
Mon, 16 Oct 2023 00:57:14 GMT
server
Kestrel
content-length
239
token
token.rubiconproject.com/ Frame 1144
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Ftoken.rubiconproject.com%2Ftoken%3Fpid%3D35912%26puid%3D%5BMM_UUID%5D&gdpr=0
  • https://token.rubiconproject.com/token?pid=35912&puid=cb0b652c-8a6a-4600-8932-9fbe59d63588&gdpr=0&gdpr_consent=
0
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=35912&puid=cb0b652c-8a6a-4600-8932-9fbe59d63588&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date
Mon, 16 Oct 2023 00:57:14 GMT
Server
MT3 1075 283b7e3 master nrt nrt-pixel-x24 config_version:"1969"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://token.rubiconproject.com/token?pid=35912&puid=cb0b652c-8a6a-4600-8932-9fbe59d63588&gdpr=0&gdpr_consent=
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 16 Oct 2023 00:57:13 GMT
tap.php
pixel.rubiconproject.com/ Frame 1144
Redirect Chain
  • https://www.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
0
0
sync
x.bidswitch.net/ Frame 1144
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=rubicon&gdpr=0
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=rubicon&bsw_custom_parameter=fafbc36c-fc76-42d0-9db7-6e7009269545
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=&ssp=rubicon&bsw_param=fafbc36c-fc76-42d0-9db7-6e7009269545
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=&ssp=rubicon&bsw_param=fafbc36c-fc76-42d0-9db7-6e7009269545
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=&ssp=rubicon&bsw_param=fafbc36c-fc76-42d0-9db7-6e7009269545
Date
Mon, 16 Oct 2023 00:57:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame 1144
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid]&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=3002630251532073220
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=3002630251532073220
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=3002630251532073220
date
Mon, 16 Oct 2023 00:57:13 GMT
content-length
0
pixel
beacon.lynx.cognitivlabs.com/ Frame 1144
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/rb.gif?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=a5ee2239-da7c-41c9-8d8d-ffc9e842d948&expires=365&next=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Drubi...
  • https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=rubicon&inventory_source=0
0
0
9.gif
id5-sync.com/i/175/ Frame 1144 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/175/9.gif?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
6123
stags.bluekai.com/site/ Frame 1144
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=3&gdpr=0
  • https://stags.bluekai.com/site/6123?id=LNS6QZEW-1Z-4NR7&limit=1&gdpr=0
62 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/6123?id=LNS6QZEW-1Z-4NR7&limit=1&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
H2
Server
184.24.254.89 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 16 Oct 2023 00:57:15 GMT
content-length
62
content-type
image/gif

Redirect headers

Location
https://stags.bluekai.com/site/6123?id=LNS6QZEW-1Z-4NR7&limit=1&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1144
Redirect Chain
  • https://rubiconcm.digitaleast.mobi/usersync/rubicon.gif?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=
date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
content-type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 1144
Redirect Chain
  • https://s.company-target.com/s/rp?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=63577354-6412-40c4-b875-097ee147e9da
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=63577354-6412-40c4-b875-097ee147e9da
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.rubiconproject.com
location
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=63577354-6412-40c4-b875-097ee147e9da
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
tap.php
pixel.rubiconproject.com/ Frame 1144
Redirect Chain
  • https://rcp.c.appier.net/rbcm?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=tdCGvqsDCF61Ojt1aoosZQ&expires=365
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=tdCGvqsDCF61Ojt1aoosZQ&expires=365
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 16 Oct 2023 00:57:14 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=tdCGvqsDCF61Ojt1aoosZQ&expires=365
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
131
tap.php
pixel.rubiconproject.com/ Frame 1144
Redirect Chain
  • https://tg.socdm.com/rtb/sync?proto=rubicon&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZSyKasCo5sMAACDtMs8AAAAA
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZSyKasCo5sMAACDtMs8AAAAA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

X-SO-Cluster-ID
0
Date
Mon, 16 Oct 2023 00:57:14 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=rubicon&gdpr=0","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.168","key":"ZSyKasCo5sMAACDtMs8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad160"}
X-SO-Key
ZSyKasCo5sMAACDtMs8AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad160
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZSyKasCo5sMAACDtMs8AAAAA
Cache-Control
private
X-SO-HostName
m-ad160.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
14
Content-Length
0
X-SO-LB-Hostname
a-tgng40005.dc2p.scaleout.jp
X-SO-IP
66.203.112.168
tap.php
pixel.rubiconproject.com/ Frame 1144
Redirect Chain
  • https://um4.eqads.com/um/rc?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=4aadc648-9b84-498e-b8ac-851dbb5a2e78&expires=30
0
0
demconf.jpg
dpm.demdex.net/ Frame 1144
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&gdpr=0
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LNS6QZEW-1Z-4NR7?gdpr=0
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=481&dpuuid=LNS6QZEW-1Z-4NR7
42 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=481&dpuuid=LNS6QZEW-1Z-4NR7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.104.241.36 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS
dcs-prod-apse2-2-v051-0ec6d50d1.edge-apse2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qrcL8eoEQdc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-apse2-1-v051-0c550a2ba.edge-apse2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
GM58NSwXRCc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=481&dpuuid=LNS6QZEW-1Z-4NR7
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usync.js
eus.rubiconproject.com/ Frame 5704 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.61.234 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-61-234.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9e7b5f7f2437b40f376000a5d11f20b0e4e958363239915d054c071d5bfc492e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Mon, 16 Oct 2023 00:57:14 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Oct 2023 23:48:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82254
Connection
keep-alive
Content-Length
10838
Expires
Mon, 16 Oct 2023 23:48:08 GMT
khaos.json
token.rubiconproject.com/ Frame 5704 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LNS6QZEW-1Z-4NR7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
match
events-ssc.33across.com/ Frame 91BE
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&gdpr_consent=undefined&gdpr=0&khaos=LNS6QZEW-1Z-4NR7
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LNS6QZEW-1Z-4NR7&gdpr=0&gdpr_consent=undefined
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LNS6QZEW-1Z-4NR7&ts=1697417835&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LNS6QZEW-1Z-4NR7&ts=1697417835&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:15 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LNS6QZEW-1Z-4NR7&ts=1697417835&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame FBE5 		68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=be76407e-39e6-4c54-a8f5-64d4f0d2d448
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
/
apsoutheast-match.deepintent.com/usersync/108/ Frame FBE5 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apsoutheast-match.deepintent.com/usersync/108/
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:13 GMT
content-length
0
server
b
sd
us-u.openx.net/w/1.0/ Frame FBE5
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=5031ad7e0be2214&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALxzbDEiApAAMZWFv3AAAAAAA&expiration=1697504235&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALxzbDEiApAAMZWFv3AAAAAAA&expiration=1697504235&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:15 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:15 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAALxzbDEiApAAMZWFv3AAAAAAA&expiration=1697504235&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame FBE5 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&gdpr=0&uid=e6d9cf99-3f07-46f2-97e5-aa0e6d25b27e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.228.126.19 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sd
us-u.openx.net/w/1.0/ Frame FBE5
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=8DA2511EED2D4652A27AF3DF5C0B52B8
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=8DA2511EED2D4652A27AF3DF5C0B52B8
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 16 Oct 2023 00:57:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=8DA2511EED2D4652A27AF3DF5C0B52B8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 15 Oct 2023 00:57:14 GMT
redirect
match.rundsp.com/ Frame FBE5 		0
0
iu3
s.amazon-adsystem.com/ Frame FBE5
Redirect Chain
  • https://s.amazon-adsystem.com/x/19cb1bfc173dcb98ccec
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=ox&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=ox&dcc=t
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EKYWE7XBYGNJQDNGKVXE
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=ox&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FBE5
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=hpLXghb21QSbV05
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=hpLXghb21QSbV05
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:14 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-015e06b625cd64536@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=hpLXghb21QSbV05
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FBE5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZSyKaQAU38MioQBV
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZSyKaQAU38MioQBV
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-bfi-krnt7300061-BFI
pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697417834.302307,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZSyKaQAU38MioQBV
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
6
tr.blismedia.com/v1/dpusync/ Frame FBE5
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/openx
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=652C8A6970452A46677FFD51BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D652C8A6970452A46677F...
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=652C8A6970452A46677FFD51BLIS
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia
  • https://tr.blismedia.com/v1/dpusync/6?uid=LNS6QZEW-1Z-4NR7
49 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/dpusync/6?uid=LNS6QZEW-1Z-4NR7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:15 GMT
cache-control
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://tr.blismedia.com/v1/dpusync/6?uid=LNS6QZEW-1Z-4NR7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
sd
jp-u.openx.net/w/1.0/ Frame FBE5
Redirect Chain
  • https://bk.r-ad.ne.jp/3/cs
  • https://jp-u.openx.net/w/1.0/sd?id=537097918&val=56s0vE00pBDHN0066tgk
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537097918&val=56s0vE00pBDHN0066tgk
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Mon, 16 Oct 2023 00:57:14 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//jp-u.openx.net/w/1.0/sd?id=537097918&val=56s0vE00pBDHN0066tgk
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
211.json
id5-sync.com/g/v2/ 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/211.json
Requested by
Host: cdn-header-bidding.snack-media.com
URL: https://cdn-header-bidding.snack-media.com/assets/js/prebid-8.6.0-std_v3.js?v=20220523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a59ef267e9431c4b2ee6a5f80e0224eb1b9c6072226521be86d2d5b74501424a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.betootaadvocate.com
date
Mon, 16 Oct 2023 00:57:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
cms-2-rubicon.min.js
cti.w55c.net/ct/ Frame 2C95 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cti.w55c.net/ct/cms-2-rubicon.min.js
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-89.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c7987d2f26ca9bf8254df658877b74005f2e90d3f477eacc606e011341d8082
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 16:45:53 GMT
x-amz-version-id
4wUy6FG8mI1tQq9b3POfj8uoA5V85xC6
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 7a7cbcc9a496cf341e54c90ad14e02d4.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
202282
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
etag
W/"d7ff0f4ef590b94bd79fc9b61a13ef4e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate
x-amz-cf-id
cPzJtz_feZjNezu8lTCwumxyBa6fsnQIKYSo_vJdX7J4u4LNIbgeOA==
pingmatch.gif
pm.w55c.net/ Frame 2C95
Redirect Chain
  • https://pm.w55c.net/pingmatch.gif
  • https://pm.w55c.net/pingmatch.gif?scc=1
42 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pm.w55c.net/pingmatch.gif?scc=1
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=0
Protocol
HTTP/1.1
Server
18.136.94.236 -, , ASN (),
Reverse DNS
Software
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-09cd11671e3b647cd@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:13 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-09cd11671e3b647cd@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:13 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-09cd11671e3b647cd@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://pm.w55c.net/pingmatch.gif?scc=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/ Frame 65B4 		95 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/?uid=6226166435111640801
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1697417832589&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1697417832589&pubconsent=&euconsent=&hasConsent=1&rd=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/png
date
Mon, 16 Oct 2023 00:57:07 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/ Frame 5704
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr=0&gdpr_consent=&gdpr=0&khaos=LNS6QZEW-1Z-4NR7
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LNS6QZEW-1Z-4NR7&gdpr=0
95 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LNS6QZEW-1Z-4NR7&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=8067-1308-01&pc=GB&cmp=true
Protocol
H2
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/png
date
Mon, 16 Oct 2023 00:57:08 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LNS6QZEW-1Z-4NR7&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
match-result
tags.w55c.net/ Frame 2C95
Redirect Chain
  • https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dGhocUFhUjExUVNiVjA1&google_cm
  • https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESELC-6GrtykN8t64BXdzRskk&google_cver=1
42 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESELC-6GrtykN8t64BXdzRskk&google_cver=1
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=0
Protocol
HTTP/1.1
Server
13.228.194.70 -, , ASN (),
Reverse DNS
Software
Retargeting/v2.0.30-790-g2a3fdc2#rel-ec2-master i-03fd7d1aa7a80ccdf@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Oct 2023 00:57:14 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/v2.0.30-790-g2a3fdc2#rel-ec2-master i-03fd7d1aa7a80ccdf@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESELC-6GrtykN8t64BXdzRskk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
384
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2964
tags.bluekai.com/site/ Frame 2C95 		62 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/2964?id=thhqAaR11QSbV05
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c-rubicon.html?gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.254.89 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 16 Oct 2023 00:57:15 GMT
content-length
62
content-type
image/gif
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-4ZLLC2NYSG&gtm=45je3ab0&_p=896130630&cid=65793330.1697417828&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1697417827&sct=1&seg=0&dl=https%3A%2F%2Fwww.betootaadvocate.com%2F&dt=The%20Betoota%20Advocate%20-%20Australia%27s%20Oldest%20And%20Favourite%20Newspaper&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4ZLLC2NYSG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.betootaadvocate.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 16 Oct 2023 00:57:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.betootaadvocate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame AD33 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157743&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:57:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame AD33 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame E363 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13244
Domain
id5-sync.com
URL
https://id5-sync.com/c/441/10/4/6.gif?puid=6226166435111640801&gdpr=0&gdpr_consent=
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?source=249286
Domain
cs.nex8.net
URL
https://cs.nex8.net/cs/openx
Domain
c3.a-mo.net
URL
https://c3.a-mo.net/b?uid=304ba9dd-8088-449f-a309-2668b930a50a&sh=id.a-mx.com&
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=81x1iVRkR567ZWN9umV_vg&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UBV5rjIrQS20FnhK_XWURg&rk=usync-other&gdpr=0
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-6d4b7bf1-520e-43cf-a3c2-bf13bb54a30e-004?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-6d4b7bf1-520e-43cf-a3c2-bf13bb54a30e-004%26expires%3D30
Domain
i.liadm.com
URL
https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LNS6QZEW-1Z-4NR7&gdpr=0&_li_chk=true&previous_uuid=180c32eafa39415eacf52037bed0a08e
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=1e0db7e7-cd9a-4325-9a13-ebe3f8d0cf7a-652c8a6a-5553&expires=360&gdpr=0&gdpr_consent=
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/rubicon/LNS6QZEW-1Z-4NR7?gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17404&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMOZx9wIonbAMwNdZ1AAAAAAA&expiration=1697504235&nuid=LPaBMmseKODxgcSAfv73GIXsnMZhMiGdLdsvN9R-tmQ&is_secure=true&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=840801861850&expires=30&us_privacy=1---
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=VCys-l-RAZ9kUgc8b9US&gdpr=0
Domain
match.sync.ad.cpe.dotomi.com
URL
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LNS6QZEW-1Z-4NR7&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=123034&nid=3956&put=09af220400e5db26fc5a9bbe&expires=1&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=ebc6c393-0304-4072-8c5a-fa3930f64547&expires=30
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
Domain
beacon.lynx.cognitivlabs.com
URL
https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=rubicon&inventory_source=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=4aadc648-9b84-498e-b8ac-851dbb5a2e78&expires=30
Domain
match.rundsp.com
URL
https://match.rundsp.com/redirect?ex=openx
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91507580&p=157743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85585607&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

475 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| _wpemojiSettings object| Give_Recurring_Vars undefined| $ function| jQuery object| webpackChunkgive_recurring object| _mmunch object| tdb_global_vars object| tdb_p_autoload_vars object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| td_user_incorrect string| td_email_user_empty string| td_pass_empty string| td_pass_pattern_incorrect string| td_retype_pass_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| tdThemeNameWl string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce string| tdsDateFormat object| tdDateNamesI18n string| tdb_modal_confirm string| tdb_modal_cancel string| tdb_modal_confirm_alt string| tdb_modal_cancel_alt string| td_ad_background_click_link string| td_ad_background_click_target function| gtag object| dataLayer function| cnxps object| block_tdi_13 object| block_tdi_28 object| block_tdi_29 object| block_tdi_32 object| block_tdi_52 object| block_tdi_54 object| block_tdi_57 string| sbiajaxurl object| postIdsNoAds object| give_stripe_vars object| webpackChunkStripeJSouter function| noop function| Stripe object| give_global_vars object| giveApiSettings object| GiveDonationSummaryData object| runtime object| regeneratorRuntime object| wp function| sprintf function| vsprintf object| webpackChunkgive function| iFrameResize function| give_open_form_modal function| give_fl_trigger function| give_change_html5_form_field_validation_message function| update_profile_state_field function| addDynamicEventListener object| Give object| iFrameResizer object| GiveDonationSummary function| _ object| sb_instagram_js_options object| tdbAutoload object| $jscomp object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdHeader object| tdCustomEvents object| tdEvents object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdPopupModal object| tdReadingProgressBar object| tdTabbedContent object| tdListMenu object| tdConfirm function| removeAds undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdbLocationFinder object| tdbLocationDisplay object| tdbFormTaxonomies object| tdbFormFileUpload object| tdbFormGallery object| tdbPostsList object| tdbModal object| tdbFilters object| tdbFiltersLoop object| tdbFiltersList object| tdbFiltersDropdown object| tdbReviewsList object| tdbCustomForms object| tdbTOC object| tdbFavourites boolean| sbi_js_exists function| Hammer function| $f function| onYouTubeIframeAPIReady object| addComment object| tdcPostSettings function| tdbGetMobileTemplates function| sbi_init object| td_res_context_registered_atts function| ShopifyBuy object| give_float_labels function| date object| sbi object| twemoji function| _classCallCheck function| mailmunchGetMethodChain function| mailmunchGetOrCreateMethodChain function| MailMunchBaseForm function| _createClass object| _mailmunchInstances function| MailmunchMethodChain function| MailmunchUrlChangeTracker object| MailMunchDeviceDetect object| MailMunchAjax object| MailMunchHelpers object| mailmunch object| MailMunchWidgets function| __tcfapi function| __uspapi object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| WebFont function| _mJquery object| jQuery111304977403723134095 object| _qevents number| tcf_loops number| tcf_maxLoops number| tcf_loopDuration number| tcf_cmpIsReady function| snack_consent string| sn_gg_dt_unit string| sn_gg_mob_unit function| getQueryParams object| query undefined| snack_debug_mode function| snack_debug function| deleteCookie function| setCookie function| getCookie function| snack_adds_init function| snack_add_tag function| snack_display_tag function| snack_setup_ads function| aps_setup_ads function| snack_enqueue_script boolean| pbSnackMobile boolean| pbSnackTablet boolean| pbSnackDevice object| snack_head_scripts object| snack_body_scripts string| snack_base_url object| me_script string| me_script_src object| filled_slots number| max_refresh number| times_refreshed object| snack_tags_present object| snack_tags_lazyload object| snack_tags_not_present object| AD_UNITS_TOGGLE_OFF number| PREBID_TIMEOUT object| googletag object| pbjs undefined| tcf_debug_mode object| gpt_script function| snack_load_gpt object| snack_data undefined| ref_source function| no_pubcid number| requires_schain string| schain_sid object| sloader object| schain_obj object| snack_tags object| snack_site_config object| adUnits object| nano_kw string| nano_kw_str object| bid function| start_snack_ads function| snack_start_pb object| ads_already_loaded function| lazyload_inview object| times_refreshed_arr function| refresh_init function| refresh_loop object| slots object| test_slots function| refreshBid function| killSlot object| isMobile object| sublime number| u number| b object| gaGlobal object| F3LNbt function| F3LNbC object| xop object| -f0e9okibls0 object| fqrdj61f0u8 function| __tcfapiui object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| invibes object| edktInitializor object| ny9B1q function| ny9B1Q object| xblacklist object| Poq5Eo2 function| Poq5Eo3 function| xblocker object| gaplugins object| gaData number| sbiWindowWidth number| sbi_photo_width_manual object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _33across function| quantserve function| __qc object| ezt object| _qoptions object| sas object| apntag object| _ADAGIO object| pbstck object| pbstckQ object| Pubstack object| pbstckrefresh function| MailMunchEmbedded function| MailMunchSidebar function| MailMunchPopover number| google_unique_id object| __uid2SecureSignalProvider object| __uid2 boolean| DFPMessageEnabled object| criteo_pubtag object| criteo_identitytag_143 object| Criteo object| Criteo_identitytag_143 object| criteo_syncframe_state object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

189 Cookies

Domain/Path Name / Value
cdn.edkt.io/check Name: 3pc
Value: 1
.3lift.com/sync Name: sync
Value: CgoIoQEQoNPyr7MxCgoI4gEQoNPyr7MxCgoItAIQoNPyr7MxCgoI5gEQoNPyr7MxCgoIhwIQoNPyr7MxCgoItwIQoNPyr7MxCgkIOhCg0_KvszEKCgiMAhCg0_KvszEKCQhfEKDT8q-zMQoJCB8QoNPyr7Mx
www.betootaadvocate.com/ Name: _y
Value: 35fc96b2-F0E4-49B7-0C3E-624002FC6352
www.betootaadvocate.com/ Name: _shopify_y
Value: 35fc96b2-F0E4-49B7-0C3E-624002FC6352
www.betootaadvocate.com/ Name: _s
Value: 35fc96b7-449A-4172-1318-19E44827C642
www.betootaadvocate.com/ Name: _shopify_s
Value: 35fc96b7-449A-4172-1318-19E44827C642
www.betootaadvocate.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.betootaadvocate.com/ Name: sharedid
Value: d7486357-ffae-4fa2-a1d4-5075871fa2b4
.betootaadvocate.com/ Name: _ga
Value: GA1.2.65793330.1697417828
.betootaadvocate.com/ Name: _gid
Value: GA1.2.1733822277.1697417828
.betootaadvocate.com/ Name: _gat_gtag_UA_56468053_1
Value: 1
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: vst
Value: a_17a068b9-2506-452e-8528-92c1030417e1
.seedtag.com/ Name: st_uid
Value: b1dd8f41-5e4e-449c-8c82-6c81bdbeda20
.seedtag.com/ Name: st_ssp
Value: Y291bnRyeV9uYW1lPUF1c3RyYWxpYSZjb3VudHJ5X2lzbzI9QVUmY291bnRyeV9pc28zPUFVUyZyZWdpb25fbmFtZT1OZXcgU291dGggV2FsZXMmcmVnaW9uX2lzbzI9TlNXJmNpdHlfbmFtZT1OZXcgU291dGggV2FsZXMmbG9uZ2l0dWRlPTE0NiZsYXRpdHVkZT0tMzMmemlwPU4vQQ==
m.stripe.com/ Name: m
Value: c193361e-0a64-4086-808d-0a9cc1e14a88ebccb1
.www.betootaadvocate.com/ Name: __stripe_mid
Value: f2270d91-315d-423b-b511-8d2c2d0e09f84e509f
.www.betootaadvocate.com/ Name: __stripe_sid
Value: 849ff079-3bce-41b8-87ef-0f6e43ce65867047f4
.betootaadvocate.com/ Name: lotame_domain_check
Value: betootaadvocate.com
.justpremium.com/ Name: jpxumaster
Value: r-481bc2f5-9c20-4b1f-9152-5d81601aad0a-11711-971032666
.justpremium.com/ Name: jpxsession
Value: r-9f39df61-82bf-4161-b08a-f72f494d2a69-11711-971072435
.justpremium.com/ Name: jpxuuid
Value: r-06c8ed54-c5c7-4433-8036-745b810eca9e-11711-971088038
.justpremium.com/ Name: 158203_527041
Value: 0_0_0
.justpremium.com/ Name: 158203_527042
Value: 0_0_0
.justpremium.com/ Name: 158203_527043
Value: 0_0_0
.justpremium.com/ Name: 158203_527045
Value: 0_0_0
.justpremium.com/ Name: 158203_527046
Value: 0_0_0
.script.ac/ Name: __cf_bm
Value: qYiEkfdL2_vIJfHDz5G4pHiAdcQZZGv5FDfPDWqccb0-1697417828-0-AWaNa40zjzRdEDSpl/Ih1gct/G+gY5H6FgBWIaOmrccxr9+Gpyq0e7NVRlv+9rSqbKZzi9dYPr4S4YhiUICZxyk=
.openx.net/ Name: i
Value: 1bb17349-4eea-434c-9e14-a3ec9ea175ea|1697417828
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 55bb13198f31554d753d501c4aab30d4
.betootaadvocate.com/ Name: _cc_id
Value: 55bb13198f31554d753d501c4aab30d4
.betootaadvocate.com/ Name: panoramaId
Value: 351587717c29b6dc865ee8a312bf16d53938791fcc5e2d25fe1811ff60ab7f89
.betootaadvocate.com/ Name: panoramaIdType
Value: panoIndiv
.prebid.a-mo.net/ Name: __amc
Value: 1_1697417828_1697417828
.a-mo.net/ Name: amuid2
Value: 9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b
.prebid.a-mo.net/ Name: sd_amuid2
Value: 9fca930e-67e1-4e75-a94f-d2e4ac7b5f4b
.quantserve.com/ Name: mc
Value: 652c8a65-0e14e-d9428-8ffe1
.adsrvr.org/ Name: TDID
Value: b8d71d56-3008-45a7-be15-ac3dbb11b4d9
.betootaadvocate.com/ Name: __qca
Value: P0-1263578705-1697417828597
.ladsp.com/ Name: cr
Value: 1
.openx.net/ Name: univ_id
Value: 537072971|b8d71d56-3008-45a7-be15-ac3dbb11b4d9|1697417829189589
.doubleclick.net/ Name: IDE
Value: AHWqTUkNmA3IywxIdulZk4AGAJGQE5ghRp5auVOww7Fw25RCrEgvMQGIjWSAi0pCowQ
.ladsp.com/ Name: smn_uid
Value: 0joogB6VA0Bo0XLSfv6wPw-yJifNVdE
.ladsp.com/ Name: lum
Value: CJC38q-zMRIFCAMQ0AU
.rubiconproject.com/ Name: khaos
Value: LNS6QZEW-1Z-4NR7
.betootaadvocate.com/ Name: __gads
Value: ID=4ca147eada05c245:T=1697417829:RT=1697417829:S=ALNI_MZN3Q7iBRk6oPmfw4L4RWDQ_u1Bqw
.betootaadvocate.com/ Name: __gpi
Value: UID=00000c633235e141:T=1697417829:RT=1697417829:S=ALNI_MZqE87kzyNpg0vN5K7wVlU8NkzOBQ
.betootaadvocate.com/ Name: _ga_4ZLLC2NYSG
Value: GS1.1.1697417827.1.0.1697417830.0.0.0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.criteo.com/ Name: uid
Value: 3415b3bb-e415-40cd-af3f-c60ad2f4b03a
www.betootaadvocate.com/ Name: _lr_retry_request
Value: true
www.betootaadvocate.com/ Name: _lr_env_src_ats
Value: false
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDVNSjI0NrS0SDM2NDU1STE3NU4xNTBMNklMTDI2SDFhAIJUna4MEA0FAD4YCfM%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI1enKAFJQAAASxAGE"
.betootaadvocate.com/ Name: panoramaId_expiry
Value: 1698022632561
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMID
Value: ZSyKaFaZJ5uzO69AjJMJsgAA
.casalemedia.com/ Name: CMPS
Value: 4689
.casalemedia.com/ Name: CMPRO
Value: 4689
.3lift.com/ Name: tluid
Value: 2893645343607101944219
.sharethrough.com/ Name: stx_user_id
Value: 373ae8a6-baf2-488c-964f-e3b797688c13
.360yield.com/ Name: tuuid
Value: fde05a54-b1ff-4f44-b17c-d6ff99e61875
.360yield.com/ Name: tuuid_lu
Value: 1697417832
.justpremium.com/ Name: jpxumatched
Value: gg
.contextweb.com/ Name: V
Value: 7umE1zY5M5Mb
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1nfv|8o4.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 76f84a29e27fa247
.lijit.com/ Name: ljt_reader
Value: Hfi5BLZH3VP7iV2ZSI6qy0Rc
.omnitagjs.com/ Name: ayl_visitor
Value: b4550e330d15234e4f8764af61e3bc1b
.33across.com/ Name: 33x_ps
Value: u%3D212308014644721%3As1%3D1697417833060%3Ats%3D1697417833060
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBGmKLGUCEBfFcyet5iNsVvNs1yE-TDYFEgEBAQHbLWU2ZQAAAAAA_eMAAA&S=AQAAAnIyySyIbyqzKjma67GVQek
.bidswitch.net/ Name: c
Value: 1697417833
.bidswitch.net/ Name: tuuid_lu
Value: 1697417833
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZSyKaQAU38MioQBV
.bing.com/ Name: MUID
Value: 003D7D97EB856A030E096E3BEA156BC2
.c.bing.com/ Name: MR
Value: 0
.adform.net/ Name: uid
Value: 6226166435111640801
.smilewanted.com/ Name: sw_user_params_infos
Value: 8sdRREvsw7LjLys0YvGw889CX%2FfHjSc6CyeAxKqjInArLhR0AqAnG5isocEBDm6JI6s2%2BeMv5PwGSJ0Cb8OfiAETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u68pNfA0iP0FWYki%2BWfOL4aA%3D%3D
.linkedin.com/ Name: li_sugr
Value: 2dfd026d-a85c-4d7c-8dd2-9eefb5968ff7
.linkedin.com/ Name: bcookie
Value: "v=2&16b06393-748c-483a-889e-ad6d7847a40c"
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2870:u=1:x=1:i=1697417833:t=1697504233:v=2:sig=AQGZPFjSSXdYY1QTKxkXfhuceyuYAflV"
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiOWZjYTkzMGUtNjdlMS00ZTc1LWE5NGYtZDJlNGFjN2I1ZjRiIiwiZXhwaXJlcyI6IjIwMjMtMTAtMzBUMDA6NTc6MTAuNjEwMTE4NDAyWiJ9fX0=
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f.ivsoAezQsI806Gvu4p8D0FDjH6b%2FiDjvWpYXJVhAEqo
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b5741e3a-2fb1-50ea-7fd0-adaa454b4b1f.ivsoAezQsI806Gvu4p8D0FDjH6b%2FiDjvWpYXJVhAEqo
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AtXQeOi-xUOp_0K2qRUtLH0LLcKg.lnNPVxEYSQ%2FzsFgID4QRI3qUt7ttkfRvuUkRV0sKmZk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AtXQeOi-xUOp_0K2qRUtLH0LLcKg.lnNPVxEYSQ%2FzsFgID4QRI3qUt7ttkfRvuUkRV0sKmZk
.onetag-sys.com/ Name: OTP
Value: hKba0zo_j0hDDB2qgw3VVkrtUvdci2t73tcLBALWDAg
.smartadserver.com/ Name: pid
Value: 3002630251532073220
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M4.FEVNsVF']wIg2E>9oheB#!]tbP6j2F-.o%/6/guKFUatC]ImbH<9+v+YL+iVD<_OB$HTIy!VZs!`[d%`-L)5r4<[ur71D]EH<QGn8@'s>Tw8FPK
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiOWZjYTkzMGUtNjdlMS00ZTc1LWE5NGYtZDJlNGFjN2I1ZjRiIiwiZXhwaXJlcyI6IjIwMjQtMDEtMTRUMDA6NTc6MTNaIn19LCJiaXJ0aGRheSI6IjIwMjMtMTAtMTZUMDA6NTc6MTNaIn0=
.adnxs.com/ Name: uuid2
Value: 5075661259466851363
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 9E45E727-AF28-4517-B26A-2859989D7BB5
.pubmatic.com/ Name: DPSync3
Value: 1698624000%3A201_245_226%7C1697500800%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1698624000%3A220_196_176_13_96_3_21_233_107_179_8_22_56_264_214_209_238_71_54_247_165_231_254_204_234%7C1698019200%3A15_2_223%7C1698710400%3A35%7C1698278400%3A63
.ipredictive.com/ Name: cu
Value: 9b82c21a-74a1-4391-92a0-9f9bc7e04753|1697417833538
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3Aa0BoxKWi9bW6szCGKZEsJ9OKEmjznple.%2F8dYeb0pt6hLIYTS4dgQzwPY3o3Z%2BIj3BgCLqL9f%2FVk
.bidswitch.net/ Name: tuuid
Value: fafbc36c-fc76-42d0-9db7-6e7009269545
.tynt.com/ Name: uid
Value: uNE6HWUsimnfxCwlLQ/oGw==
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.ads.stickyadstv.com/ Name: UID
Value: 2a42fc2648946ae13c8b7b03ac4f4
.richaudience.com/ Name: pdid
Value: 7df2bf99-4cce-4b35-8f6d-1zz1697417826
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIADsEBf4mdR8ZwI29eEMkVf56ZMwfS4zDcX21gXHv9X0EHwYBCDplLKpBjABOgTwLrJgQgSNM2Y_.SqYWmLfyXUXSDXHEJnCZz%2FHBSoq956LxwPA6l8lfSIU
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIADsEBf4mdR8ZwI29eEMkVf56ZMwfS4zDcX21gXHv9X0EHwYBCDplLKpBjABOgTwLrJgQgSNM2Y_.SqYWmLfyXUXSDXHEJnCZz%2FHBSoq956LxwPA6l8lfSIU
.ctnsnet.com/ Name: cid_67353db210bd4cbbacad50ba25c7524c
Value: 1
.ctnsnet.com/ Name: cid_34364c3e5d3a469b9a3beaaf7193141e
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1697417833731
.tapad.com/ Name: TapAd_DID
Value: 6e2316d0-c22f-4adf-a705-4cae62777e14
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.clientgear.com/ Name: mkuuid
Value: mk58226aef9f604bae87d2b1ab7a1cbac9
.rlcdn.com/ Name: pxrc
Value: COmUsqkGEgYIkLwrEAA=
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: be258935-74d9-5421-bf81-3ac2daadb0ab
.betweendigital.com/ Name: ss
Value: 1
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1697417833804%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1697417833804%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1697417833804%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1697417833804%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1697417833804%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1697417833804%7D%5D
.bidr.io/ Name: bitoIsSecure
Value: ok
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 11ywn99vl3i9
.blismedia.com/ Name: b
Value: 652C8A6970452A46677FFD51BLIS
.csync.loopme.me/ Name: viewer_token
Value: 6b5f3668-9262-4254-b280-37b4878ee5b6
.id5-sync.com/ Name: 3pi
Value: 264#1697417833801#-1362960318#b8d71d56-3008-45a7-be15-ac3dbb11b4d9|441#1697417833497#52521108#a_17a068b9-2506-452e-8528-92c1030417e1
.simpli.fi/ Name: suid
Value: 8DA2511EED2D4652A27AF3DF5C0B52B8
.creativecdn.com/ Name: ts
Value: 1697417833
.creativecdn.com/ Name: u
Value: b20ExNmGsBp9gNoCufSc
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-67353db210bd4cbbacad50ba25c7524c&KRTB&23328-67353db210bd4cbbacad50ba25c7524c&KRTB&23427-67353db210bd4cbbacad50ba25c7524c&KRTB&23445-67353db210bd4cbbacad50ba25c7524c
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-b8d71d56-3008-45a7-be15-ac3dbb11b4d9&KRTB&22918-b8d71d56-3008-45a7-be15-ac3dbb11b4d9&KRTB&22926-b8d71d56-3008-45a7-be15-ac3dbb11b4d9&KRTB&23031-b8d71d56-3008-45a7-be15-ac3dbb11b4d9
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6226166435111640801&KRTB&23263-6226166435111640801&KRTB&23481-6226166435111640801
.betweendigital.com/ Name: ut
Value: ZSyKaQAN_ghsztmKtniiFrxsD_ND7BvmK-V8Aw==
.a-mx.com/ Name: amdt_t
Value: g::1697417833790
.a-mx.com/ Name: amuid2
Value: 304ba9dd-8088-449f-a309-2668b930a50a
.bidr.io/ Name: bito
Value: AAH_G07KWRUAABjUly_Eag
.quantserve.com/ Name: d
Value: ENoBDgGZKvijDCA
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-11ywn99vl3i9
.richaudience.com/ Name: cmpsync
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5075661259466851363&KRTB&23339-5075661259466851363
.pubmatic.com/ Name: PugT
Value: 1697417834
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-tXQeOi-xUOp_0K2qRUtLH0LLcKg&KRTB&23334-tXQeOi-xUOp_0K2qRUtLH0LLcKg&KRTB&23417-tXQeOi-xUOp_0K2qRUtLH0LLcKg&KRTB&23426-tXQeOi-xUOp_0K2qRUtLH0LLcKg
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCLrE09qb-6Y8EAUSFwoIcHVibWF0aWMSCwiKluXhm_umPBAFEhQKBXRhcGFkEgsIrJ-_5Jv7pjwQBRgBIAEoAjILCPagyJKy-6Y8EAU4AVoHaWQwbGg4NGAC
.smartadserver.com/ Name: csync
Value: 75:b8d71d56-3008-45a7-be15-ac3dbb11b4d9|76:CAESEBi5uYgTo2tfEyf77gUW3wE
.adotmob.com/ Name: uid
Value: 09af220400e5db26fc5a9bbe
.adotmob.com/ Name: uuid
Value: 09af220400e5db26fc5a9bbe
.adotmob.com/ Name: partners
Value: AYL%3A1697417833956
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6936
.prebid.a-mo.net/ Name: _sv3_6
Value: 1
.betootaadvocate.com/ Name: cto_bundle
Value: KtwmVV9NTCUyRjhvb0xHQndTNzdqUE9zWW9lJTJGZ2QlMkJqU0VIMk02dnBkR1V2clR4ODNsVWJEanhhMmZVZWhoY1hCRWkyaFVZUnRvUnVLYUlmTnhCNDhuSUoxOE5qJTJGdHFKNG0yaWhSbDZ1Z01vWVdqZXZaQUNFbVNVbnA5VzY5OExqRkQwaGhhMzZSS0kyMWQ0cWthR0Y1RFNuSWdwc1M2ak43U1lqZ0xsa1Q5cFBzZTNQTSUzRA
.betootaadvocate.com/ Name: cto_bidid
Value: edLtdl9FQ3E0SEJhbnZFckVUSnZ0WWElMkY1NjlIV2ZkdDBBaUFNdDZoTXVqRiUyQmtNWVRzSHFKeGg5WURua2NqMWtwU3lOVkVFOXN5VEhpRFBwUUNKbG93cnFOayUyQlJUWGVrZzFJc0Z6ckRYaiUyQkpkNjd3WDhDbUZqY1NzNkxXYjdBT3pPZ1lH
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd984cSmDr2HtTO9bfyzERtERrypoclGnmoxAJalzoQs0p9ECMBcvWv9xHr-GB4srMC4Q2
.rlcdn.com/ Name: rlas3
Value: BoBgY+uI/+BS/0fF1YfQz6wCrH5WIwqUUPRKWLdP1jo=
.brand-display.com/ Name: _knxq_
Value: 3b404e16-eb90-c4fb-ceb78677.1697417834.0.1697417834.1697417834
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjk3NDE3ODI5LCJydWJpY29uIjoxNjk3NDE3ODM0fQ
.postrelease.com/ Name: visitor
Value: 574ddaf9-ee0c-4886-baae-c3a5fda8fb00
.postrelease.com/ Name: status
Value: 1
.adx.opera.com/ Name: UID
Value: OPUd54849fa7aa14078b94be5fe5d2e7668
.zemanta.com/ Name: zuid
Value: VCys-l-RAZ9kUgc8b9US
.openx.net/ Name: pd
Value: v2|1697417829.3.2|lYvOjEiuhI.iauIjIvGlQlU.vysnkSrApMvAkqvHsPtd
.admixer.net/ Name: am-uid
Value: 68e8858b45a741eda0255d861458facf
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6IjlmY2E5MzBlLTY3ZTEtNGU3NS1hOTRmLWQyZTRhYzdiNWY0YiIsImV4cGlyZXMiOiIyMDIzLTEwLTMwVDAwOjU3OjE0LjEzNDA0MjQyWiJ9LCJydWJpY29uIjp7InVpZCI6IkxOUzZRWkVXLTFaLTROUjciLCJleHBpcmVzIjoiMjAyMy0xMC0zMFQwMDo1NzoxNC4xMzM3NTI3MzVaIn19fQ==
.id5-sync.com/ Name: id5
Value: c6993688-0568-7070-a3ba-33bf9aa33152#1697417833215#3
.richaudience.com/ Name: avcid-ttd-uid
Value: b8d71d56-3008-45a7-be15-ac3dbb11b4d9
.c.appier.net/ Name: _auid
Value: tdCGvqsDCF61Ojt1aoosZQ
.pubmatic.com/ Name: SPugT
Value: 1697417834
.company-target.com/ Name: tuuid
Value: 63577354-6412-40c4-b875-097ee147e9da
.company-target.com/ Name: tuuid_lu
Value: 1697417834|rp:0
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: "192z~2ei0:196y~2ei0:18z8~2ei0:18vk~2ei0:19e0~2ei0"
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fvisitor-us-west-2.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D^0^0
.pubmatic.com/ Name: pi
Value: 159706:3
.seedtag.com/ Name: st_cs
Value: qbIiTfhglkYwjBIwoCIBqPq1WOeyX+eDRg+U3Egwpu0gBCN8IoeG25lM7a0wV35xA1EVcaRozZWVJoyqKOEZevMDn4yqlgChDWWwVcg/clXtKuzXg88zYSFAQHRDPuqiVkPf3b8255JPoFWwhEViOoGtYhHyvbLluUGKg1PYtQJMHM5uzGOambaxQ4tcLLVnPpFbByEFGdHRwBaMiuOxg1ONtluIF3k4b9Vev7JJvJpP3OiK2C2V1zOKRP2J75xrb5xbjhBFpkxEFp0NZ6pikmVcgx7deNDYMqPmvIKLlv0yawrOWppGOpe179Wjc8/ZH5QgqEd27ha9fnR/A2u8d3o5GJxtauk6qc35QUY6aa8vFjHHA6wgRn6vURnP/W4reLaIh8jemdV4Ew/h6e10Ab6RlNI8DgbHyBaKRFl/2ZF4lsgCabfy9Ldhe7W0YI9R/yoMOS7AYTVQkpslj24HgHyfFdlduZdHM+OD/YdFdBdq3z3OeTzaRzYphy6iDz+y+SPoxJdthE3IHpfRI9navA==
.seedtag.com/ Name: st_csd
Value: 1697417834342:1697417834342
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzcxNjKwNDG2tLAwNzYyNBLiM9R1tEgLLzRNyjDITEwHAHVs08klAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzcxNjKwNDG2tLAwNzYyNBLiM9R1tEgLLzRNyjDITEwHAHVs08klAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFyGtoZmluYmhuYWxibG4BADe1jx0QAAAA
.mxptint.net/ Name: mxpim
Value: R4E330_10A9DAD81_5EB5A8BA.1.0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000652C8A6A
.amazon-adsystem.com/ Name: ad-id
Value: AzY3UHKAKE2dussNbakoAYk|t
.adfarm1.adition.com/ Name: UserID1
Value: 7290354084683184273
.tribalfusion.com/ Name: ANON_ID
Value: aDnsmArwZaybQXwrSPTrCKGjYiKptvKJYoXxPEv3WmCB97550JcAYshdKZdaZd6ZcgRS58GF8x9fKZdF3
.w55c.net/ Name: wfivefivec
Value: hpLXghb21QSbV05
.hb.yahoo.net/ Name: visitor-id
Value: 3404194342890404000V10
.hb.yahoo.net/ Name: data-mag
Value: LNS6QZEW-1Z-4NR7~~63
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLRKPTCG+YGg2svGr/qdDoV5rNwRqZCJ7gB3yyixoLQAHnnLd8S/067XvrScBDJPMYmIjECCV1W2uBxGCOXoSK13JVirmTB2nGyqVI1k5poNA==
.mathtag.com/ Name: uuid
Value: 6e96652c-8a6a-4e00-849f-8a5a8f6dd671

59 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security warning URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/valnet-snackmedia/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.betootaadvocate.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13244' from origin 'https://www.betootaadvocate.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13244
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?source=249286
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cs.nex8.net/cs/openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://omny.fm').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js.stripe.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://google-bidout-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://67483b11274e051c765a5367327c0ac5.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://snackmedia-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pre.ads.justpremium.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://omny.fm').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js.stripe.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://google-bidout-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://67483b11274e051c765a5367327c0ac5.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://snackmedia-d.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pre.ads.justpremium.com').
network error URL: https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://match.prod.bidr.io/cookie-sync/richaudience&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://match.rundsp.com/redirect?ex=openx
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://b1sync.zemanta.com/usersync/pubmatic/gdpr=0&gdpr_consent=&https:/simage2.pubmatic.com/AdServer/Pug%3Fvcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&s=2?gdpr=0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.betootaadvocate.com').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
67483b11274e051c765a5367327c0ac5.safeframe.googlesyndication.com
a.mailmunch.co
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
ajax.googleapis.com
analytics.mailmunch.co
ap.lijit.com
api-2-0.spot.im
api.edkt.io
api.rlcdn.com
apsoutheast-match.deepintent.com
assets.a-mo.net
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
betoota-advocate-shed.myshopify.com
betootaadvocate.com
bh.contextweb.com
bk.r-ad.ne.jp
boot.pbstck.com
bttrack.com
c.bing.com
c1.adform.net
c3.a-mo.net
cadmus.script.ac
cd.connatix.com
cdn-header-bidding.snack-media.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.edkt.io
cdn.jsdelivr.net
cdn.pbstck.com
cdn.prod.uidapi.com
cdn.shopify.com
ce.lijit.com
ced-ns.sascdn.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cmp.quantcast.com
cms.quantserve.com
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs.nex8.net
cs.seedtag.com
csync.loopme.me
csync.smartadserver.com
csync.smilewanted.com
cti.w55c.net
de.tynt.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dps.jp.cinarra.com
dsp.adfarm1.adition.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
events-ssc.33across.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
forms.mailmunch.co
g2.gumgum.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hde.tynt.com
htlb.casalemedia.com
i.liadm.com
i.w55c.net
ib.adnxs.com
id.a-mx.net
id.crwdcntrl.net
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
intake.pbstck.com
inv-nets.admixer.net
ipac.ctnsnet.com
jadserve.postrelease.com
jp-u.openx.net
js-sec.indexww.com
js.stripe.com
lb.eu-1-id5-sync.com
live.primis.tech
m.stripe.com
m.stripe.network
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
match.rundsp.com
match.sharethrough.com
match.sync.ad.cpe.dotomi.com
monorail-edge.shopifysvc.com
o479328.ingest.sentry.io
oa.openxcdn.net
oajs.openx.net
omny.fm
onetag-sys.com
openx2-match.dotomi.com
ow.pubmatic.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid-server.rubiconproject.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
q.stripe.com
rbp.mxptint.net
rcp.c.appier.net
refresh.pbstck.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rubiconcm.digitaleast.mobi
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.seedtag.com
s.tribalfusion.com
s2s.t13.io
script.4dex.io
sdks.shopifycdn.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snackmedia-d.openx.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
t.adx.opera.com
tagan.adlightning.com
tags.bluekai.com
tags.crwdcntrl.net
tags.w55c.net
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
usr.undertone.com
visitor-us-west-2.omnitagjs.com
visitor.omnitagjs.com
widgets.snack-projects.co.uk
www.betootaadvocate.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.omnycontent.com
x.bidswitch.net
api.rlcdn.com
beacon.lynx.cognitivlabs.com
c3.a-mo.net
cm-supply-web.gammaplatform.com
cs.nex8.net
i.liadm.com
id5-sync.com
image6.pubmatic.com
match.rundsp.com
match.sync.ad.cpe.dotomi.com
pixel.rubiconproject.com
s.amazon-adsystem.com
sync-dsp.ad-m.asia
sync.1rx.io
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
103.180.114.1
103.229.10.171
103.229.206.240
103.43.90.53
104.16.112.121
104.18.23.145
104.18.25.173
104.18.25.18
104.18.27.193
104.18.35.167
104.18.41.104
104.19.158.19
104.20.106.62
104.22.69.131
104.26.9.169
104.68.31.231
104.74.52.98
104.74.54.193
104.99.59.16
119.9.108.211
13.107.21.200
13.107.42.14
13.113.16.177
13.224.181.51
13.224.181.56
13.224.181.60
13.224.181.82
13.227.254.114
13.228.126.19
13.228.194.70
13.250.207.233
13.251.207.23
13.33.92.130
13.35.147.111
13.35.147.22
13.35.147.51
13.35.147.78
13.35.147.83
13.35.147.89
13.35.147.97
131.153.159.157
131.153.206.103
134.122.57.34
139.162.23.100
142.250.66.161
142.250.66.193
142.250.67.14
142.250.71.68
142.251.175.155
142.251.221.74
151.101.130.49
151.101.65.229
162.19.138.118
162.19.138.82
162.55.233.28
169.197.150.8
172.217.167.72
172.217.24.33
172.217.24.34
172.217.24.35
172.217.24.42
172.67.21.25
172.67.23.234
172.67.25.151
18.136.50.83
18.136.94.236
18.138.18.111
18.139.186.142
18.142.217.112
18.143.217.97
18.177.11.95
182.161.73.129
182.161.73.136
182.161.73.146
184.24.254.89
185.146.173.20
185.184.8.90
185.84.60.20
195.5.165.20
198.8.71.131
203.195.121.142
207.65.33.79
207.65.33.82
207.65.33.83
209.191.163.152
209.54.182.161
211.120.53.206
220.150.223.50
23.106.127.164
23.106.127.39
23.106.127.52
23.106.127.53
23.108.103.8
23.204.64.209
23.206.242.194
23.219.61.234
23.219.61.36
23.227.38.74
23.227.60.200
23.32.5.111
23.48.97.24
3.104.241.36
3.220.57.224
34.102.146.192
34.102.253.54
34.107.140.113
34.111.113.62
34.117.239.71
34.120.107.143
34.120.111.33
34.120.195.249
34.120.57.242
34.142.175.23
34.149.50.64
34.160.19.107
34.95.81.168
34.96.105.8
34.96.71.22
35.186.193.173
35.190.60.146
35.213.12.39
35.214.206.1
35.227.252.103
35.244.159.8
35.75.124.203
37.157.3.26
38.133.127.159
38.99.107.14
43.206.55.56
44.240.147.169
45.137.176.88
47.252.78.131
50.116.239.135
51.79.152.76
52.195.78.103
52.204.242.176
52.207.39.196
52.223.2.229
52.223.40.198
52.25.216.204
52.38.203.118
52.39.217.56
52.76.54.83
52.95.126.138
54.144.115.246
54.157.228.38
54.178.112.79
54.179.129.164
54.187.119.242
54.204.93.234
64.202.112.255
64.38.119.44
67.199.150.77
67.199.150.85
67.199.150.86
67.202.105.21
67.202.105.31
69.173.144.165
69.173.151.100
69.173.158.64
69.173.158.65
69.173.158.92
74.214.196.131
82.145.213.8
85.114.159.93
89.207.22.73
98.98.134.243
99.84.203.101
009b1d256ae58a7c2b6d80c92be4faeb422e382c39479138995d37c7923e4c0f
00ee00f0f4f9549ecce8c62f0e21c14ed7214ea7cd45629532811e1ec1f24c6d
0113fa2d13f90be3c8bfa3eab75a2c17dc84e78665769d28128be5ae884ca2c7
03b91cc6b7b75f6aa9e1015ded5196298213496512857cbba8ac41a23ae06c13
04113df1ffb14d915c6e87aade072de6b5ae9783b26534c0d1f8190264fb6449
04c1992406ec9c6f2aac5a686c636ed33dd24e80edc607559710ec293b571da2
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b1e4cdf8bdc12d82290ec2d664510181e621c3383650633696330d1c1672fd8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be8c7cf20b0dd91443fc06b8871748edbcb4cffa96669921b8094361b0c797f
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c7a2b95686c14f42fff7ea82f42957f1f42fb9ab76eb3d9d899a0dce4333285
0f607158c92d9c88b8a13efdb99e0a8332d1e478059892693621e5872ae6b81a
0fed184c46fcbc337ae224a99364cb9ff795b5c825f642f96565dc47b08e1b9d
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
10c2c2c777394420e707d7a1c19ae1dcd1926f5bc867c8271c73a90425aca730
127606e67cf033badc3dbe1f6c3596917ce3f2d4512811a0e63d73037d875297
138feca8288a7af131c0964b2b77cd13d6b0770b9b7b781542902d7dc7ae303c
14a32594b479cf64cb7525d2b3a369076e0b8b048f96bfb0222799ddd8ec949c
14f475e4054dc033cccc4e0bf37234b8cf5981a00a357dc1a77a60ecab80f66f
14f9143eae1d071e0ae1e1d309264929ca1e1f86cf37b1d21bb60f6b4468340f
159043fcb16dd5c9a4b6a80581f7a91dc5987665ea5f7851da6c29fba0615a64
1852ef3555966311ab29f605ea10c4bb398df5b14769f7db8f97be90f2dc5858
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
1d7f9289b9e9b768f4add47941d29f127d5e3343774de111f7e68a9af81e33f2
1e84ca05042121bc17e996460342d5f49f5afa5ca877e0055bdefff099aff425
1eb3fae0d7e995cb7915fa560bce32d166dfdb6f7db6aa210db1e745817ebacd
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
23eec7b30249ab99e76f351542d008faa6a26dc03a6abc484df23453f5a94fec
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c1e314bd40a5d53a2e657710b9a41778f2e105084dd41fb2305dc008d5bffd2
2c210dced3679813bf7aef99e23336e7c2b28dda407a42358cb0c45a1ed7d032
2d091fb725b5b5b4a9a247d260d9892afda2690843b92f8e713451a97e472e92
2d1c1f074f56ec8caa2fe0f67c0933719bb6fe52ca11b3f6751ae62059404827
2ec6448b7aa7fbcc0f2a6bd60da1d59b4c1ed2884bc21f22044f16e4582331af
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fbf6d8d0202c8d7545af100b9865c2341c333220735bebbb8c243430300e46d
2fe62006eb24f633f53a11d09f19a42e22c7ce960ec2b3f471226fdb5bce3235
3166495759173f1ec421b49684ac35e715870639916515ca0772426bdb79268d
31c43209cf08c259d5905088dec284224a18adf88856d22565475ea555c6ce31
32be64f15c29dbe50ccb6eea5ccc2c8589b2b5f00bd1bf5f0d429c4f4f8c11e9
33678482c74c751f057c482878add31363cadc66690a2574ffb64ac7fd269fff
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
35466f839c13a4021cec4143cba267ba28880a05d5643a18916ad09f5654d0a9
36a4f2225ba4053652a4f745e9b28c84d37a84e92c5d363a758457d1bfa6da22
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
374783ba32e3b6c017c3b6b5e62415acc413d049612f62be0130a1005dbf3a26
37c35c5deb2310a1020090096d759e8b8a98e5c4c19d147881d234aa0643ff24
38a94dca5d95c210a670a327db5f38030f7b42da54d7ee832a3dd77265b249a0
38b70ed8c520a70155b264115c991e54a9aeca37b6ffd988ec82641be6d9f440
3b4790db39169dba45a44fd79ec37da5557302627546df0adcde836570ace0bc
3c0ff616c4a4ba55ac39879cf07c33751bb4f794e56314d63a92e55cda47802a
3cea1bc9d60f7ed01955dc082bb25bac5d531e6a95f06c976913b4b9f52c2daa
3d230ded0d47548eca5bdbda2107399f501a5c06e2cdd900f449fee17541ee76
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de06d17189e15796e7e8f2640a21b655c2d1562e0fdb88df501f9f3138ad42b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef972e539b22bf48cae6e4037754734e6e78760a52d0040580014014c928b00
3f0c2016ec4207a1f68ae53cf67bbd0102e37c451bac9483123aaf2a36b71d5b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9
43d395a8ec6d8918aea04372aba3b1609ee79481cf677928925b6daafa09e73c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
4441d80afe22505a2610228b3133b20fb8e227a60bcf2f34c61e52299ddf8fa3
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
450b99a8f26cbeda4af46867bebc233cc126e696e321b8ba9a4d2e2e2d31dc63
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
465b2c4c6b84c1afd5a97981c0a946be56cdce4ed77188cb0d7c0538353df58e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b9c946d5cc06a76dc2622f8fc4cbea06af1fbf3d9aadbede5a3a8cb3a8a714
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48796da3f7da8b306e2026c33c14a749dd20df3a922a9ed35d8493c3808c44e4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4962af7868680d06521e51125c3a6fcb112c5a476e028016bf1ab23736d97639
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b91c17ed7e0f30dbe51f85b27c376b5d1c509ffae03a73d97583d49696490a5
4c2578a23a9cb035d58f7d90010a0b11922175f96ddfa589dc7510e0f439fa89
4dea00bf10e0e94309b80e6e574a91e18712ade7cbf6107b42093cf60c74f782
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134
52923fbd8b1f380954792b9d24d82c2b14c59ebe8718689322afc43526c2bcd8
52b271755c20065434fe7d35e0e5a477a14b649a38bbe78034aaffc7762f126f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b6cd8a88cc0f741f2e3e428ad5d7c0c58598971341db3725bbebd4a7bdc053
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b0ff4b4a981b3e9fffbb84f18d1d74289633194ab15a04c47ceb29973c9f7e
561d75b69f4c05ef2d7335bfc99a1f0cad36d53cdc96d58e506426bc7b18c4dc
56260e98153310a37d99e5366a5a03ca3bd1828e2c565a384aea598a0f07070b
565242a8db7c60f6e17b44e7e38f6ea5c14f1e217a1e69fb869316a5d80b854e
584ac38a54a8e9268303d5b2f97f804a9f5122543515f28d81f6a6065d912fe4
59726d87e72c58a02caa598dae1d09a931f664464849df5c142ebdb5e9f02004
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5c7987d2f26ca9bf8254df658877b74005f2e90d3f477eacc606e011341d8082
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
5dc5f88d4de785d1949d532002c28a8534385d8dcf7b35019dfa3ace764cb9f2
5e270cc0c5a4d0571518dbdf4c5f347fdc16b43cdc920837de0e7bd422607ea7
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
608479402f9a9c10758fa4718f5159928520f0354f3859d72cadd8b90590bc03
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
640b6b434c3af20cd693d80b98bc05f8ffea87d29860184c41f6b3489c7cb658
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
664bcdcd633cfe1700f9869f4c1d642de23ab2fbf99d28fe0c4abd80acf4cc71
66f1e07fe881fc78609dbc251da2866d73786f010054045db7c1ba9b89d667ca
674f92c4d629877b811e4b962ea5a4e80883cad7497d3d622ffafae5df275f37
68f9878ec0d1bcae87fa4f7c68767acd4058ec2107e4105646c87aee8334e936
699d6786cba8479229fa412a5b6347e5eedc69308bd776a815b77bd1a443dd3d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf9bb26263ea7f5b18ab30b3d6c86f7df14c3a0d97cb5a67eea10b485f4d338
6c6c150af6f0ce27fdbef6f8e369023bdde241b441afae270693122914bcc50f
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6c7d2a9bfe9ac282d92273c5c5d55b7c16ad2a07a8c3cbf22f446e9f8dbcb1f6
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
71b00f504eb27a71fb020570eaa49f8548244361bf5e063e85bc9369f1eed058
72106031e295659b42808c4d806071f80d95b5ec63d4f1e14fb3799f7ec4cd19
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
7685b8c8b0c352fbe006ed5b2f5b8128763e28be5bd78ce79367b4743129b09e
769a30685d5b963d6c6c3dc57444210f92ca3c7b58604b9b2122adcafa351f03
76a44bc76bb7c55cb1c586a52da9da99537e85e0853f6851d7a5a19aae4c3f93
77bcb4c37f64db9971f05424bd125a9d48fa46729effa3c90cfa90bd6d705bd2
7a06a8ebef7061b6c6f768f520d5b98b7a0830c3c3517b3e4f9a99767cf15a9d
7a3543d5f398aaedb9fbf4bade2f2a74505fcdc2b43f11dcfbc9224c345ce113
7acfe1349d1f2ebea60d0a2c9278f4235595740d286d10e6ed91d8ee0f0533fc
7b536ded558ccf7c84991908c01dfea31e4a894e52f68356583027d78d35c706
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7c597b3bdf71ceb1e7537f8681fb223dab065719865414921e01688e26a9b4ca
7cc3f5c2779a9f7886d1138b000c3b2f304428dcc74a9623237142f9795bf827
7ce3557eacebff06b6dab13629d491c9e92e47f6d240e3c4a5762d188d203f2e
7d6dde364cc68f0831c481943cdc868017f24e916a5c41f1747b9636273cfda0
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
802e9028483930a2cf1e6cc857183b4404451e72ec9e555845612bacdeec2490
81a7d8a047857c04f34dee91793ff2474128f76e8339511607f80a27179fc65b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8752501a9c32832119ff9cddfe47b8f32e51c97d5abbd6d254d3646ca9e6d665
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b0985500e3236a84c73680579f8da40d6f7505d40f43727bbb9663d22e46df4
8df78a622d3bb2beeb96ec57808c0c1e711a14ccf1a3df971e21da2f561d33a4
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9158b38d44160317b8e6ea028f3403e4762cd377f7f8a401b7802d0aa7c044e9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
918ecb4e1e53542dee3bb52b56c1b0e39dfa622af8f007de26da715ed8a95cee
91bea587558295b681d6c676693313e054b122f81e85eb29b875ea6f68a0868f
92627de3f8247ba3779c04c97da834843cd2ce0f9b8bcbc90d5de669286c1812
928b32acd96edf814334c8e140ab7f46b6a80f2891434a6e1d9a4ad3bb757597
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
942ccdff9127e824951b7e783a5f2a45e01aa2eeb218d7a195c8f33713304a0c
9433f59f632df52f8acc2b5eada79d9d814eaf4a7556b8b2067cbd1f765974a5
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
966360a88a7e084cfc9cb1372ab8443618fa9a8fa8bd89afeb0f67aff0c37452
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99665f6030003d18fb3ad3ca8c848450e17be4400b3ce9ad52d0359abff7daad
99ade1fae800847f7cf96a29237856bd7a4ea1892473a5e0c2aaba595955c103
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9ba7fe60f7251f35dd15a59a1d4cc5f856be473241f498f9ec0edc0b1606f99d
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9de4c25b3979875eac99e2816b0675fac41b2f10f4286265801215e997d765bd
9e7b5f7f2437b40f376000a5d11f20b0e4e958363239915d054c071d5bfc492e
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a02e6122bdf996f96119d55a826c29725e0d9e8fd4c28bef941a78ea549af6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a26fda16b09439f709d82b9ec062fb072289bdcc3248dcd636c1100a8699ae6b
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a59ef267e9431c4b2ee6a5f80e0224eb1b9c6072226521be86d2d5b74501424a
a6123255ebd752ae68bf7a6b608c7eab22d39f678f875727d7914880245cea05
a6eded00baf8989a00ae532498c24904285fcf42a8c7d727f2270ac74cd4d56b
a70ba31dc15edb10ee1acd1a95b433145489b893f320bd0b7a070acd3be054d2
a73756a678e8e2a8aa4c3ebec6843b379474c1ecb7bd3124f879157141746475
a7a78545b22f0d63e605a66b029a8e5a156d32938e8c4dd2fb756cf1b1663052
a8f5b8eced6782714d0dcabbba53bc1e6d8e205a338848ea22d59dc1b2bd178c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa338f9f28f12ceffb790ce01497cb31c32a8265f59a82fce44b56ea6af525eb
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae79e9d258d8a5279ebb7b726485c5a74bab661c29617a3b2cc2d5e0741be191
aead40a33b41b4efc902af7dceff5eb6ed1e2c436c2657850d1b9b3de65b4099
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b10da3db8bd92838051a2f554d6d8dab5603d0367606f74610f901b0f18da4ee
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
b2239a36b676f56ac4569b253bebe7fd244c22f91c76cee060640386cb16020d
b4351bb8f000ae7aa9d6a168799c09e57a49e6564520b5f25be3488b5075513a
b4dbfeeadd90ab0e35d5ee417185835f74cc08635e1bfbcf9e29c44fed57a5d1
b846ef170dfb8305947448dbeeec8b1054f73573346678f1a4f9f72f981a4c3d
b919dcb87ce9dd2e66882154d391c80a6f91ee4ba3d352fa88657729d61cd6c1
ba1e5134dc2d8f7a128f6af770bb6e17677980509b1b7485f773edf918e2152c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bca0006614891e6894f90f9554a22357a4b107f61b3c2e603ddbed42bc2a1b01
bee522edff65917a2a6bf73db010b8de5a7bd6a7c8e0dccd5ef39b0b28302e42
bf41f73936eefaed7c45ed6df28b056c2e1f7b44b0ffe63d56d07d081cf7f428
bfe41c8df307d787c2956ec2242855c8f56d7cb6fe678d952d1a29c039001d86
c00fc21fd70d52ae4d157e55768305f75110de0d445f53404461fbd6bbaf70f1
c0d9da2fa45f8030b01b43e0ba489d55d5e4c9ed0124fd437a780b981b1bda94
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23d5ca3e201d4c79f0b3f980beda9287a056df0f5c8c7ddb087a6d95f671210
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c35559f5e93bdccb8d959fdf5fbda126de7acb2263649eaa210b28055eb495dd
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c634ffc44a7cfef297050fd5b5da23126abe7ef12f5e04f9ccb66d63972ed1e1
c6700c5a885f3443c90d50a4281ab9038d374b8c5edcfe6d7e3f5aa7e1870b7a
c69aafddc08710be73496c338fceccbf98610549f80261fe35615a4a95dd7056
c7ea841400eabc144febb3b627aa518c0e05487165ed4b0fc14767962be595d7
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbcb6e5cfa3dcc69a1da402246274b367d57d7f1407ae92db22096948bbc9ce1
cc139bb571ba15adcd2e6f37859679ce715e5de67720f0724595e5b8a6dfe9b5
cca51d9c2c14af6d9c86da728736661815dc4dce73f465df46f4aa0cd412d52d
cde5a72da3572e4594e1b3b1747ccfced7d7973e4ca720e37bb91d7e5eddab71
ce74de0d00a75934edad3801e57874c463d031f4cb0111e927fec2ff8074d779
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d18ab7f9b2e5f7ea90d96e19784c93f2c61bb63d56ac6f138e9e634bbf3b0fec
d2054b9fb412f742d8d13aa75a48e59b830094999f9000ae8c69916e11b8d805
d246bd4d80252554a59596461a53c7c0a58a8a0d4f30ed623f9337e69beb6a11
d2579d24c31ffb85fbc6b65cc3e0d7dd72c0e3542379483e54c88b0190e9ef49
d388e42955086ee0256d12a7cb6c7d3e253d3107dc7292c0b88cd9e4d65d31a7
d733b0715471845460afe88da1adfc07662b7de25f1a47093fca0c7a2a77966a
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d87834a3e4813e502cbc8245782e92f5b2002e06fb09232e62ee409c3e82781c
d9e2d2dc8b1909f31330c3932c2b921577d3da4e0130f292a07f3131ddd34485
da215db3f2d474c22f8365302f29d5ba126a62461fafd34e9ebadeec97d9b150
da4fada3595750f81fdaa0208de38c9526ed2e992e3d9493b8ce5cec75626c30
db18b4517a67f9ef230a1565e4c12259a82913da5e35cad3f64c787fa11a0e67
db464ac95b0b45d3035a4ff3ab97048ea4e5fc01fc90b33c08ab763525a3633a
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
dcad94b6a32ec5030d3516820428da0de61a374e46c97d555b087a78e0ab004a
dd29a94d8e4d6b76b18fff334bd1f11939aa6aa5b55261d62dce91c3ca0d7463
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de72e45b8a4d4fbdc2eea4c174734332b7168789358913a04eadf660d042325d
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0f04de453c30ecdd35b7f19f279f888a0146540947582b180d47f1939516536
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e22a50c334577787dd805c6fec9388d7001fd7bd4a0b92179e39b62b0179edb0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3
e49950f678d3573bf2a5ec3b928fb1ecda5d82d53a824cb84d21c72156c61ea6
e4ab78fc12c45e5e87ded01e3c38d555d0c12294a70f1d8aed2d22cd8119c78a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e686afffdb81eb7096b4410071c35601da7a0d6ca21142db65353c99f20e0e13
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e94548097a6e8f312c6fd690fa13f678ea6fea44c125039b0ab235e6983d93c5
ecb740996ce05e9b7823c9690564a0d7b3840becad640d37e929cd4f4ee1cdf4
ecbf82909db5e4cddbc9ed6d0d619b60977d45a5826b0a6505aa9e99a7939000
ed5297f04d86e06325abfc96f65e0f58b051d0b46eda17097408dbec355eb5b9
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f52ed4fb54c0ac3e3adec10f593ffa691a785d2d72c100f6afb29ba38ad37822
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6eef34a0c9e985e995c924486d23ac237ae9e428763dd934b07ad65626526c3
f858c1a94ec5d7ebc46acd4254265e5300514ca8817cdc19dd973cc91aca65b5
fbe874c7392bb5beeed5f6b8d017692c5cbc7c540a3582987d83614ec9be2e15
fd84760f0d592333d5d12f51a4ca2b38b77c81e71fad2fa3c0f83a9701275bee
fe5b18d5a1533bfd1c441135aa8e4f401de5eaf3af16dd8abaadae1d66c076f9
fed462ba5f158bfc40e78b0f100ffb6768965b63918853a56a980b293313527b
ff52648b0892f3c55fec9d677eec117c3177feabf1b5bd9d7914b7fa7422b1c5
ffa8224d00f5beeb81f99ee4320499e896e07cf2dfa3690db9f0351d285bb62b