www.investmentwatchblog.com Open in urlscan Pro
2606:4700:20::ac43:4a4a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.investmentwatchblog.com/
Submission: On February 23 via api (February 23rd 2021, 8:10:31 pm UTC) from US

Summary HTTP 157 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 49 domains to perform 157 HTTP transactions. The main IP is 2606:4700:20::ac43:4a4a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.investmentwatchblog.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2020. Valid for: a year.

This is the only time www.investmentwatchblog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	2606:4700:20:... 2606:4700:20::ac43:4a4a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	65.9.89.93 65.9.89.93	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	104.18.22.230 104.18.22.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	34.203.143.197 34.203.143.197	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:f48:2000... 2a00:f48:2000:1023::3	47447 (TTM) (TTM)
1	23.210.250.13 23.210.250.13	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2600:9000:211... 2600:9000:211e:7a00:4:c961:9640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	94.31.29.32 94.31.29.32	6461 (ZAYO-6461) (ZAYO-6461)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	54.197.13.220 54.197.13.220	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	34.195.37.70 34.195.37.70	14618 (AMAZON-AES) (AMAZON-AES)
1	184.30.21.162 184.30.21.162	16625 (AKAMAI-AS) (AKAMAI-AS)
5	34.197.78.225 34.197.78.225	14618 (AMAZON-AES) (AMAZON-AES)
1	184.30.25.161 184.30.25.161	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
4	65.9.67.221 65.9.67.221	16509 (AMAZON-02) (AMAZON-02)
4	54.76.211.112 54.76.211.112	16509 (AMAZON-02) (AMAZON-02)
3 4	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.84.220.80 54.84.220.80	14618 (AMAZON-AES) (AMAZON-AES)
4	35.190.91.111 35.190.91.111	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	35.190.74.222 35.190.74.222	15169 (GOOGLE) (GOOGLE)
1	184.30.24.185 184.30.24.185	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:1ec:46::19 2620:1ec:46::19	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 18	52.31.141.56 52.31.141.56	16509 (AMAZON-02) (AMAZON-02)
1	67.202.110.22 67.202.110.22	32748 (STEADFAST) (STEADFAST)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	35.156.223.207 35.156.223.207	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
4 5	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	52.0.219.4 52.0.219.4	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	34.226.8.26 34.226.8.26	14618 (AMAZON-AES) (AMAZON-AES)
1	150.136.25.38 150.136.25.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	23.79.152.128 23.79.152.128	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.29.132.68 185.29.132.68	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	184.30.20.198 184.30.20.198	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	99.80.71.186 99.80.71.186	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	202.241.208.53 202.241.208.53	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
157	43

40 2606:4700:20::ac43:4a4a (United States)

ASN13335 (CLOUDFLARENET, US)

www.investmentwatchblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.89.93 (United States)

ASN16509 (AMAZON-02, US)

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.22.230 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.203.143.197 (Brooklyn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-143-197.compute-1.amazonaws.com

ads.investingchannel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)

whatfinger-videos.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.13 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-13.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:211e:7a00:4:c961:9640:93a1 (United States)

ASN16509 (AMAZON-02, US)

a.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.31.29.32 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.197.13.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-13-220.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.37.70 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-37-70.compute-1.amazonaws.com

forms.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-162.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.197.78.225 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-78-225.compute-1.amazonaws.com

uat5.investingchannel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.161 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-161.deploy.static.akamaitechnologies.com

s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.77.48 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.67.221 (United States)

ASN16509 (AMAZON-02, US)

dggaenaawxe8z.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.76.211.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-211-112.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.38 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.220.80 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-220-80.compute-1.amazonaws.com

analytics.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.91.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)

lovelydrum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.74.222 (Kansas City, United States)

ASN15169 (GOOGLE, US)

haltinggold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.31.141.56 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.22 (United States)

ASN32748 (STEADFAST, US)

pixel.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.36 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.223.207 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.151.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.202.112.191 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.219.4 (Saddle River, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.8.26 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.152.128 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.150 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.68 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.71.186 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.53 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	investmentwatchblog.com www.investmentwatchblog.com	438 KB
18	gumgum.com 1 redirects g2.gumgum.com rtb.gumgum.com	5 KB
12	dianomi.com www.dianomi.com	68 KB
11	mailmunch.co a.mailmunch.co forms.mailmunch.co analytics.mailmunch.co	137 KB
10	investingchannel.com ads.investingchannel.com uat5.investingchannel.com	920 KB
7	gstatic.com fonts.gstatic.com	121 KB
6	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	21 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	36 KB
5	servenobid.com ads.servenobid.com public.servenobid.com	3 KB
5	b-cdn.net whatfinger-videos.b-cdn.net	117 KB
4	lovelydrum.com lovelydrum.com	105 KB
4	cloudfront.net dggaenaawxe8z.cloudfront.net	233 KB
4	google-analytics.com www.google-analytics.com	38 KB
3	pubmatic.com ads.pubmatic.com image6.pubmatic.com	17 KB
3	outbrain.com 2 redirects sync.outbrain.com	981 B
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	w.org s.w.org	2 KB
3	doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net	103 KB
3	postrelease.com jadserve.postrelease.com	2 KB
3	buysellads.net cdn4.buysellads.net	168 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	699 B
2	emxdgt.com 2 redirects cs.emxdgt.com	482 B
2	adsrvr.org 2 redirects match.adsrvr.org	920 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	606 B
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	openx.net 2 redirects us-u.openx.net	637 B
2	avct.cloud 2 redirects ads.avct.cloud	892 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	3 KB
2	moatads.com z.moatads.com s-jsonp.moatads.com	56 KB
1	rfihub.com 1 redirects p.rfihub.com	713 B
1	socdm.com 1 redirects tg.socdm.com	692 B
1	mathtag.com 1 redirects sync.mathtag.com	611 B
1	contextweb.com 1 redirects bh.contextweb.com	383 B
1	1rx.io 1 redirects sync.1rx.io	307 B
1	bluekai.com 1 redirects stags.bluekai.com	1 KB
1	technoratimedia.com sync.technoratimedia.com	382 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	836 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	614 B
1	onetag-sys.com onetag-sys.com	818 B
1	33across.com pixel.33across.com
1	haltinggold.com haltinggold.com	73 KB
1	googletagservices.com www.googletagservices.com	19 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	ntv.io s.ntv.io	102 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
1	mailchimp.com cdn-images.mailchimp.com	2 KB
1	fontawesome.com use.fontawesome.com	14 KB
157	49

	Domain	Requested by
40	www.investmentwatchblog.com	www.investmentwatchblog.com ajax.cloudflare.com
17	rtb.gumgum.com	1 redirects g2.gumgum.com
12	www.dianomi.com	www.investmentwatchblog.com www.dianomi.com
9	a.mailmunch.co	ajax.cloudflare.com a.mailmunch.co ajax.googleapis.com
7	fonts.gstatic.com	fonts.googleapis.com
5	uat5.investingchannel.com	ads.investingchannel.com uat5.investingchannel.com
5	fonts.googleapis.com	www.dianomi.com a.mailmunch.co www.investmentwatchblog.com haltinggold.com
5	whatfinger-videos.b-cdn.net	ajax.cloudflare.com whatfinger-videos.b-cdn.net
5	ads.investingchannel.com	ajax.cloudflare.com
4	lovelydrum.com	dggaenaawxe8z.cloudfront.net lovelydrum.com
4	ib.adnxs.com	3 redirects cdn4.buysellads.net
4	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com g2.gumgum.com
4	dggaenaawxe8z.cloudfront.net	ads.investingchannel.com dggaenaawxe8z.cloudfront.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com ads.investingchannel.com
3	sync.outbrain.com	2 redirects g2.gumgum.com
3	x.bidswitch.net	3 redirects
3	s.w.org
3	jadserve.postrelease.com	s.ntv.io
3	cdn4.buysellads.net	www.investmentwatchblog.com
2	cs.emxdgt.com	2 redirects
2	match.adsrvr.org	2 redirects
2	ads.pubmatic.com	g2.gumgum.com ads.pubmatic.com
2	sync-tm.everesttech.net	2 redirects
2	b1sync.zemanta.com	2 redirects
2	us-u.openx.net	2 redirects
2	ads.avct.cloud	2 redirects
2	ap.lijit.com	2 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	p.rfihub.com	1 redirects
1	tg.socdm.com	1 redirects
1	cm.g.doubleclick.net	g2.gumgum.com
1	sync.mathtag.com	1 redirects
1	bh.contextweb.com	1 redirects
1	sync.1rx.io	1 redirects
1	stags.bluekai.com	1 redirects
1	sync.technoratimedia.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	secure.adnxs.com	1 redirects
1	onetag-sys.com	public.servenobid.com
1	pixel.33across.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	public.servenobid.com	cdn4.buysellads.net
1	acdn.adnxs.com	cdn4.buysellads.net
1	haltinggold.com	lovelydrum.com
1	tpc.googlesyndication.com	lovelydrum.com
1	ad.doubleclick.net	lovelydrum.com
1	pagead2.googlesyndication.com
1	analytics.mailmunch.co
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	www.googletagservices.com	cdn4.buysellads.net
1	s-jsonp.moatads.com	www.investmentwatchblog.com
1	z.moatads.com	s.ntv.io
1	forms.mailmunch.co	a.mailmunch.co
1	ajax.googleapis.com	a.mailmunch.co
1	www.googletagmanager.com	ajax.cloudflare.com
1	s.ntv.io	ajax.cloudflare.com
1	ajax.cloudflare.com	www.investmentwatchblog.com
1	cdn-images.mailchimp.com	www.investmentwatchblog.com
1	use.fontawesome.com	www.investmentwatchblog.com
157	63

This site contains links to these domains. Also see Links.

Domain
us12.campaign-archive.com
whatfinger-videos.b-cdn.net
eepurl.com
generatepress.com
getadmiral.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
cdn-images.mailchimp.com Amazon	`2020-06-28` - `2021-07-28`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
*.investingchannel.com Go Daddy Secure Certificate Authority - G2	`2020-05-26` - `2022-06-01`	2 years	crt.sh
*.b-cdn.net Sectigo ECC Domain Validation Secure Server CA	`2020-11-11` - `2021-11-11`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.mailmunch.co Amazon	`2020-03-25` - `2021-04-25`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2019-08-23` - `2021-08-22`	2 years	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
forms.mailmunch.co R3	`2021-02-12` - `2021-05-13`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.servenobid.com Amazon	`2021-02-12` - `2022-03-13`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
analytics.mailmunch.co R3	`2021-02-13` - `2021-05-14`	3 months	crt.sh
lovelydrum.com R3	`2021-01-01` - `2021-04-01`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
haltinggold.com R3	`2021-01-12` - `2021-04-12`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
public.servenobid.com DigiCert SHA2 Secure Server CA	`2020-08-26` - `2021-08-25`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.investmentwatchblog.com/
Frame ID: 7FE974DF5DD8DC78CF876014BBF10B97
Requests: 103 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=3374
Frame ID: 139AB6859401A00AA3BC4A73A66D9CC0
Requests: 8 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=3374
Frame ID: 9581ACE6846D39EF04FFAB350322959E
Requests: 8 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/simple/scrollbox/index.css
Frame ID: 1D8F6177ED3704845C470D1B4C5B86DE
Requests: 5 HTTP requests in this frame

Frame: https://uat5.investingchannel.com/complete.html
Frame ID: 5085315D4CCCA80302004D01135D287B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 3060F6D170CA7480DDA9520574D7AC93
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F4C3678ACAB9BA068ECA1A125F51039E
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: A8F960E2AD1CFAEDB36D95A1165959CE
Requests: 3 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Frame ID: ED05C4F88AF24AEBD7C9841B462093E1
Requests: 13 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D4271%26uid%3D33XUSERID33X
Frame ID: C68C64EFF0BE4951FF55822DDA64FED6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D9926%26uid%3D
Frame ID: A2F05D36722CF06875ACA079A37C1DBD
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=41d06035-612b-4a00-bb83-22b47afde833&gdpr=0&gdpr_consent=
Frame ID: ECB7463C63A2E14AE0EC3540239AD160
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YDVhLAAAAFoA3Szr&gdpr=0&gdpr_consent=&_test=YDVhLAAAAFoA3Szr
Frame ID: FE6C7659592070F3768A52D71A863F98
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xYzRiMDA1OS1hNDAzLTRiNDctYjM2ZC0yZjNjZDNiZmMwY2Q=&gdpr=0&gdpr_consent=
Frame ID: 6128F15653ACC491CEEC7FB22045B0C0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 0CAB0595D5FFAEC54A8B349B7EE962D0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=1856d38b-c25e-400a-8597-35bfcc76ea02&t=1616703019
Frame ID: 30DE1F7C3BFAC686B57BBFA2E80EFCA8
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=emx&uid=6695969640990510464brt153901614111019973679f1
Frame ID: CF8DAD00C49EF768076E14D223904B62
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YDVhLMCo5sMAAA04KBoAAAAA
Frame ID: C07DD4B653BA8DDC703639080B2DE233
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871597492722952392
Frame ID: 4684CD1406F535453F13C3F0BA7302EF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=OXNR9DSDh5jP8B0H0XVe&pi=gumgum&tc=1
Frame ID: 214057CD449D202C2EF8ACDA562D5EB8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A525B1E949F05016AF616069C5CDB8CC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

157
Requests

100 %
HTTPS

23 %
IPv6

49
Domains

63
Subdomains

43
IPs

6
Countries

2845 kB
Transfer

8327 kB
Size

3
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://us12.campaign-archive.com/home/?u=b23beecbe6af6dce5dfd43483&id=6af0db0d33
Title: View previous campaigns.

Search URL Search Domain Scan URL

URL: https://whatfinger-videos.b-cdn.net/widgets/wWidget.php?utm_source=investmentwatchblog.com&utm_medium=wWidget_682d4d68eb&client=682d4d68eb&post=98254

Search URL Search Domain Scan URL

URL: https://whatfinger-videos.b-cdn.net/widgets/wWidget.php?utm_source=investmentwatchblog.com&utm_medium=wWidget_682d4d68eb&client=682d4d68eb&post=98250

Search URL Search Domain Scan URL

URL: https://whatfinger-videos.b-cdn.net/widgets/wWidget.php?utm_source=investmentwatchblog.com&utm_medium=wWidget_682d4d68eb&client=682d4d68eb&post=98246

Search URL Search Domain Scan URL

URL: http://eepurl.com/cvf32n
Title: subscribe

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

URL: https://getadmiral.com/pb/?utm_source=www.investmentwatchblog.com&utm_medium=pb&session=4-23fad4d7-e1dc5c2396a35d183d91b1a3d8824c24-6763652d6575726f70652d7765737431-60356129-0
Title: Powered By

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D4862%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D4862%2526uid%253D%2524UID HTTP 302
https://ads.servenobid.com/sync?pid=312&cbimg=4862&uid=6695969640990510464

Request Chain 131

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D5668%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D5668%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://ads.servenobid.com/sync?pid=310&cbimg=5668&uid=98f823bed68e9356d9785158

Request Chain 132

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=6695969640990510464

Request Chain 133

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=9b01d1bc-059c-4663-b917-4995cb113976&ssp=gumgum2 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=b008a318-cad0-4188-be09-062c89db1826

Request Chain 134

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Mzd_8Y1ks7UYhu82jRVGGfhtlRAMJAhNq2GzKWsMeKdu9QCo8rrtI7fm8Pla8Hqp%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Mzd_8Y1ks7UYhu82jRVGGfhtlRAMJAhNq2GzKWsMeKdu9QCo8rrtI7fm8Pla8Hqp%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd&obuid=ENC(Mzd_8Y1ks7UYhu82jRVGGfhtlRAMJAhNq2GzKWsMeKdu9QCo8rrtI7fm8Pla8Hqp) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51

Request Chain 135

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=9a25d2c4-0b34-4a3b-8a30-7efaea58e695

Request Chain 136

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-8a5f3546-0a41-4870-5465-517b67471ef9$ip$82.102.20.235

Request Chain 137

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-4TVJUfl1lxCRKd17WB48qj0rYe14GBsQVP0m

Request Chain 138

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=275f38ea-7613-11eb-973a-65cebf90c77c

Request Chain 140

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://stags.bluekai.com/site/23178?id=2i6RvLEvdsgxQitvsUc4&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MTJGZJHMTCFOZSHGZ3YKFUXI5TTKVRTIJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MTJGZJHMTCFOZSHGZ3YKFUXI5TTKVRTIJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=2i6RvLEvdsgxQitvsUc4&us_privacy=1---

Request Chain 141

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

Request Chain 142

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=DkI2yjFmgns3&ev=1&pid=558355

Request Chain 144

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=41d06035-612b-4a00-bb83-22b47afde833&gdpr=0&gdpr_consent=

Request Chain 145

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YDVhLAAAAFoA3Szr HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YDVhLAAAAFoA3Szr&gdpr=0&gdpr_consent=&_test=YDVhLAAAAFoA3Szr

Request Chain 148

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=1856d38b-c25e-400a-8597-35bfcc76ea02&t=1616703019

Request Chain 149

https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=6695969640990510464&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID HTTP 302
https://rtb.gumgum.com/usersync?b=emx&uid=6695969640990510464brt153901614111019973679f1

Request Chain 150

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YDVhLMCo5sMAAA04KBoAAAAA

Request Chain 151

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=1871597492722952392

Request Chain 152

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=OXNR9DSDh5jP8B0H0XVe&pi=gumgum&tc=1

157 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.investmentwatchblog.com/ 82 KB
18 KB 825ms
800ms Document
text/html 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33 PleskLin
Resource Hash: 7a4d6b014f162bb7942a749c0e9748442c878c12376a127b5fdd69efe2fadfaf

Request headers

:method: GET
:authority: www.investmentwatchblog.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d9aea563781c3d5bfa566d2e6500ab95b1614111013; expires=Thu, 25-Mar-21 20:10:13 GMT; path=/; domain=.investmentwatchblog.com; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.0.33 PleskLin
link: <https://www.investmentwatchblog.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
cf-request-id: 08721c911400002b4157094000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3z8vSrqsMHyLgaUijVHt8m8Q4CbOxLoMD1aEanbc9%2BclNoXgWRfK0I7q74SYW%2F5b%2Fmpop3dH1QCOKHMcVkJ5ZKjNmKiMD0sZplJkAPcDJI4ysNMbBY8RFNJ9gIhA%2FjLQqOMkP3eAKr8%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 626396c81b282b41-FRA
content-encoding: br

GET
H2 200 wpsr.min.css
www.investmentwatchblog.com/wp-content/plugins/wp-socializer/public/css/ 21 KB
5 KB 507ms
505ms Stylesheet
text/css 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/plugins/wp-socializer/public/css/wpsr.min.css?ver=6.3
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7c5ed260d60e4d9d8528446e01bf0b68448824a68f55099ff34ecd6f3926f305

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Sun, 31 Jan 2021 17:54:17 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"6016eec9-5259"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=awjvmbbGxCaYslDFUPdVJU0NXS83asIMGR1%2BdihOTk0bsFRYvYLTR2c46E2tNrrzLf8KZ0CnfS6JmHjsxmPqRSwOJNYNFzqGg8Z8%2BvRlbZTi8G6L08Y3m0PNN%2B7pUqstLsC0WXj3K7s%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=1382400
cf-ray: 626396cd2e2a2b41-FRA
cf-request-id: 08721c943a00002b417ba1c000000001

GET
H2 200 all.css
use.fontawesome.com/releases/v5.12.0/css/ 56 KB
14 KB 432ms
54ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/css/all.css?ver=6.3
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: gzip
last-modified: Tue, 10 Dec 2019 22:46:05 GMT
server: NetDNA-cache/2.2
etag: W/"500d1a92f875b1d96d37a3a3f8f0438c"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 unsemantic-grid.min.css
www.investmentwatchblog.com/wp-content/themes/generatepress/css/ 12 KB
2 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/themes/generatepress/css/unsemantic-grid.min.css?ver=2.1.2
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9bd80d0cd9724399016838c2141ec1ad07492ff6eb7ed039c206bdd2fc2efd56

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 445
x-powered-by: PleskLin
cf-request-id: 08721c943b00002b4174272000000001
last-modified: Sun, 20 May 2018 19:42:40 GMT
server: cloudflare
etag: W/"5b01cfb0-3107"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fi8NMTfZA0hUAm%2FebnuLR%2Fj6NeLvcrIg%2FKKMe8WFtY5mehDKqAogIgYeTTdxCVs5b2nr%2FZh5g5IIwPmZKRD2OmGngp3QGnapTZlYWMnsxxJrwWEsKb6C1StIF9nJ6xNkOG0qIwbAIwY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=1382400
cf-ray: 626396cd2e2c2b41-FRA

GET
H2 200 style.min.css
www.investmentwatchblog.com/wp-content/themes/generatepress/ 26 KB
6 KB 527ms
526ms Stylesheet
text/css 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/themes/generatepress/style.min.css?ver=2.1.2
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 36dc85fa3eead781c7395ca140857860d3f0987365d6913bcef6a72ebef5c0ea

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Sun, 20 May 2018 19:42:40 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5b01cfb0-69a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DHnexjGXZzOQfbLNu89jCAy67WK%2B650w%2Frucsb5EyC5h5oANMhLYy8ISuID0qw2585qySsjkMs7AcHFvEkp%2FOtuPqPCOgS7GIUR0lfGotUXswMMwXajNG%2Bd0kzrltW%2BJ5hknJbfk6rg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=1382400
cf-ray: 626396cd2e2d2b41-FRA
cf-request-id: 08721c943b00002b4147b15000000001

GET
H2 200 mobile.min.css
www.investmentwatchblog.com/wp-content/themes/generatepress/css/ 4 KB
1 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/themes/generatepress/css/mobile.min.css?ver=2.1.2
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bc0ce23ecc3d318f2377595ab471c59af454bbb819fe94ae8d812ac9e609600b

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 445
x-powered-by: PleskLin
cf-request-id: 08721c943b00002b410e2c9000000001
last-modified: Sun, 20 May 2018 19:42:40 GMT
server: cloudflare
etag: W/"5b01cfb0-ea3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8wylG%2B%2Bz0gWpeWqthbuH83Xn9AJ0fv1MqWxMcx7cDbF7%2FgzhhcL6vTuH0Q3RzmUJTCFlLlanNny7JcEVNJPA1Z%2Fc43VfuR1mC9Z508W6OeVD3zk%2BnNuPU15gBkGZKm44otR5WqAvaKM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=1382400
cf-ray: 626396cd2e2e2b41-FRA

GET
H2 200 style-min.css
www.investmentwatchblog.com/wp-content/plugins/gp-premium/blog/functions/css/ 5 KB
1 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/plugins/gp-premium/blog/functions/css/style-min.css?ver=1.6.2
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0476fe5917363f988a25df8d92df534a2814341655c47fd9c322f230e22316d3

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 677
x-powered-by: PleskLin
cf-request-id: 08721c943b00002b412e972000000001
last-modified: Sun, 20 May 2018 19:44:16 GMT
server: cloudflare
etag: W/"5b01d010-1473"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cBPrRG6iO4J2n9ZgGy2zA6v%2BwTzNkNMG1Yeasz74qBG4MGJmMSisn6IdwsWBw9fiSf0HFXgkbW1u74ob5DnIre1Yu%2B%2FQA6vhDmQpBU5F6tFDn7i4bO%2F0gxanRcMJ69teMyFfNuLRwNA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=1382400
cf-ray: 626396cd2e302b41-FRA

GET
H2 200 menu-logo.min.css
www.investmentwatchblog.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 3 KB
793 B 27ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/plugins/gp-premium/menu-plus/functions/css/menu-logo.min.css?ver=1.6.2
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2beb932724510672949c6a553ffb444b12101cec749817ade90c38e64b66cf4f

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 677
x-powered-by: PleskLin
cf-request-id: 08721c943f00002b412e973000000001
last-modified: Sun, 20 May 2018 19:44:16 GMT
server: cloudflare
etag: W/"5b01d010-a4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OFewI9n18JfgPjr4wn5OM9%2FBHaMMT9lnD2Y3%2FsB%2BtIcxvaYprKJQCgKSV4AqKLEafJghJp8E1b%2BFAp5r3opnsvJ%2FVo0u1PJD3hX9E0YNoD1KmF4cYxnaqGlkUt80tbssmJyNmNJcDVI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=1382400
cf-ray: 626396cd2e332b41-FRA

GET
H2 200 mobile-header.min.css
www.investmentwatchblog.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 1 KB
793 B 16ms
15ms Stylesheet
text/css 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/plugins/gp-premium/menu-plus/functions/css/mobile-header.min.css?ver=1.6.2
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1146493ff21205cb51bd0675c4cc7bcb8d65f2375cb82d48f351f572b44c8dee

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 445
x-powered-by: PleskLin
cf-request-id: 08721c943c00002b4136bf7000000001
last-modified: Sun, 20 May 2018 19:44:16 GMT
server: cloudflare
etag: W/"5b01d010-5ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IugLJeqaFSwwiSWaJYTbmz4XCpTL%2BlE863nQi%2BDuf8Hte46Ag%2BFabnchhHVDl1kXPuOldwHgyBjvND51r6J%2BRA4EN4p72hAanNol2E839yOINVKMOdsj5Z9v7BCd6XnnaP5XMZZFOyE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=1382400
cf-ray: 626396cd2e352b41-FRA

GET
H2 200 logo81.jpg
www.investmentwatchblog.com/wp-content/uploads/2018/05/ 5 KB
5 KB 16ms
15ms Image
image/webp 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2018/05/logo81.jpg
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ca1216a67102816cf58e31d36133fe1b936e472e8c56a5fcad88ba1c9d2b0b35

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:13 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3373
x-powered-by: PleskLin
content-disposition: inline; filename="logo81.webp"
content-length: 5002
cf-request-id: 08721c943c00002b4177a05000000001
last-modified: Sun, 20 May 2018 20:05:39 GMT
server: cloudflare
etag: "5b01d513-3f22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aZbMVIa0CJYp%2FAuTshw%2FzgSz22yBWZEix%2F7mmqq3aAgJMjZCKOW45CBIj%2BV5fYctyJfAl1%2BDhMX%2BfdoJghsDOmWoFJSMIgjO2APkNdTUZrekcE1DjLvafIriP9Yx6I0P%2BhLZKLZlick%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: max-age=1382400
cf-polished: origFmt=jpeg, origSize=16162
accept-ranges: bytes
cf-ray: 626396cd2e372b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Snip20210222_29-560x232-300x124.png
www.investmentwatchblog.com/wp-content/uploads/2021/02/ 15 KB
15 KB 17ms
16ms Image
image/webp 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2021/02/Snip20210222_29-560x232-300x124.png
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d3e1b87aa1cbf0245582eb35ac347ef9b037663b683ec62e4e22ee4c2208195d

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:13 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5312
x-powered-by: PleskLin
content-disposition: inline; filename="Snip20210222_29-560x232-300x124.webp"
content-length: 15312
cf-request-id: 08721c943c00002b411c349000000001
last-modified: Tue, 23 Feb 2021 04:21:31 GMT
server: cloudflare
etag: "603482cb-5821"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cq0Ls7jF121CN5XyP4gJuKkr6TaFraD9987%2FTqNxQ8fHPTl2erZBrSVTbjWpXgWJo6AWTBdFsReAys0vh0U5Vf%2BIw4xamrWKOPAwAe3fktqleHQHVs4oDqB66eEFVV6gwJfZLW9RI%2Bs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: max-age=1382400
cf-polished: origFmt=png, origSize=22561
accept-ranges: bytes
cf-ray: 626396cd2e3a2b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 2021-02-22_19-02-15-300x400.png
www.investmentwatchblog.com/wp-content/uploads/2021/02/ 90 KB
91 KB 20ms
20ms Image
image/webp 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2021/02/2021-02-22_19-02-15-300x400.png
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d9b0525bae1be3348f09ca6c628c528e2f3b9ab1e2057decb88f673cf4a45a97

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:13 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5312
x-powered-by: PleskLin
content-disposition: inline; filename="2021-02-22_19-02-15-300x400.webp"
content-length: 92472
cf-request-id: 08721c943c00002b412592a000000001
last-modified: Tue, 23 Feb 2021 00:02:37 GMT
server: cloudflare
etag: "6034461d-24fdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gsnihX52EQHfbON8sCUWBXBO7Zn4yYG7YBLOyBV9mPeMbDTsWbHyIcj%2FcNJLNKzTJTQZXs01Dl0HBu8DyRI0tMr%2BWjKp6aZZLhhsE0ECN%2FXmhdFzhzA4Dt7ovkzIit4brp1MBXIeFdE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: max-age=1382400
cf-polished: origFmt=png, origSize=151519
accept-ranges: bytes
cf-ray: 626396cd2e3b2b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 0-288-300x225.jpg
www.investmentwatchblog.com/wp-content/uploads/2021/02/ 16 KB
16 KB 16ms
16ms Image
image/jpeg 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2021/02/0-288-300x225.jpg
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f0154b0356163d49d8ce700d87dfa7310dc30b8099349b7156f87564678d02d9

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:13 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5312
x-powered-by: PleskLin
content-length: 16454
cf-request-id: 08721c943c00002b410909a000000001
last-modified: Mon, 22 Feb 2021 18:23:25 GMT
server: cloudflare
etag: "6033f69d-4324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fZFIPxi1SKjaw5kiCN%2Fe8EDCSO6Jf7mcL87My6wXs8YG7rXivtCKvI%2BWpyGpk4oIcUoooYtj3BHFSjW9vDNSXjiqYy5WFThxC7GWDzAN0G1x5O6Rsvz1MnyEsYJf0r6P4ob3rC8OPe0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=1382400
cf-polished: origSize=17188, status=webp_bigger
accept-ranges: bytes
cf-ray: 626396cd2e3c2b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 bitfalls-1-300x400.png
www.investmentwatchblog.com/wp-content/uploads/2021/02/ 40 KB
40 KB 27ms
26ms Image
image/webp 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2021/02/bitfalls-1-300x400.png
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 35745e481d29541472a57dbdfa870d8dbd47d845924f08ec4090009b9fc495c4

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5313
x-powered-by: PleskLin
content-disposition: inline; filename="bitfalls-1-300x400.webp"
content-length: 40638
cf-request-id: 08721c94ab00002b413d3a1000000001
last-modified: Mon, 22 Feb 2021 18:21:53 GMT
server: cloudflare
etag: "6033f641-10a01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=45vlJgwJzjpTL2TsGCmXWsmvEtISe7599fSKHndM1AWkSO78B09KXxTCsy1PqztRL4dQYdjds1nLOJmF3EaDgPG70r47CsBx0lFLYelJI4S6VJxahLe8TKTRUPTMr8wDX1XeH9vnrqY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: max-age=1382400
cf-polished: origFmt=png, origSize=68097
accept-ranges: bytes
cf-ray: 626396cddfb02b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 0-266-300x225.jpg
www.investmentwatchblog.com/wp-content/uploads/2021/02/ 9 KB
9 KB 16ms
15ms Image
image/jpeg 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2021/02/0-266-300x225.jpg
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e92686f2eecf04d1fd1dafae1c2207d49979cd8780c94f3be47d6de420fe3121

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5313
x-powered-by: PleskLin
content-length: 8895
cf-request-id: 08721c94ab00002b41339c6000000001
last-modified: Sun, 21 Feb 2021 16:00:54 GMT
server: cloudflare
etag: "603283b6-2305"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CgA37dMIrQwtbZsKKjjBF%2FrtugNQ3SiiofedcggjhK5OZRxKxkFOoJ6LQ%2FzWFzR3t8M%2FQyF1ip6a0n9KDpu3q4N5Kx0sU0DiIiGnsI0I%2FOo%2FWaSn2CdlpsFK8PecaPKyNY%2BL%2Fot8iZU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=1382400
cf-polished: origSize=8965, status=webp_bigger
accept-ranges: bytes
cf-ray: 626396cddfb42b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 csm1-300x400.png
www.investmentwatchblog.com/wp-content/uploads/2021/02/ 54 KB
54 KB 14ms
14ms Image
image/webp 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2021/02/csm1-300x400.png
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c39e0948dabf36f77f3ca79a23186e4b2d620c88e4b0a1ef7ee65b1218388685

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4421
x-powered-by: PleskLin
content-disposition: inline; filename="csm1-300x400.webp"
content-length: 55044
cf-request-id: 08721c94ac00002b41090a2000000001
last-modified: Tue, 23 Feb 2021 18:49:30 GMT
server: cloudflare
etag: "60354e3a-1414b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zYEtiXFlOIdvLLeRsrAYwuZ6gBhrcdIpOEK%2FOKv2mOWxN9CmP5oAYZRvIBSD6PWcNdr0sP70UlTxg7HMgGtNQkrgGbOlbiSEHmR1b%2FAMx0V2OZnD9e2YUPQrO2yD4SVT2vYwMlOKdIo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: max-age=1382400
cf-polished: origFmt=png, origSize=82251
accept-ranges: bytes
cf-ray: 626396cddfb52b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 figure-4_-in-real-terms-average-pay-has-rebounded-from-the-sharp-falls-during-early-summer-2020-in-december-total-and-regular-pay-are-at-a-record-high.png
www.investmentwatchblog.com/wp-content/uploads/2021/02/ 10 KB
11 KB 24ms
24ms Image
image/webp 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2021/02/figure-4_-in-real-terms-average-pay-has-rebounded-from-the-sharp-falls-during-early-summer-2020-in-december-total-and-regular-pay-are-at-a-record-high.png
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8e3ec228503e6f2c58b8ae75a4fa721143b8059c534cfc6eabcf9727d01cec64

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4759
x-powered-by: PleskLin
content-disposition: inline; filename="figure-4_-in-real-terms-average-pay-has-rebounded-from-the-sharp-falls-during-early-summer-2020-in-december-total-and-regular-pay-are-at-a-record-high.webp"
content-length: 10236
cf-request-id: 08721c94ac00002b41709b8000000001
last-modified: Tue, 23 Feb 2021 18:45:26 GMT
server: cloudflare
etag: "60354d46-4410"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bt7Klfzb%2BZBnPYVjO8amdBW68T1GpcAGSORBk8JN8W9GcIQML6QbIkhk3T5T%2Bq3hfruaM7TGFD4baS1e7Z8cckTjODwTi8VI38OdUMsTWsOF3j3bqVfq%2F0yE5Y3NHxL3mT69kS0FrpQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: max-age=1382400
cf-polished: origFmt=png, origSize=17424
accept-ranges: bytes
cf-ray: 626396cddfb92b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Justice-Thomas-300x202.jpg
www.investmentwatchblog.com/wp-content/uploads/2021/02/ 13 KB
13 KB 17ms
16ms Image
image/jpeg 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2021/02/Justice-Thomas-300x202.jpg
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a39985f148a96933130712d6358006af0f9fa94bd9eab708357db07b74051cd6

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5313
x-powered-by: PleskLin
content-length: 13179
cf-request-id: 08721c952600002b4139168000000001
last-modified: Tue, 23 Feb 2021 18:39:53 GMT
server: cloudflare
etag: "60354bf9-44bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0jdJMHs7%2BzvYqT%2FxWqA4vrOtZMznvR84ccRSQrwwoUAO8be6%2Fz0vzwLGWjcqO6dch3SDAE26WFVvhlBOeZiBpqlLSABMwoXHC1zZ2nFVkqZHPzDSFCQ49Xk8yyN%2Fd5eowkbonaUvwXg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=1382400
cf-polished: origSize=17597, status=webp_bigger
accept-ranges: bytes
cf-ray: 626396cea98e2b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Minimum-Wage-2-300x169.jpg
www.investmentwatchblog.com/wp-content/uploads/2021/02/ 16 KB
16 KB 19ms
17ms Image
image/jpeg 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2021/02/Minimum-Wage-2-300x169.jpg
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4cb7cf5ec60e45e143b99d699644edfd1eee2ce392f4c9c05ec68da7eb9323a9

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5313
x-powered-by: PleskLin
content-length: 16339
cf-request-id: 08721c952600002b4177a18000000001
last-modified: Tue, 23 Feb 2021 18:39:23 GMT
server: cloudflare
etag: "60354bdb-5343"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zVKtCPU8Uf6bFKVHDGag9nK6K1ihD6Y7WmvYWbERJQ23dR6qq4o5LO4u2bDslMMCEFfaFCGw6VgGmNDjr%2FkS5gafr3QTAjt11J8%2Fgp5XeV12B9i%2FcI6wf3dfJBbPzQXHWRDRCG7hOJ0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=1382400
cf-polished: origSize=21315, status=webp_bigger
accept-ranges: bytes
cf-ray: 626396cea9902b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 0-313-300x225.jpg
www.investmentwatchblog.com/wp-content/uploads/2021/02/ 12 KB
12 KB 31ms
30ms Image
image/jpeg 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2021/02/0-313-300x225.jpg
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6c937330c3e1369e38405cc8fb2ce698787d2029773666fafcb36641e7e96830

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5313
x-powered-by: PleskLin
content-length: 11958
cf-request-id: 08721c952600002b4171ad2000000001
last-modified: Tue, 23 Feb 2021 18:36:11 GMT
server: cloudflare
etag: "60354b1b-303b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZZGWvzGhYS1hWUkuCv3ue4%2Fnq274HB%2Fr8jXiIdihgaNYnx96z51jx8XQLRQTt7LgSfO1UMyCcax2%2FbI5mdLAa37Pr9yNr0uI4T%2F90SLTUomO3Vu3otMymeB4Z7zcNw1CsbPXeL5aQQg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=1382400
cf-polished: origSize=12347, status=webp_bigger
accept-ranges: bytes
cf-ray: 626396cea9912b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 0-312-300x225.jpg
www.investmentwatchblog.com/wp-content/uploads/2021/02/ 11 KB
11 KB 18ms
17ms Image
image/jpeg 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2021/02/0-312-300x225.jpg
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5b05f62826ac0cd3f71ff282791d22d8c57f8afadea9f3771a8fdc7712b8221c

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5313
x-powered-by: PleskLin
content-length: 10853
cf-request-id: 08721c952700002b41709c4000000001
last-modified: Tue, 23 Feb 2021 18:30:46 GMT
server: cloudflare
etag: "603549d6-2bcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ooOvZ8qbS%2BqBH8nPlTqCjNitwDzTNKn4NndoFqrKMjGJ9tlKx7dcGmTnmkw9NcGqpmUjqc0YgAkKxAXwboBpHOoGyjzAl%2BXFeW8Z0TlatfmspXKXBtr8aevMADkGv%2FXLjWme6fNwLfc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=1382400
cf-polished: origSize=11212, status=webp_bigger
accept-ranges: bytes
cf-ray: 626396cea9922b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 interest-rates-up-115-percent-how-much-is-enough-feb-22-640x307-300x144.jpg
www.investmentwatchblog.com/wp-content/uploads/2021/02/ 13 KB
13 KB 22ms
21ms Image
image/jpeg 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2021/02/interest-rates-up-115-percent-how-much-is-enough-feb-22-640x307-300x144.jpg
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3fd98bfcb6d997a89b00f9d0d03307b2f6289f04d58dfe6fa2c78369bdd72617

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5313
x-powered-by: PleskLin
content-length: 12832
cf-request-id: 08721c952700002b416a167000000001
last-modified: Tue, 23 Feb 2021 18:27:56 GMT
server: cloudflare
etag: "6035492c-33c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sn6XPWHpwjEMtZBt0Vxr9Tg4sKWYsdulc0Pso63vAX%2BU%2BOhUnYGwjbf98HbJyOsF3NAWA5bgMjfEO0S8PHrZgPUfsigHG%2BUCK1jfYZ6FvjWFKsw190aqAKzMFj1h05YpQDowj2onbMY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=1382400
cf-polished: origSize=13257, status=webp_bigger
accept-ranges: bytes
cf-ray: 626396cea9932b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 0-311-300x225.jpg
www.investmentwatchblog.com/wp-content/uploads/2021/02/ 19 KB
19 KB 15ms
15ms Image
image/jpeg 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2021/02/0-311-300x225.jpg
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3108ab216f48e2b92b7ca17233d2d4cbbf1136b35b08e06556df4e692cb7194d

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5313
x-powered-by: PleskLin
content-length: 19280
cf-request-id: 08721c952700002b417ba30000000001
last-modified: Tue, 23 Feb 2021 18:27:30 GMT
server: cloudflare
etag: "60354912-4f5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cb6eq5K4CGm7f3AXz2daMymTQUG3mHAdIsiCVtMj%2FRqMGNaYBhmMH8EQeFMuZj3J54W7P4PjvOKD3cdmQHzgmO7Q95g3PjgZIC0xEVaJfd05hPD04zKeokqt0bwGPsWGlx14S%2FVJZ2k%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=1382400
cf-polished: origSize=20317, status=webp_bigger
accept-ranges: bytes
cf-ray: 626396cea9962b41-FRA
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 4 KB
2 KB 165ms
52ms Stylesheet
text/css 65.9.89.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.89.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 12:41:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Dec 2015 16:52:30 GMT
Server: AmazonS3
Age: 26954
ETag: W/"ae0fc9b84c30cada1784022044962394"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: Iuw7qYZFl8IexGqFPSaQpffaTxr89h1rexmInMpN0jhIlZmTzmRIIQ==

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 27ms
11ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 08721c953800004e44e6b6a000000001
last-modified: Thu, 18 Feb 2021 13:46:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"602e6fce-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OLmSYE697mDQh7kfhhQ%2F5988nKa5QXyDZGGkxyK29Z%2FZ0orVbhmvC32eGu8%2Flcn44rsOiCLddz7yrA7GxonzU9FUz5eNXxGJ2O4c3yWVzMzol4GVfug1MdaJQzH1cj%2B3"}]}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 626396cebfea4e44-FRA
expires: Thu, 25 Feb 2021 20:10:14 GMT

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame 139A 4 KB
2 KB 175ms
126ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=3374

Requested by

Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

531914b68c115a8a32d39538248f5c905e0bc44adaa23f06b0a9b00a91e15e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.dianomi.com
:scheme: https
:path: /smartads.epl?id=3374
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.investmentwatchblog.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.investmentwatchblog.com/

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6596b15780877449a81400cf0c9fe6511614111014; expires=Thu, 25-Mar-21 20:10:14 GMT; path=/; domain=.dianomi.com; HttpOnly; SameSite=Lax
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=60; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/1945/16.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
cf-request-id: 08721c968a00007373af0e3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 626396d0d9d07373-CPH
content-encoding: br
cf-h2-pushed: </img/a/pss/1945/16.css>

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame 9581 4 KB
1 KB 187ms
139ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=3374

Requested by

Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c078209e8ed7678935a3ed9e65aacda6cd62d7c585b484f30323d171482e255a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.dianomi.com
:scheme: https
:path: /smartads.epl?id=3374
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.investmentwatchblog.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.investmentwatchblog.com/

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6596b15780877449a81400cf0c9fe6511614111014; expires=Thu, 25-Mar-21 20:10:14 GMT; path=/; domain=.dianomi.com; HttpOnly; SameSite=Lax
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=60; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/1945/16.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
cf-request-id: 08721c968a00007373a8034000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 626396d0d9d17373-CPH
content-encoding: br
cf-h2-pushed: </img/a/pss/1945/16.css>

GET
H2 200 generatepress.woff2
www.investmentwatchblog.com/wp-content/themes/generatepress/fonts/ 1 KB
2 KB 13ms
12ms Font
application/octet-stream 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/themes/generatepress/fonts/generatepress.woff2
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/wp-content/themes/generatepress/style.min.css?ver=2.1.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Origin: https://www.investmentwatchblog.com
Referer: https://www.investmentwatchblog.com/wp-content/themes/generatepress/style.min.css?ver=2.1.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3374
x-powered-by: PleskLin
cf-request-id: 08721c965600002b413d3c9000000001
last-modified: Sun, 20 May 2018 19:42:40 GMT
server: cloudflare
etag: W/"5b01cfb0-4f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=avqpsiIxye1WWnAk9KOMdNkJaW39PbjKIwLQN353pgIOO0JC310iAYrkE%2BJrAtHM8%2Bokkr2%2BX52XZb9Ae33SYLyBJ2BIuSbtuGzo8hXV9bGKP9cFLgrZlDX66YMP4TN%2BEQD2Lwmpoqg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain
cache-control: max-age=1382400
cf-ray: 626396d08d4c2b41-FRA

GET
H2 200 wp-socializer.min.js Show response
www.investmentwatchblog.com/wp-content/plugins/wp-socializer/public/js/ 6 KB
2 KB 23ms
22ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/plugins/wp-socializer/public/js/wp-socializer.min.js?ver=6.3
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d088dae79b2877b7ca816de6a62fe9ccd5178a409ad88106a75b5792ffdde93d

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 445
x-powered-by: PleskLin
cf-request-id: 08721c969700002b412b227000000001
last-modified: Sun, 31 Jan 2021 17:54:17 GMT
server: cloudflare
etag: W/"6016eec9-186a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TyLXrX9nOhasFSZxaiiPkb3yJv2uwUfzcUp8FWHC0BIDkmPlow4xmjnSlVlXltZAcaL%2F8cPKENvB3tkKRCIOh9jbyR%2BxmYOnzb14lTyfTH3Hg0aPmmnLmcW6uFMb3mutUlpJoAgap48%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d0fe422b41-FRA

GET
H2 200 scripts.min.js Show response
www.investmentwatchblog.com/wp-content/plugins/gp-premium/blog/functions/js/ 1 KB
960 B 18ms
16ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/plugins/gp-premium/blog/functions/js/scripts.min.js?ver=1.6.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8066e6a02d21daf5b20fa4828a764f20a44c2a76f5037e3ae70bef53648285bd

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1426
x-powered-by: PleskLin
cf-request-id: 08721c969800002b4101176000000001
last-modified: Sun, 20 May 2018 19:44:16 GMT
server: cloudflare
etag: W/"5b01d010-591"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a7Ao%2Fh2ZaGqlgAj0Pmv%2BrWAJpt7b0meGmayENFZv2sj%2BsbT70%2BboyAhlESG%2BC5Up6yRxyb3fy2lQOlEgZJ97RAYgwlt%2FfrqNXLKUnTzxwurmttWK%2BL6AASDk5d5YS1NeWFOp1dqGE44%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d0fe4a2b41-FRA

GET
H2 200 infinite-scroll.pkgd.min.js Show response
www.investmentwatchblog.com/wp-content/plugins/gp-premium/blog/functions/js/ 25 KB
7 KB 18ms
16ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/plugins/gp-premium/blog/functions/js/infinite-scroll.pkgd.min.js?ver=3.0.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a3dd164cb3f89e244d280ab9066876d16ae4dc0b6c5a9759f8ca801ddb9f976e

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2208
x-powered-by: PleskLin
cf-request-id: 08721c969900002b413d3cf000000001
last-modified: Sun, 20 May 2018 19:44:16 GMT
server: cloudflare
etag: W/"5b01d010-62b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aUL87CSOMyQRc1RXL5vR2eyl32wUh53KxvET%2Bu3TkAu%2Bd8kMB2FCcDx%2FDOeFCK3kXOvDjWmAM%2Fp%2BSiyC1UYpM%2FM%2BAU5Siuf6xrLs9HD2v4vensdDqWUp8o%2F1MXJHLLmawA21r1oQCBA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d0fe4f2b41-FRA

GET
H2 200 back-to-top.min.js Show response
www.investmentwatchblog.com/wp-content/themes/generatepress/js/ 689 B
689 B 25ms
23ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/themes/generatepress/js/back-to-top.min.js?ver=2.1.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 71fd58c2bd32aa7d0053733d7b70a007edbaa5e446afd0afa3dea57cde220b26

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 445
x-powered-by: PleskLin
cf-request-id: 08721c969900002b418113d000000001
last-modified: Sun, 20 May 2018 19:42:40 GMT
server: cloudflare
etag: W/"c1d3e-2b1-56ca8635a47ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h%2BDn7VJ%2FSLxiNoEtw0EjopkmAComg8JOiwpexiBacnMSXI4c%2BaREYRPRB32U2ymYc6WNrbzyh8uYwtgFHrRnkZ%2BxNXvCUVmqTzkNo96Z8jkIO1kaUYrsUk7w63J4O87%2F18zhRjHLiPo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
x-accel-version: 0.01
cache-control: max-age=1382400
cf-ray: 626396d0fe502b41-FRA

GET
H2 200 navigation-search.min.js Show response
www.investmentwatchblog.com/wp-content/themes/generatepress/js/ 2 KB
935 B 23ms
19ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/themes/generatepress/js/navigation-search.min.js?ver=2.1.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c07c910d95c18bc977c4f7af02eca414faabfed1fd63b9aa4657bf36f8222798

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 678
x-powered-by: PleskLin
cf-request-id: 08721c969a00002b4150043000000001
last-modified: Sun, 20 May 2018 19:42:40 GMT
server: cloudflare
etag: W/"5b01cfb0-81b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pi424wtW8CTko4%2FZAAUgOybq8iX1kGffiV%2FxqrO7FkwXvjcK3VgA43%2BaAsUwr8B1gLDTj0CHXtrd8QOtEucdmWvzDjb0UTuHw41YuOwN%2BikRIlH1W6a6piDTgAHbpszEEih347F8pMU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d0fe562b41-FRA

GET
H2 200 a11y.min.js Show response
www.investmentwatchblog.com/wp-content/themes/generatepress/js/ 2 KB
1 KB 18ms
15ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/themes/generatepress/js/a11y.min.js?ver=2.1.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 972a6f0dcd21e5ba790542f6775899e5c2e019771309de7d11623dea442ffeae

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 678
x-powered-by: PleskLin
cf-request-id: 08721c969b00002b41742a1000000001
last-modified: Sun, 20 May 2018 19:42:40 GMT
server: cloudflare
etag: W/"5b01cfb0-87c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zNfyTFDm%2BdhQxCLrRRwkgCSvscmpFD2qrVFT6IY%2FIzYeyoJEz9%2BJHTfd9YDoRmTXAaV12UIkPMCX9H5BIoo2%2FJ9jG%2FsVSbpa4OgmV5DDSe7ayogzSgfsL4ReD1y7vedBN%2B16cjKhUVI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d0fe572b41-FRA

GET
H2 200 menu.min.js Show response
www.investmentwatchblog.com/wp-content/themes/generatepress/js/ 4 KB
1 KB 23ms
17ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/themes/generatepress/js/menu.min.js?ver=2.1.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 323f0b2229d38b81a01d5f9d0353ef8c91ab4fd8f5086403d5a66305a702705f

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 678
x-powered-by: PleskLin
cf-request-id: 08721c96a000002b41169c3000000001
last-modified: Sun, 20 May 2018 19:42:40 GMT
server: cloudflare
etag: W/"5b01cfb0-108c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cUjvUqpSaugR9Vc%2BMwQyzwIvKUmwSkqQ0rspqUtTekQoY71wXK%2FT%2Bv4kXAbltNtKxbENSIirOxQ%2Bq2hcfX7IFdsC9iwQQfCxDJUaUgfo101rlOZCpyVy09L7xafQ1YdKJl%2BtYcOgEcE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d0fe692b41-FRA

GET
H2 200 layer.js Show response
www.investmentwatchblog.com/wp-content/plugins/advanced-ads-layer/public/assets/js/ 26 KB
6 KB 23ms
17ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/plugins/advanced-ads-layer/public/assets/js/layer.js?ver=1.6.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4505d8c682a796cf6bf1101374e0fedad0e1b29e6f7d19c0ba7e8e6bead61134

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6149
x-powered-by: PleskLin
cf-request-id: 08721c96a000002b41090ca000000001
last-modified: Sat, 09 Jun 2018 11:59:11 GMT
server: cloudflare
etag: W/"5b1bc10f-69c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PXGdwbpCxtZri7TK2Q23n7zJwP7%2FvhQNo8Blgkrto8KHshoO340jCRiaEZ0aZW14R9OMOFpRS87vYYOKp7afDyI6l9o5x5AeFSc2jpw8CSHKajrMZ154AVh4s%2FU4pRROZhbcC2JBSLg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d0fe6a2b41-FRA

GET
H2 200 sticky.min.js Show response
www.investmentwatchblog.com/wp-content/plugins/gp-premium/menu-plus/functions/js/ 8 KB
3 KB 24ms
19ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=1.6.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6448e246b89c0b8b044354b947c103c6e5392b147dc9145059e21b0c29532de7

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 678
x-powered-by: PleskLin
cf-request-id: 08721c96a000002b416b8d6000000001
last-modified: Sun, 20 May 2018 19:44:16 GMT
server: cloudflare
etag: W/"5b01d010-1e83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ABDQAo7h7%2FL2NFT%2BnzVS28JI6Rkv7gYV%2Bdw%2BoENs9WXAKMava4YavNXX08bffea71LWLGBPm9UFMpUX1Vr%2F1e4OOvdcTlWTi1zUAY8wB4TfyFsu1rif9WbM9IJ%2BiB4Ci6pDfyYFRuEc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d0fe6b2b41-FRA

GET
H2 200 300x384.js Show response
ads.investingchannel.com/adtags/investmentwatchblog/economics/ 676 KB
182 KB 651ms
408ms Script
text/javascript 34.203.143.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.investingchannel.com/adtags/investmentwatchblog/economics/300x384.js?pc=pc&
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.143.197 Brooklyn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-143-197.compute-1.amazonaws.com
Software: nginx/1.9.9 + Phusion Passenger 5.0.23 / Phusion Passenger Enterprise 5.0.23
Resource Hash: d9ce9fbb2e327378cbd641ee1b0fb5d87523c44a9a8f44ce0988b7a5174ed656

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 0.026768
date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: gzip
etag: "W/a8f4790b79d5c62a1b3c3b9a8e0799c2"
server: nginx/1.9.9 + Phusion Passenger 5.0.23
x-powered-by: Phusion Passenger Enterprise 5.0.23
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200 OK
cache-control: max-age=3300, private, must_revalidate=true
x-request-id: 3add61cc24741c7344f6cfede488ca27
content-type: text/javascript; charset=utf-8
x-rack-cache: miss
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 300x250.js Show response
ads.investingchannel.com/adtags/investmentwatchblog/economics/ 676 KB
182 KB 451ms
208ms Script
text/javascript 34.203.143.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.investingchannel.com/adtags/investmentwatchblog/economics/300x250.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.143.197 Brooklyn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-143-197.compute-1.amazonaws.com
Software: nginx/1.9.9 + Phusion Passenger 5.0.23 / Phusion Passenger Enterprise 5.0.23
Resource Hash: 7b77e3ada963c7cabf2c7fcd33753be6bd71103785324ca5813fbadb5d021b6c

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 0.021987
date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: gzip
etag: "W/91ad3e738201eb68db6a56bcfb742186"
server: nginx/1.9.9 + Phusion Passenger 5.0.23
x-powered-by: Phusion Passenger Enterprise 5.0.23
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200 OK
cache-control: max-age=3300, private, must_revalidate=true
x-request-id: da2c9e8bf4c0c443939656913a7c77f9
content-type: text/javascript; charset=utf-8
x-rack-cache: miss
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 new-wfw.js Show response
whatfinger-videos.b-cdn.net/widgets/ 9 KB
3 KB 41ms
6ms Script
application/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://whatfinger-videos.b-cdn.net/widgets/new-wfw.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),

Reverse DNS

Software

BunnyCDN-DE1-481 /

Resource Hash

f71e15d7f174e73ec1faab8960cff7cd4c3d6bd29a0f808297093d58391f1a9e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 481
access-control-allow-origin: *
x-sucuri-cache: MISS
cdn-cachedat: 2021-02-22 17:09:08
cdn-pullzone: 197355
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Nov 2020 15:04:55 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: 09510555-c90d-4761-bbc4-cfc60cb0182b
cache-control: public, max-age=3600
x-sucuri-id: 15019
cdn-requestid: 13c01952cb79a171425017c9af7d40b5
cdn-requestcountrycode: DE
link: <https://choiceclips.whatfinger.com/widgets/new-wfw.js>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 300x250,320x50.js Show response
ads.investingchannel.com/adtags/investmentwatchblog/economics/ 676 KB
182 KB 643ms
400ms Script
text/javascript 34.203.143.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.investingchannel.com/adtags/investmentwatchblog/economics/300x250,320x50.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.143.197 Brooklyn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-143-197.compute-1.amazonaws.com
Software: nginx/1.9.9 + Phusion Passenger 5.0.23 / Phusion Passenger Enterprise 5.0.23
Resource Hash: 9c0ea64fd6dca16776cc9ce5de507292245310f7f4f8e59aabdaa2e5124a9fde

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 0.023154
date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: gzip
etag: "W/7e585e76ddfd879750e5c3e8385e488c"
server: nginx/1.9.9 + Phusion Passenger 5.0.23
x-powered-by: Phusion Passenger Enterprise 5.0.23
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200 OK
cache-control: max-age=3300, private, must_revalidate=true
x-request-id: 250f04b6c0982f0d2bedb8002fa5a148
content-type: text/javascript; charset=utf-8
x-rack-cache: miss
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 970x250,970x90,728x90.js Show response
ads.investingchannel.com/adtags/investmentwatchblog/economics/ 676 KB
182 KB 650ms
408ms Script
text/javascript 34.203.143.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.investingchannel.com/adtags/investmentwatchblog/economics/970x250,970x90,728x90.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.143.197 Brooklyn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-143-197.compute-1.amazonaws.com
Software: nginx/1.9.9 + Phusion Passenger 5.0.23 / Phusion Passenger Enterprise 5.0.23
Resource Hash: 1ba590ee46c5f9269e17ad1222c167fb85ed76fef34248d8a807d4c67f170791

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 0.027961
date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: gzip
etag: "W/bb9304e826358d21ad0a8b77dbab4949"
server: nginx/1.9.9 + Phusion Passenger 5.0.23
x-powered-by: Phusion Passenger Enterprise 5.0.23
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200 OK
cache-control: max-age=3300, private, must_revalidate=true
x-request-id: 39ae73523a1dbf89897fdd77f261bf4c
content-type: text/javascript; charset=utf-8
x-rack-cache: miss
x-ua-compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 348 KB
102 KB 157ms
76ms Script
application/x-javascript 23.210.250.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b4ab0c9d469f5fc9747b8f7433e38ebcc71a9bde85103b9ed30606d37bdbc112

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 20:10:14 GMT
Content-Encoding: gzip
x-amz-request-id: 37C7D0B967DB5D1E
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: Iye3KmFluoftYKAPwSwkW4mHcopd2bxyCi4PvNeLUpgGy5aRAYCtYqAtVs6GEbLp1db1JagubHA=
Last-Modified: Fri, 05 Feb 2021 18:53:22 GMT
Server: AmazonS3
ETag: "f26986557d331d9bccef002058601094"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 site.js Show response
a.mailmunch.co/app/v1/ 24 KB
8 KB 39ms
6ms Script
text/javascript 2600:9000:211e:7a00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/site.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d325c0f0224c5715012d6ec9f9272eae60b4636662496b65e7ca4e1490c2f90b

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 10:56:28 GMT
content-encoding: gzip
age: 33227
x-cache: Hit from cloudfront
content-length: 8161
access-control-allow-origin: *
last-modified: Fri, 19 Feb 2021 11:27:17 GMT
server: AmazonS3
etag: "0bf2355e0b4a468edc6e8be7eae0d577"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/javascript
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: H_YhVxRG6Il9QuvGmRVzvSB0bduVAWlLt5hyNllpXi0qbSkXX_ANDQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 74ms
47ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2133317-5

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e7a1b22f9ef3ab49a03089b308c59a15a47c03d8ff457ca3ae55fdb764a24a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39255
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 18:37:51 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Feb 2021 20:10:14 GMT

GET
H2 200 cfp.min.js Show response
www.investmentwatchblog.com/wp-content/plugins/advanced-ads-pro/modules/click-fraud-protection/assets/js/ 4 KB
2 KB 23ms
19ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/plugins/advanced-ads-pro/modules/click-fraud-protection/assets/js/cfp.min.js?ver=2.1.4
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 754970eaac11fed3c9d4af1cd0c433507dc6886aa484c4530d17b3d6c73d1b1d

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5313
x-powered-by: PleskLin
cf-request-id: 08721c96a100002b412e9ad000000001
last-modified: Sun, 20 May 2018 19:45:36 GMT
server: cloudflare
etag: W/"5b01d060-f2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8GG3aMBMsBNPHcJ%2FP3nIcPPX3MnVwUQYcJqLKKL%2FYmWNOr%2B7UBsxiW24vw80Kpx3HpyigDMbSFNG%2FAA8y4G9QmR0%2FQp6ttp9BQaBtyfqBLQeQQQf8F%2Br18tefLUn4vrqxMB9InOwU3I%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d0fe6c2b41-FRA

GET
H2 200 conditions.min.js Show response
www.investmentwatchblog.com/wp-content/plugins/advanced-ads-pro/modules/advanced-visitor-conditions/inc/ 776 B
553 B 35ms
31ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/plugins/advanced-ads-pro/modules/advanced-visitor-conditions/inc/conditions.min.js?ver=2.1.4
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 34a076e639ab3a82f7aabf481baea42f28f323dd18176be527f7a64e8f528ade

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5313
x-powered-by: PleskLin
cf-request-id: 08721c96a200002b4154800000000001
last-modified: Sun, 20 May 2018 19:45:36 GMT
server: cloudflare
etag: W/"e077f-308-56ca86dd0dff5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fxhmZEqs5lBZqRtPkftCgBC3iirA%2FGCttEPeqeaWaCXfjBFCiQc7c30LrJCeJvwESzqB9AwY8JtvQQX7xihdSwPR144gRPUeaRN69ImJz7MyArqNzGFdd6LJuWLefPYuIFnPK4sQDa0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
x-accel-version: 0.01
cache-control: max-age=1382400
cf-ray: 626396d0fe722b41-FRA

GET
H2 200 script.js Show response
www.investmentwatchblog.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/ 3 KB
1 KB 29ms
25ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/plugins/advanced-ads-responsive/public/assets/js/script.js?ver=1.7.3
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5841eb6d1895c740317d98a4cd9e5aeced865f5c50182647401afc3d303367e1

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5313
x-powered-by: PleskLin
cf-request-id: 08721c96a200002b412b228000000001
last-modified: Sun, 20 May 2018 19:45:22 GMT
server: cloudflare
etag: W/"5b01d052-b92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pjjpnkfs3mLRKMa7lT%2BdR3codLIW0AseSBjYdsiqyavbp4yU5iipQEpg5eA9NRKfwOKc5ajkg8jkEnp59cHCKh6TGI%2BM%2F9iOeQFNsWXUBH%2FNhQSL7KCSI87k0oThQVdd6pnw6FKKi3A%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d0fe742b41-FRA

GET
H2 200 advanced.js Show response
www.investmentwatchblog.com/wp-content/plugins/advanced-ads/public/assets/js/ 6 KB
2 KB 28ms
25ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.js?ver=1.8.29
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 600b305f590e26b3e541ee144b681e02d18a21a8717aa242b1526fe49cbf7a13

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5313
x-powered-by: PleskLin
cf-request-id: 08721c96a200002b4139186000000001
last-modified: Sun, 20 May 2018 19:46:19 GMT
server: cloudflare
etag: W/"5b01d08b-1696"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NG6Rghy%2BzU8mmztQapQapsdQ24ILLxzgVW016XtVnLwcizDpWH6zmfcqSL%2BG79yddlTZA4p%2BvoHanM4G2OO07QoU4UpHKxlBj%2FK28OLVc8%2BzCa1Y2Fkpk6z9abeQkTANbaZ0yjNW10U%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d0fe762b41-FRA

GET
H2 200 jquery-migrate.min.js Show response
www.investmentwatchblog.com/wp-includes/js/jquery/ 10 KB
4 KB 22ms
19ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 445
x-powered-by: PleskLin
cf-request-id: 08721c96a200002b415a93a000000001
last-modified: Fri, 20 May 2016 10:11:28 GMT
server: cloudflare
etag: W/"573ee2d0-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q4r4Kx%2B%2F6WC4OkYrT8tpZyHPwWH8I3l7arWO7nhfu4Nw6sB6LITnUiJtTGoiZBwF9eorHItCpSkFus7PayfO8aN6HNUZSKRXNZt07IMzmEH46fqrojoOLW66%2Fnm5toODUVyQ9h6jMuU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d0fe782b41-FRA

GET
H2 200 jquery.js Show response
www.investmentwatchblog.com/wp-includes/js/jquery/ 95 KB
32 KB 24ms
21ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 678
x-powered-by: PleskLin
cf-request-id: 08721c96a300002b411c37c000000001
last-modified: Thu, 05 Sep 2019 09:48:38 GMT
server: cloudflare
etag: W/"5d70d9f6-17a6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=y2h0uvT%2B8QEidz6g69XV5etI4HYAd99%2FufsxK4JcMZWUHWj6h1apALFkCFthZBLSZbfoye%2BNu%2BJOAAi9T3EvTmeimWFUrsHJO%2BqGc4PnWBHf2puY8VVQe3Y4CbllgoNz6aegjREuH%2Fc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d0fe7a2b41-FRA

GET
H2 200 16.css
www.dianomi.com/img/a/pss/1945/ Frame 139A 2 KB
1 KB 4ms
0ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/1945/16.css

Requested by

Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d78ab2b1f952707d4105e5459a8476debeaaaa453f38c54bbc4c8f61ed3404a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=3374
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 171024
cf-polished: origSize=2987
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jan 2021 10:47:57 GMT
server: cloudflare
etag: W/"bab-5ba07bcbe7744"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Fri, 26 Mar 2021 06:10:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 08721c96ee0000737354028000000001
cf-ray: 626396d17ae77373-CPH
cf-bgj: minify

GET
H2 200 WC3ATCVDvh2@LTe9i9rxYAAAABM.png
www.dianomi.com/img/uploads/ Frame 139A 1 KB
1 KB 48ms
44ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/uploads/WC3ATCVDvh2@LTe9i9rxYAAAABM.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=3374
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 509742
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="WC3ATCVDvh2@LTe9i9rxYAAAABM.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Aug 2020 16:33:54 GMT
server: cloudflare
etag: "f64-5ac380de33e55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 26 Mar 2021 06:10:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 08721c9716000073739f871000000001
accept-ranges: bytes
cf-ray: 626396d1bb667373-CPH
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 290x153.jpg
www.dianomi.com/img/a/sav2/126583/3/ Frame 139A 12 KB
13 KB 54ms
52ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/126583/3/290x153.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcf0bdccae0b06065bc72d99ca48cad4da67f250a9fe21f433d86f476d94ffee

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=3374
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 467414
cf-polished: qual=85, origFmt=jpeg, origSize=59781
content-disposition: inline; filename="290x153.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 12654
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Jan 2021 06:37:54 GMT
server: cloudflare
etag: "e985-5b89a255a020a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 26 Mar 2021 06:10:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 08721c97170000737368202000000001
accept-ranges: bytes
cf-ray: 626396d1bb6d7373-CPH
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 290x153.jpg
www.dianomi.com/img/a/sav2/196153/2/ Frame 139A 13 KB
14 KB 47ms
45ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/196153/2/290x153.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f89eef512442e9d81f72de59a73e3934bd7b2bf767775008912ae71cbbe4c822

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=3374
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 182940
cf-polished: qual=85, origFmt=jpeg, origSize=27638
content-disposition: inline; filename="290x153.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 13658
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jan 2021 07:29:29 GMT
server: cloudflare
etag: "6bf6-5b9c89d6ceb7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 26 Mar 2021 06:10:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 08721c9718000073736d8ee000000001
accept-ranges: bytes
cf-ray: 626396d1bb6f7373-CPH
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 290x153.jpg
www.dianomi.com/img/a/sav2/120905/4/ Frame 139A 4 KB
4 KB 82ms
80ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/120905/4/290x153.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fda6d9431c98b7a20a2bab002d5090da8fbd38a903351f5d36f2ee9e769270d

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=3374
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 871307
cf-polished: qual=85, origFmt=jpeg, origSize=9990
content-disposition: inline; filename="290x153.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 3900
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Dec 2020 00:06:22 GMT
server: cloudflare
etag: "2706-5b610f2316753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 26 Mar 2021 06:10:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 08721c971800007373983bb000000001
accept-ranges: bytes
cf-ray: 626396d1cb727373-CPH
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 css
fonts.googleapis.com/ Frame 139A 2 KB
636 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/1945/16.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dianomi.com/img/a/pss/1945/16.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 18:55:32 GMT
server: ESF
date: Tue, 23 Feb 2021 20:10:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Feb 2021 20:10:14 GMT

GET
H2 200 16.css
www.dianomi.com/img/a/pss/1945/ Frame 9581 2 KB
816 B 24ms
0ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/1945/16.css

Requested by

Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d78ab2b1f952707d4105e5459a8476debeaaaa453f38c54bbc4c8f61ed3404a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=3374
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 171024
cf-polished: origSize=2987
strict-transport-security: max-age=60; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jan 2021 10:47:57 GMT
server: cloudflare
etag: W/"bab-5ba07bcbe7744"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Fri, 26 Mar 2021 06:10:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 08721c96f90000737356b6f000000001
cf-ray: 626396d18b057373-CPH
cf-bgj: minify

GET
H2 200 WC3ATCVDvh2@LTe9i9rxYAAAABM.png
www.dianomi.com/img/uploads/ Frame 9581 1 KB
1 KB 60ms
60ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/uploads/WC3ATCVDvh2@LTe9i9rxYAAAABM.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=3374
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 509742
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="WC3ATCVDvh2@LTe9i9rxYAAAABM.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Aug 2020 16:33:54 GMT
server: cloudflare
etag: "f64-5ac380de33e55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 26 Mar 2021 06:10:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 08721c9724000073736d8ef000000001
accept-ranges: bytes
cf-ray: 626396d1db967373-CPH
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 290x153.jpg
www.dianomi.com/img/a/sav2/126583/3/ Frame 9581 12 KB
12 KB 74ms
73ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/126583/3/290x153.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcf0bdccae0b06065bc72d99ca48cad4da67f250a9fe21f433d86f476d94ffee

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=3374
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 467414
cf-polished: qual=85, origFmt=jpeg, origSize=59781
content-disposition: inline; filename="290x153.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 12654
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Jan 2021 06:37:54 GMT
server: cloudflare
etag: "e985-5b89a255a020a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 26 Mar 2021 06:10:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 08721c9726000073737f947000000001
accept-ranges: bytes
cf-ray: 626396d1dba37373-CPH
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 290x153.jpg
www.dianomi.com/img/a/sav2/120905/4/ Frame 9581 4 KB
4 KB 54ms
54ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/120905/4/290x153.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fda6d9431c98b7a20a2bab002d5090da8fbd38a903351f5d36f2ee9e769270d

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=3374
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 871307
cf-polished: qual=85, origFmt=jpeg, origSize=9990
content-disposition: inline; filename="290x153.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 3900
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Dec 2020 00:06:22 GMT
server: cloudflare
etag: "2706-5b610f2316753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 26 Mar 2021 06:10:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 08721c972600007373c9279000000001
accept-ranges: bytes
cf-ray: 626396d1dba57373-CPH
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 290x153.jpg
www.dianomi.com/img/a/sav2/196153/2/ Frame 9581 13 KB
13 KB 59ms
59ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/196153/2/290x153.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f89eef512442e9d81f72de59a73e3934bd7b2bf767775008912ae71cbbe4c822

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/smartads.epl?id=3374
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 182940
cf-polished: qual=85, origFmt=jpeg, origSize=27638
content-disposition: inline; filename="290x153.webp"
strict-transport-security: max-age=60; includeSubDomains
content-length: 13658
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Jan 2021 07:29:29 GMT
server: cloudflare
etag: "6bf6-5b9c89d6ceb7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 26 Mar 2021 06:10:14 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-request-id: 08721c9727000073738d1eb000000001
accept-ranges: bytes
cf-ray: 626396d1dba77373-CPH
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 139A 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dianomi.com
Referer: https://fonts.googleapis.com/css?family=Roboto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 402275
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 19 Feb 2022 04:25:39 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 9581 2 KB
978 B 62ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/1945/16.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dianomi.com/img/a/pss/1945/16.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 18:57:47 GMT
server: ESF
date: Tue, 23 Feb 2021 20:10:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Feb 2021 20:10:14 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9581 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dianomi.com
Referer: https://fonts.googleapis.com/css?family=Roboto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:25:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 402275
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 19 Feb 2022 04:25:39 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.investmentwatchblog.com/wp-includes/js/ 12 KB
4 KB 26ms
26ms Script
text/javascript 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.investmentwatchblog.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.16
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 678
x-powered-by: PleskLin
cf-request-id: 08721c978700002b41090de000000001
last-modified: Thu, 02 Aug 2018 21:48:35 GMT
server: cloudflare
etag: W/"5b637c33-2efa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K2DQtyi7K46JwjR21qmy%2FfdRQ5UyrO8VcaCDAO%2F4oGSf7CAaVz1P7v1DcsFmfxiIMm3IvdTYjHg6ImE2DNed2ZZbaFpPxHMqyuIB6WNFTUcaaFJv00cda7ji%2FsBlmMagGAy1LEIV1mg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1382400
cf-ray: 626396d279b72b41-FRA

GET
H2 200 investmentwatchblog.js Show response
cdn4.buysellads.net/pub/ 463 KB
167 KB 517ms
430ms Script
application/javascript 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/investmentwatchblog.js?1614111000000
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8a3d4babfc3b383e22367d8d85490d13d6897fabe0c638a95ba58265735930f6

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:15 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 20:07:46 GMT
server: NetDNA-cache/2.2
x-amz-request-id: DB9C0D67BA7FE03B
etag: W/"7777b279196eb1104c58d01ff328774f"
x-cache: MISS
content-type: application/javascript
cache-control: max-age=31104000
x-amz-id-2: Iu1tHl4paS4O6+GK7dnorRkdpBAFtChSJyh8A5C0PzCvoh64Bf7lZhCILSzPeVIybluByDH52QI=
expires: Fri, 18 Feb 2022 20:10:15 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 18:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5430
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 18:39:44 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 1 KB
1 KB 419ms
183ms Script
text/javascript 54.197.13.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.investmentwatchblog.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.13.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-13-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 1e0e612af1b17240c1c0945e073f6593066cbdac0665a1d1676e61183dde8f3e

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:15 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 710
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2133317-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1377
date: Tue, 23 Feb 2021 19:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Feb 2021 21:47:17 GMT

GET
H2 200 styles.css
a.mailmunch.co/app/v1/ 21 KB
3 KB 6ms
6ms Stylesheet
text/css 2600:9000:211e:7a00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/styles.css
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 11:02:07 GMT
content-encoding: gzip
age: 119288
x-cache: Hit from cloudfront
content-length: 2274
access-control-allow-origin: *
last-modified: Fri, 19 Feb 2021 11:27:24 GMT
server: AmazonS3
etag: "2dbdce696e2921cdb66ba44db263cc8d"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/css
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: iaI0yOrpEHZaSubls4K5ty_uMJHaSqGTwuYJj89HiUh5z3v3tG5qlw==

GET
H/1.1 200
OK 514656 Show response
forms.mailmunch.co/sites/ 89 B
574 B 395ms
141ms XHR
application/json 34.195.37.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.mailmunch.co/sites/514656
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.37.70 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-37-70.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 776e70a22f33932845cbb091c963a200d4726dbf863ed2768c49edf721a9dc06

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 20:10:15 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"59-X3s+U1iXdasajzp3z4L7/FmCShA"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-MM-Comp-Tracking, X-MM-EU-Continent, X-MM-T
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-MM-Form-Tool, X-MM-Coupons
Content-Length: 89

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
396 B 46ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=885418881&t=pageview&_s=1&dl=https%3A%2F%2Fwww.investmentwatchblog.com%2F&ul=en-us&de=UTF-8&dt=Investment%20Watch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=84311170&gjid=1515609046&cid=144134692.1614111015&tid=UA-2133317-5&_gid=2097038479.1614111015&_r=1&gtm=2ou2a1&z=999647480

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.investmentwatchblog.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
27 B 32ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=885418881&t=timing&_s=2&dl=https%3A%2F%2Fwww.investmentwatchblog.com%2F&ul=en-us&de=UTF-8&dt=Investment%20Watch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1657&pdt=241&dns=9&rrt=0&srt=799&tcp=15&dit=1432&clt=1441&_gst=1745&_gbt=1766&_cst=1690&_cbt=1695&_u=IEBAAUABAAAAAC~&jid=&gjid=&cid=144134692.1614111015&tid=UA-2133317-5&_gid=2097038479.1614111015&_slc=1&z=394004237

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.investmentwatchblog.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings-1614083327.json Show response
a.mailmunch.co/forms-cache/514656/ 3 KB
1 KB 24ms
10ms XHR
application/json 2600:9000:211e:7a00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/514656/settings-1614083327.json
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc2e21bf484f4a4aadfa0c9b8f9a7bb0d831ea32d3f2da21aa1d759d21adc58

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:29:42 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 27634
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 23 Feb 2021 12:28:55 GMT
server: AmazonS3
etag: W/"d8e341c2acc4b9569591a634cbbc274f"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
via: 1.1 6f6de2de0e03603ac1b58353376153d3.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: DS10Nr_J0XotzSdlCHSSeqzCmW7K4tdIgkBrIJ1ZYIe-nFE54JVbZw==

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 177ms
59ms Script
application/x-javascript 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=2914
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:15 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: CS9MEKCGDH7JCG1W
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=32419
accept-ranges: bytes
content-length: 55696
x-amz-id-2: rMXNPsQIb+mKYD29FMB15RdFUqe9Tfou6CShBIvY7hnXxvkZDIoIUnmVywqGcHl6qM8T7VVwN8E=

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 134ms
134ms Image
image/gif 54.197.13.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=79b93361-d909-4391-b4de-6adc27669036&ntv_fl=zOcEDJFzfNKR6SyJk0keXkrKNyyGdCSl2ChbV7U_SZE=&ntv_ht=J2E1YAA&ntv_at=303,302&ntv_a=AAAAAAAAAAs_QDA&ord=1614111015276&ntv_dpl=1041,1009,1011,1028,1029,1016,1034,1050,1003,1019,1006,1007&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.13.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-13-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:15 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 134ms
133ms Image
image/gif 54.197.13.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=259251&ntv_gdpr_consent=&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.13.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-13-220.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:15 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 embedded.js Show response
a.mailmunch.co/app/v1/ 4 KB
2 KB 6ms
6ms Script
text/javascript 2600:9000:211e:7a00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/embedded.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48f097fa20655292e0e8fab980a1cbe86f212d8d2e522cddda6e5c1b79377b55

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 01:39:15 GMT
content-encoding: gzip
age: 153061
x-cache: Hit from cloudfront
content-length: 1091
access-control-allow-origin: *
last-modified: Fri, 19 Feb 2021 11:27:17 GMT
server: AmazonS3
etag: "fcc22b2cb09cd67cb302be9c9b81a674"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/javascript
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: COH4_mZqfFuFoTLn69vNhNQ_u1XnbGrblkZC4IIanF7PdLljcbn74w==

GET
H2 200 scrollbox.js Show response
a.mailmunch.co/app/v1/ 3 KB
2 KB 6ms
6ms Script
text/javascript 2600:9000:211e:7a00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/scrollbox.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cf70940d7d6c5844d4bfc98566852f08b580bafbc424f26310c31063a0bfced

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 13:12:40 GMT
content-encoding: gzip
age: 111456
x-cache: Hit from cloudfront
content-length: 1055
access-control-allow-origin: *
last-modified: Fri, 19 Feb 2021 11:27:18 GMT
server: AmazonS3
etag: "3a377715542d4bf8a5ad8bfdadbe8410"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/javascript
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: ipdTEgKKWuZPe9zgWy29KK1A712QWGnC6wdxQJeTCD3t82vQ7sLtCA==

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ads.investingchannel.com
URL: https://ads.investingchannel.com/adtags/investmentwatchblog/economics/970x250,970x90,728x90.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1378
date: Tue, 23 Feb 2021 19:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Feb 2021 21:47:17 GMT

GET
H2 200 97d4d1d-b83b-45e3-8f2e-11f972de5c44 Show response
uat5.investingchannel.com/data/ 40 KB
10 KB 409ms
145ms XHR
application/json 34.197.78.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/data/97d4d1d-b83b-45e3-8f2e-11f972de5c44?browsersize=1600x1200&consentsknown=null&usprivacy=&pageurl=https%3A%2F%2Fwww.investmentwatchblog.com%2F
Requested by: Host: ads.investingchannel.com
URL: https://ads.investingchannel.com/adtags/investmentwatchblog/economics/970x250,970x90,728x90.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.78.225 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-78-225.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash: ba00c79529243f195c70a6cdfa846c16d05554744d285e8e18a39d64e40ace9e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:15 GMT
content-encoding: gzip
server: Jetty(9.4.12.v20180830)
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.investmentwatchblog.com
cache-control: private, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: application/json;charset=utf-8

GET
H2 200 300x250.js Show response
ads.investingchannel.com/adtags/investmentwatchblog/economics/ 676 KB
182 KB 180ms
180ms Script
text/javascript 34.203.143.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.investingchannel.com/adtags/investmentwatchblog/economics/300x250.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.143.197 Brooklyn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-143-197.compute-1.amazonaws.com
Software: nginx/1.9.9 + Phusion Passenger 5.0.23 / Phusion Passenger Enterprise 5.0.23
Resource Hash: 7b77e3ada963c7cabf2c7fcd33753be6bd71103785324ca5813fbadb5d021b6c

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 0.028869
date: Tue, 23 Feb 2021 20:10:15 GMT
content-encoding: gzip
etag: "W/91ad3e738201eb68db6a56bcfb742186"
server: nginx/1.9.9 + Phusion Passenger 5.0.23
x-powered-by: Phusion Passenger Enterprise 5.0.23
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200 OK
cache-control: max-age=3300, private, must_revalidate=true
x-request-id: 42532c6ee2efd249800f3d52a7d6dd96
content-type: text/javascript; charset=utf-8
x-rack-cache: miss
x-ua-compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK 2914 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 319 B
766 B 185ms
65ms Script
application/octet-stream 184.30.25.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/2914?t=2021123212
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 994ddd57eb0f4ddbe9cf0411bb6ab0090b8fba4cf6392135722024ba6df61f59

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: n9DMwsH2aZ8iiE0yV1H.IwdVuRmBkx4o
Last-Modified: Tue, 23 Feb 2021 19:45:59 GMT
Server: AmazonS3
x-amz-request-id: 3F829B8211118FC1
ETag: "a6a661f41d4cda700634e2d6e9403de7"
Content-Type: application/octet-stream
Date: Tue, 23 Feb 2021 20:10:15 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 319
x-amz-id-2: iG6uL0G34bN8+jQuNI4kE5ZUI2XjoRW4eBQ100fQHwAtie6RBKm5TQOg/Z7Ocd+VRW/X0uoPeMk=

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
19 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/investmentwatchblog.js?1614111000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebcf63dae282a7b1843dd363d8bf012cd9f4801dae83fe8cca067cfd4707157b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "793 / 787 of 1000 / last-modified: 1614082486"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19482
x-xss-protection: 0
expires: Tue, 23 Feb 2021 20:10:15 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
368 B 250ms
249ms Image
image/gif 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=8.331967160219866
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:15 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 22980E91FEB310CA
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: O6cH1f6PwPE4X0ZmUyZtr/Lxqbg60reQIiewB+ZfBxNdmTDHIa0++6N5DD4h+eCT8+uFu2nLkWg=
expires: Fri, 18 Feb 2022 20:10:15 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
369 B 257ms
256ms Image
image/gif 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=8.331967160219866
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:15 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: E0E7ADD7B115535A
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: DXxi+VcGGb7oNwlwP947Ysyku/vGnJ5XRcKm5lQXQ0ONvaGwCqN3HoSIc+HwqQS5SAyXnMNLHCQ=
expires: Fri, 18 Feb 2022 20:10:15 GMT

GET
H2 200 pubads_impl_2021022201.js Show response
securepubads.g.doubleclick.net/gpt/ 290 KB
102 KB 206ms
83ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022201.js?31060231

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

c979556e6d59f675264f916e5fe174676eabca2942f2fda0d758d0c3cf46849f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 09:37:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104000
x-xss-protection: 0
expires: Tue, 23 Feb 2021 20:10:15 GMT

GET
H2 200 logo81.jpg
www.investmentwatchblog.com/wp-content/uploads/2018/05/ 5 KB
5 KB 15ms
15ms Image
image/webp 2606:4700:20::ac43:4a4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.investmentwatchblog.com/wp-content/uploads/2018/05/logo81.jpg
Requested by: Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ca1216a67102816cf58e31d36133fe1b936e472e8c56a5fcad88ba1c9d2b0b35

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:15 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3375
x-powered-by: PleskLin
content-disposition: inline; filename="logo81.webp"
content-length: 5002
cf-request-id: 08721c9b7600002b4116a2e000000001
last-modified: Sun, 20 May 2018 20:05:39 GMT
server: cloudflare
etag: "5b01d513-3f22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g%2BhmR4QeZDLX93dtLDsDnjPSNRk7mlqW3HeBBACiEKH%2FOTkGNUv3sttzw1IpwexXs1tSSaoAOhcjDiyV%2BnloscNdNb%2BCtvS4hI7wjaVpYL8n03rODsSCYuGYWvhT%2B3KQgxAu%2F1lUV1U%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
cache-control: max-age=1382400
cf-polished: origFmt=jpeg, origSize=16162
accept-ranges: bytes
cf-ray: 626396d8bf372b41-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 widget-videos.js Show response
whatfinger-videos.b-cdn.net/widgets/server/ 1 KB
1 KB 63ms
49ms XHR
application/json 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://whatfinger-videos.b-cdn.net/widgets/server/widget-videos.js?rows=3&cols=1&backgroundColor=rgb(240%2C%20240%2C%20240)&textColor=rgb(0%2C%200%2C%200)&borderColor=%23DDD&displayContent=0&contentSort=0&contentType=0&showTitle=1&showThumb=1&widgetID=wWidget_682d4d68eb&layout=basic&test=tesst1&referer=https://www.investmentwatchblog.com/

Requested by

Host: whatfinger-videos.b-cdn.net
URL: https://whatfinger-videos.b-cdn.net/widgets/new-wfw.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),

Reverse DNS

Software

BunnyCDN-DE1-481 /

Resource Hash

d3a0278ffa6092d6005dc82b2cdf8a737b56c5a76dd5cbef3cbcf4a2d93399ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Feb 2021 20:10:15 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cdn-edgestorageid: 481
access-control-allow-origin: *
p3p: CP="CAO PSA OUR"
x-sucuri-cache: MISS
cdn-cachedat: 2021-02-16 15:22:56
cdn-pullzone: 197355
x-xss-protection: 1; mode=block
access-control-allow-headers: Origin,Content-Type
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
cdn-cache: HIT
cdn-uid: 09510555-c90d-4761-bbc4-cfc60cb0182b
cache-control: public, max-age=3600
x-sucuri-id: 15019
cdn-requestid: f71d4309de42ba3ddae3b7ba3ee57a44
cdn-requestcountrycode: DE
link: <https://choiceclips.whatfinger.com/widgets/server/widget-videos.js?rows=3&cols=1&backgroundColor=rgb(240%2C%20240%2C%20240)&textColor=rgb(0%2C%200%2C%200)&borderColor=%23DDD&displayContent=0&contentSort=0&contentType=0&showTitle=1&showThumb=1&widgetID=wWidget_682d4d68eb&layout=basic&test=tesst1&referer=https://www.investmentwatchblog.com/>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 index-1603034977.html Show response
a.mailmunch.co/forms-cache/514656/870867/ 111 KB
39 KB 8ms
8ms XHR
text/html 2600:9000:211e:7a00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/514656/870867/index-1603034977.html
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0603b2defc240668b5f489c35c80ffcedaddf2529a7c8a5d3fb298b268c5bdb

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 13:46:29 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1491827
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sun, 18 Oct 2020 15:29:46 GMT
server: AmazonS3
etag: W/"d3ca764ef5663002588a4e2756132340"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
via: 1.1 6f6de2de0e03603ac1b58353376153d3.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: -pt9b8_MxPPU_tENzBcnWy0-BhTNzBweiNHdL4g9_aWu349CMC-XmQ==

GET
H2 200 1f61c.svg
s.w.org/images/core/emoji/11/svg/ 990 B
743 B 214ms
69ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/11/svg/1f61c.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

006ed29a949e1e028dd64da98abf6de4953166a7c2aafa1c74e60e985cd9d658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 23 Feb 2021 20:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Jun 2018 13:09:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f447.svg
s.w.org/images/core/emoji/11/svg/ 558 B
407 B 214ms
69ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/11/svg/1f447.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

ea5cb5c192a3478fe2766d2401fa6bd46a6fe23b9bfc2034d0a54c9fd3088a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 23 Feb 2021 20:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Jun 2018 13:09:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f1fa-1f1f8.svg
s.w.org/images/core/emoji/11/svg/ 2 KB
759 B 213ms
69ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/11/svg/1f1fa-1f1f8.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

1feca2279a6e78133bf577b99e4f3e82896622c255d29017cec5f5cfa93e4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Tue, 23 Feb 2021 20:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Jun 2018 13:09:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.css
a.mailmunch.co/v2/themes/mailmunch/simple/scrollbox/ Frame 1D8F 8 KB
4 KB 6ms
6ms Stylesheet
text/css 2600:9000:211e:7a00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/v2/themes/mailmunch/simple/scrollbox/index.css
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d6973fc9396cb6d7bfe26d106507e296f216e09a5e3f0cdbe761dc85fe2b344

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 16:56:49 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 11608
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 08 Jan 2020 12:44:08 GMT
server: AmazonS3
etag: W/"7e3e8f82cfd5ffda5140498a86479551"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/css
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: drJvZc6PLgD70bDhx76W6isDvlY-DDIgW-BSOUQRyhALxFugtBKtiA==

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 1D8F 4 KB
711 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700,400

Requested by

Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/simple/scrollbox/index.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://a.mailmunch.co/v2/themes/mailmunch/simple/scrollbox/index.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 19:54:42 GMT
server: ESF
date: Tue, 23 Feb 2021 20:10:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Feb 2021 20:10:15 GMT

GET
DATA 200
OK truncated
/ Frame 1D8F 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc139bb571ba15adcd2e6f37859679ce715e5de67720f0724595e5b8a6dfe9b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 1D8F 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.investmentwatchblog.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:700,400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 23:19:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 247856
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sun, 20 Feb 2022 23:19:19 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 1D8F 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.investmentwatchblog.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:700,400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 433729
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:26 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
584 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: www.investmentwatchblog.com
URL: https://www.investmentwatchblog.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e5637ea03cdf817f62591f545db7036cfef91733b0492df8765748e030b6720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 19:16:40 GMT
server: ESF
date: Tue, 23 Feb 2021 20:10:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Feb 2021 20:10:15 GMT

GET
H2 200 my-solution-liberals-wont-mind-r-600x400.jpg
whatfinger-videos.b-cdn.net/wp-content/uploads/2021/02/ 58 KB
59 KB 11ms
10ms Image
image/jpeg 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whatfinger-videos.b-cdn.net/wp-content/uploads/2021/02/my-solution-liberals-wont-mind-r-600x400.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),

Reverse DNS

Software

BunnyCDN-DE1-481 /

Resource Hash

836ca5b6844573a26120a4e331623b0f409583d74d544823ca070ceea8c061c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:15 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 481
access-control-allow-origin: *
x-sucuri-cache: MISS
cdn-cachedat: 2021-02-22 17:38:21
cdn-pullzone: 197355
content-length: 59731
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Feb 2021 14:14:59 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 09510555-c90d-4761-bbc4-cfc60cb0182b
cache-control: public, max-age=3600
x-sucuri-id: 15019
cdn-requestid: b4c1d36f0d6371313c2e67a904a40535
cdn-requestcountrycode: DE
accept-ranges: bytes
link: <https://choiceclips.whatfinger.com/wp-content/uploads/2021/02/my-solution-liberals-wont-mind-r-600x400.jpg>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 ingraham-the-gops-great-reset-600x400.jpg
whatfinger-videos.b-cdn.net/wp-content/uploads/2021/02/ 30 KB
30 KB 11ms
10ms Image
image/jpeg 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whatfinger-videos.b-cdn.net/wp-content/uploads/2021/02/ingraham-the-gops-great-reset-600x400.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),

Reverse DNS

Software

BunnyCDN-DE1-481 /

Resource Hash

6bafafc5e7cd4fd55e59176ec9e62bd3bbefef15762b02804d781f74609e4dd8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:15 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 481
access-control-allow-origin: *
x-sucuri-cache: MISS
cdn-cachedat: 2021-02-20 16:38:59
cdn-pullzone: 197355
content-length: 30553
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Feb 2021 14:08:47 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 09510555-c90d-4761-bbc4-cfc60cb0182b
cache-control: public, max-age=3600
x-sucuri-id: 15019
cdn-requestid: d3a5cb4d8b7cf5b6bf91fb8d67ba4627
cdn-requestcountrycode: DE
accept-ranges: bytes
link: <https://choiceclips.whatfinger.com/wp-content/uploads/2021/02/ingraham-the-gops-great-reset-600x400.jpg>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 green-energy-fails-america-heres.jpg
whatfinger-videos.b-cdn.net/wp-content/uploads/2021/02/ 23 KB
23 KB 19ms
19ms Image
image/jpeg 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://whatfinger-videos.b-cdn.net/wp-content/uploads/2021/02/green-energy-fails-america-heres.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),

Reverse DNS

Software

BunnyCDN-DE1-481 /

Resource Hash

b2b4186b796ef0d7650a01500f1f3bd6cbf188901d3f76e2df5fdb7df40ced00

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:15 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 481
access-control-allow-origin: *
x-sucuri-cache: MISS
cdn-cachedat: 2021-02-20 16:38:59
cdn-pullzone: 197355
content-length: 23043
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Feb 2021 14:05:17 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 09510555-c90d-4761-bbc4-cfc60cb0182b
cache-control: public, max-age=3600
x-sucuri-id: 15019
cdn-requestid: 365b02754c16719d6b026be3be27709a
cdn-requestcountrycode: DE
accept-ranges: bytes
link: <https://choiceclips.whatfinger.com/wp-content/uploads/2021/02/green-energy-fails-america-heres.jpg>; rel="canonical"
cdn-requestpullsuccess: True

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.investmentwatchblog.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 23:19:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 247856
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sun, 20 Feb 2022 23:19:19 GMT

GET
H2 200 start.html Show response
uat5.investingchannel.com/ Frame 5085 141 B
342 B 149ms
147ms Document
text/html 34.197.78.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/start.html
Requested by: Host: ads.investingchannel.com
URL: https://ads.investingchannel.com/adtags/investmentwatchblog/economics/970x250,970x90,728x90.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.78.225 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-78-225.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash: dcd8844690dea3a3efc12bbe3cd70ccccf303e011d309b955ec8af4c831e5e1d

Request headers

:method: GET
:authority: uat5.investingchannel.com
:scheme: https
:path: /start.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.investmentwatchblog.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.investmentwatchblog.com/

Response headers

date: Tue, 23 Feb 2021 20:10:16 GMT
content-type: text/html
content-length: 141
last-modified: Tue, 23 Feb 2021 13:29:09 GMT
accept-ranges: bytes
etag: "0e7fb45d71f6309302efe48b17ede1768"
vary: Accept-Encoding, User-Agent
server: Jetty(9.4.12.v20180830)

GET
H2 200 predictive.js Show response
dggaenaawxe8z.cloudfront.net/predictive/ 895 KB
222 KB 291ms
122ms Script
text/javascript 65.9.67.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js
Requested by: Host: ads.investingchannel.com
URL: https://ads.investingchannel.com/adtags/investmentwatchblog/economics/970x250,970x90,728x90.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c62ba31d908a6c8feb2342a0f658e1afd2a4df88208733e8871f893da290aec6

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 19:01:30 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 16:04:25 GMT
server: AmazonS3
age: 4131
etag: "8d1a0b47ca29820b511f9044ab9828a6"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
cache-control: public, must-revalidate, max-age=7200, stale-while-revalidate=300
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 226731
x-amz-cf-id: VvztEY9lCkadG77YI4sHTIUumMKTw4waFxWouv6IUxPRBDkbvOPdxQ==

GET
H2 200 investmentwatchblog.js Show response
dggaenaawxe8z.cloudfront.net/cmp_v2/admiral/ 2 KB
1 KB 403ms
236ms Script
application/javascript 65.9.67.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dggaenaawxe8z.cloudfront.net/cmp_v2/admiral/investmentwatchblog.js
Requested by: Host: ads.investingchannel.com
URL: https://ads.investingchannel.com/adtags/investmentwatchblog/economics/970x250,970x90,728x90.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa16a8b01862eddd7eeccb04c7b9487ec2417b7f43cb3a95f46e71ef2e4a902d

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 18:41:44 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 04:19:51 GMT
server: AmazonS3
age: 5313
etag: W/"80b850cda6c940aa79faddf4f4924b9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
cache-control: public, must-revalidate, max-age=7200, stale-while-revalidate=300
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Bd0gLKSiLx8wCgzt4dCOT0RI98NdY4EBXPsjT9h-cad-RQmGSzCoHw==

POST
H2 200 adreq Show response
ads.servenobid.com/ 98 B
382 B 275ms
84ms XHR
application/json 54.76.211.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=10443
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/investmentwatchblog.js?1614111000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.211.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-211-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b0eca686b6dc8c27f57ed1b6f196ab7996dc1d937f2fb61f0134a353d821b9f5

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Feb 2021 20:10:16 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.investmentwatchblog.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
723 B 236ms
81ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/investmentwatchblog.js?1614111000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Feb 2021 20:10:16 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.147:80
AN-X-Request-Uuid: c1d377ed-ea16-4df5-ba47-d62ff5928a18
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.investmentwatchblog.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 complete.html Show response
uat5.investingchannel.com/ Frame 5085 300 B
501 B 155ms
154ms Document
text/html 34.197.78.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/complete.html
Requested by: Host: uat5.investingchannel.com
URL: https://uat5.investingchannel.com/start.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.78.225 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-78-225.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash: 1684cb0361909c64a43324d14eb77d57d541390a0511a251ba908af98024cd96

Request headers

:method: GET
:authority: uat5.investingchannel.com
:scheme: https
:path: /complete.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://uat5.investingchannel.com/start.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://uat5.investingchannel.com/start.html

Response headers

date: Tue, 23 Feb 2021 20:10:16 GMT
content-type: text/html
content-length: 300
last-modified: Tue, 23 Feb 2021 13:29:09 GMT
accept-ranges: bytes
etag: "027d069ae9d45f487e0fbaf58151344e5"
vary: Accept-Encoding, User-Agent
server: Jetty(9.4.12.v20180830)

GET
H/1.1 200
OK /
analytics.mailmunch.co/event/ 35 B
344 B 445ms
146ms Image
image/gif 54.84.220.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.mailmunch.co/event/?site_id=514656&widget_id=870867&event_name=views&cache=1614111016310&referrer=https%3A%2F%2Fwww.investmentwatchblog.com%2F&visitor_id=c9884b58-6393-4a33-81af-4953d8bdebc8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.220.80 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-220-80.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 20:10:16 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 v2jspNaHmkCtTVSAEzSSLlA9YXZBpF-KneZvtVnQ2xb3Ln_PRWCTDY3Y8 Show response
lovelydrum.com/ 539 KB
104 KB 434ms
278ms Script
text/javascript 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/v2jspNaHmkCtTVSAEzSSLlA9YXZBpF-KneZvtVnQ2xb3Ln_PRWCTDY3Y8

Requested by

Host: dggaenaawxe8z.cloudfront.net
URL: https://dggaenaawxe8z.cloudfront.net/cmp_v2/admiral/investmentwatchblog.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

0491b3121aa5c75913e563edbade5cbcd2900c4921818cba5d001fe044ebc999

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "81a763918b056db3d3ec4a7bb7efe0be73828b38bc090d4dc58d51085046ef0f"
vary: Accept-Encoding, Accept-Language
x-hostname: 9b6d8613
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 23 Feb 2021 20:10:16 GMT
timing-allow-origin: *

GET
H2 200 model.json Show response
dggaenaawxe8z.cloudfront.net/predictive/model/97d4d1d-b83b-45e3-8f2e-11f972de5c44/ 3 KB
1 KB 163ms
53ms Fetch
application/json 65.9.67.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dggaenaawxe8z.cloudfront.net/predictive/model/97d4d1d-b83b-45e3-8f2e-11f972de5c44/model.json
Requested by: Host: dggaenaawxe8z.cloudfront.net
URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1db9a2cce2089e37b94713f00181bd7e79fc72b3f5dc67c28a83a462648ec489

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 19:41:23 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1734
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 12 Feb 2020 16:04:23 GMT
server: AmazonS3
etag: W/"67018b3d9d6544061d37b34e20f8dd70"
access-control-max-age: 1800
access-control-allow-methods: GET
content-type: application/json
via: 1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
cache-control: public, must-revalidate, max-age=7200, stale-while-revalidate=300
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: j7wwz4JuYfqzZYK9Xu4y9Ph8rDbKjfcogOecVp4SPnDjnTg1STI9ag==

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
692 B 62ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=545786490551028&vrg=2021022201&nw_id=8691100&nslots=1&eid=21068891%2C21069725%2C21069823%2C21069919%2C31060170%2C31060231%2C21064371%2C31060218%2C44733567&pub_url=https%3A%2F%2Fwww.investmentwatchblog.com%2F&start_time=1614111016521&end_time=1614111016522&num_slots_filtered=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 / Show response
uat5.investingchannel.com/log/page/ 0
302 B 120ms
120ms XHR
text/plain 34.197.78.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/log/page/?gdprapplicable=true&uspstatus=INPROGRESS
Requested by: Host: ads.investingchannel.com
URL: https://ads.investingchannel.com/adtags/investmentwatchblog/economics/970x250,970x90,728x90.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.78.225 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-78-225.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.investmentwatchblog.com
date: Tue, 23 Feb 2021 20:10:16 GMT
access-control-allow-credentials: true
server: Jetty(9.4.12.v20180830)
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

OPTIONS
H2 200 /
uat5.investingchannel.com/log/page/ Frame 0
0 351ms
109ms Other 34.197.78.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://uat5.investingchannel.com/log/page/?gdprapplicable=true&uspstatus=INPROGRESS
Protocol: H2
Server: 34.197.78.225 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-78-225.compute-1.amazonaws.com
Software: Jetty(9.4.12.v20180830) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.investmentwatchblog.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 23 Feb 2021 20:10:16 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
access-control-allow-origin: https://www.investmentwatchblog.com
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
server: Jetty(9.4.12.v20180830)

GET
H2 200 group1-shard1of1.bin Show response
dggaenaawxe8z.cloudfront.net/predictive/model/97d4d1d-b83b-45e3-8f2e-11f972de5c44/ 8 KB
8 KB 49ms
49ms Fetch
application/octet-stream 65.9.67.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dggaenaawxe8z.cloudfront.net/predictive/model/97d4d1d-b83b-45e3-8f2e-11f972de5c44/group1-shard1of1.bin
Requested by: Host: dggaenaawxe8z.cloudfront.net
URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e89af5241fa8a39c717849a00a352c742d94035ae097f7b714ca31e826d4966

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 19:41:24 GMT
via: 1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1733
x-cache: Hit from cloudfront
content-length: 8004
last-modified: Wed, 12 Feb 2020 16:04:23 GMT
server: AmazonS3
etag: "97ecd386b3c6a31ac379e33476159af1"
access-control-max-age: 1800
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=7200, stale-while-revalidate=300
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: p5IQvpOrbEnbH0fvZJ3p7rvkrakosNx02EKDwoei7BT2VGJ68CDlWA==

GET
H2 200 Bhftu Show response
ad.doubleclick.net/ddm/adj/Bprp/ 11 B
645 B 158ms
55ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Bprp/Bhftu

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/v2jspNaHmkCtTVSAEzSSLlA9YXZBpF-KneZvtVnQ2xb3Ln_PRWCTDY3Y8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 3060 3 KB
2 KB 29ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/v2jspNaHmkCtTVSAEzSSLlA9YXZBpF-KneZvtVnQ2xb3Ln_PRWCTDY3Y8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.investmentwatchblog.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.investmentwatchblog.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1479
date: Tue, 23 Feb 2021 07:08:37 GMT
expires: Wed, 23 Feb 2022 07:08:37 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 46900
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 v2far_8TlgMtHuoeeP-d34nMwL7S9TDFGsf0iOttnykdw4n5OATlfo8gVjT1xfmNjIE7MwTZd Show response
lovelydrum.com/ 216 B
622 B 191ms
77ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/v2far_8TlgMtHuoeeP-d34nMwL7S9TDFGsf0iOttnykdw4n5OATlfo8gVjT1xfmNjIE7MwTZd

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/v2jspNaHmkCtTVSAEzSSLlA9YXZBpF-KneZvtVnQ2xb3Ln_PRWCTDY3Y8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

72c0942bde467661251d02a0e8b3d935e3b99a73bdc2467cee2d6505a63749a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 23 Feb 2021 20:10:17 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.investmentwatchblog.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 9b6d8613
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Tue, 23 Feb 2021 20:10:16 GMT

POST
H2 200 v2mnky4tiMzy-z6ti2AuLFMap-y4DtZNa4Y-VQCm1w638asmD3Mu0anG2f7-FkCDeoZcWkzg5 Show response
lovelydrum.com/ 355 B
390 B 101ms
101ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/v2mnky4tiMzy-z6ti2AuLFMap-y4DtZNa4Y-VQCm1w638asmD3Mu0anG2f7-FkCDeoZcWkzg5

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/v2jspNaHmkCtTVSAEzSSLlA9YXZBpF-KneZvtVnQ2xb3Ln_PRWCTDY3Y8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d0082fec646f28df426fd728649f7865c08272bda831760ba30e1d8c06b65791

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 23 Feb 2021 20:10:17 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.investmentwatchblog.com
access-control-allow-credentials: true
x-hostname: 9b6d8613
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 355

GET
H2 200 ConsentManager Show response
haltinggold.com/v2bzmD-Z9Iy3SI2ihZZyY1_I9Nzq-f3i4qpjdhezBzflTcmaUyhnJqyBTq62aCeVZN8Gt4_An/ 246 KB
73 KB 269ms
129ms Script
text/javascript 35.190.74.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://haltinggold.com/v2bzmD-Z9Iy3SI2ihZZyY1_I9Nzq-f3i4qpjdhezBzflTcmaUyhnJqyBTq62aCeVZN8Gt4_An/ConsentManager

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/v2jspNaHmkCtTVSAEzSSLlA9YXZBpF-KneZvtVnQ2xb3Ln_PRWCTDY3Y8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.74.222 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

c1213ea319a6f4c009be1d93d05e1e88a49d42cd51a6f9b0d4ae192b82da1414

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Origin: https://www.investmentwatchblog.com
Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "e992ae90b5d600337dd5ce4217d28872fcb1352bdf3edfadefc4dd8cc558a960"
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.investmentwatchblog.com
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
x-hostname: 9b6d8613
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date: Tue, 23 Feb 2021 20:10:18 GMT

GET
H3-Q050 200 css2
fonts.googleapis.com/ 7 KB
726 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Requested by

Host: haltinggold.com
URL: https://haltinggold.com/v2bzmD-Z9Iy3SI2ihZZyY1_I9Nzq-f3i4qpjdhezBzflTcmaUyhnJqyBTq62aCeVZN8Gt4_An/ConsentManager

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6353116fbc50156e43739cfdf88ff6bc78a730f00d60dc2439d51061769bc44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 20:10:18 GMT
server: ESF
date: Tue, 23 Feb 2021 20:10:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Feb 2021 20:10:18 GMT

GET
H3-Q050 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v3/ 36 KB
36 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8f1c14c5b866e78f8a733e4b6dc07939ced609e89fee2bf4e5261cd6b5ecb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.investmentwatchblog.com
Referer: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 17:19:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:47:12 GMT
server: sffe
age: 10270
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36936
x-xss-protection: 0
expires: Wed, 23 Feb 2022 17:19:08 GMT

GET
H3-Q050 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v3/ 36 KB
36 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8f1c14c5b866e78f8a733e4b6dc07939ced609e89fee2bf4e5261cd6b5ecb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.investmentwatchblog.com
Referer: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 17:19:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:47:12 GMT
server: sffe
age: 10270
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36936
x-xss-protection: 0
expires: Wed, 23 Feb 2022 17:19:08 GMT

POST
H2 200 v2far_8TlgMtHuoeeP-d34nMwL7S9TDFGsf0iOttnykdw4n5OATlfo8gVjT1xfmNjIE7MwTZd Show response
lovelydrum.com/ 272 B
354 B 99ms
99ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/v2far_8TlgMtHuoeeP-d34nMwL7S9TDFGsf0iOttnykdw4n5OATlfo8gVjT1xfmNjIE7MwTZd

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/v2jspNaHmkCtTVSAEzSSLlA9YXZBpF-KneZvtVnQ2xb3Ln_PRWCTDY3Y8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

0812fe803c08105d9b36d96f6724e779a32906d74e4e0913c5debc0cdfc729f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 23 Feb 2021 20:10:18 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.investmentwatchblog.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 9b6d8613
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 272
expires: Tue, 23 Feb 2021 20:10:17 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F4C3 52 KB
17 KB 129ms
52ms Document
text/html 184.30.24.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/investmentwatchblog.js?1614111000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.investmentwatchblog.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.investmentwatchblog.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 24 Feb 2021 20:10:21 GMT
Date: Tue, 23 Feb 2021 20:10:19 GMT
Connection: keep-alive

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame A8F9 5 KB
2 KB 32ms
10ms Document
text/html 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/investmentwatchblog.js?1614111000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1bf0f793f957d7a8a82b636c8fd8bb9d828db1dc0b701c9e93b69f7ee760e26

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.investmentwatchblog.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.investmentwatchblog.com/

Response headers

cache-control: max-age=86400
content-type: text/html
content-encoding: br
last-modified: Thu, 11 Feb 2021 00:16:53 GMT
accept-ranges: bytes
etag: "174fe5e69b1c2039a37a15a7de1d23c5"
server: AmazonS3
x-cache: TCP_HIT
x-amz-id-2: JNY/q6uHt58hNGxsKU7T7BRJPAWAveX1ScADN9DZhI3/FFzTWs4R45vn1sjGQQ6KqLN24xBkrLY=
x-amz-request-id: 89BC4F654BF48B7A
x-azure-ref-originshield: 0VnM0YAAAAABcTn5HtYuYQ5R0v22/sQCPTE9OMjFFREdFMDExMwA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref: 0K2E1YAAAAABV90kz0XJmR78Cr0jvPqvIRlJBRURHRTEwMDkAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date: Tue, 23 Feb 2021 20:10:19 GMT

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame ED05 3 KB
1 KB 194ms
68ms Document
text/html 52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 26f8d1904bb51602fd4486aa94441729aa501a0d52e6a79d2e1b4bef485ace11

Request headers

:method: GET
:authority: g2.gumgum.com
:scheme: https
:path: /usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

date: Tue, 23 Feb 2021 20:10:19 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd; Domain=.gumgum.com; Expires=Wed, 23-Feb-2022 20:10:19 GMT; Path=/; Secure; SameSite=None
etag: W/"0064c33ea5863d656ee50fa927a2a3f4a"
timing-allow-origin: *
content-encoding: gzip

GET
H2 204 ps
pixel.33across.com/ Frame C68C 0
0 367ms
118ms Document
text/plain 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D4271%26uid%3D33XUSERID33X
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: pixel.33across.com
:scheme: https
:path: /ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26cd%3D4271%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

x-33x-status: 2000208
server: 33XP003
date: Tue, 23 Feb 2021 20:10:18 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame A2F0 2 KB
818 B 135ms
49ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D9926%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26cd%3D9926%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://public.servenobid.com/sync.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://public.servenobid.com/sync.html

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2

200

sync
ads.servenobid.com/ Frame A8F9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26cbimg%3D4862%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526cbimg%253D4862%2526uid%253D%2524UID
https://ads.servenobid.com/sync?pid=312&cbimg=4862&uid=6695969640990510464

0
286 B

60ms
59ms

Image
image/avif

54.76.211.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&cbimg=4862&uid=6695969640990510464
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.211.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-211-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Feb 2021 20:10:19 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Pragma: no-cache
Date: Tue, 23 Feb 2021 20:10:19 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.30:80
AN-X-Request-Uuid: 718b1341-f994-43df-9cfc-d6164c295ecd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&cbimg=4862&uid=6695969640990510464
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame A8F9
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D5668%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26cbimg%3D5668%26uid%3D%24UID&sovrn_retry=true
https://ads.servenobid.com/sync?pid=310&cbimg=5668&uid=98f823bed68e9356d9785158

0
290 B

67ms
66ms

Image
image/avif

54.76.211.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&cbimg=5668&uid=98f823bed68e9356d9785158
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.211.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-211-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/sync.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Feb 2021 20:10:19 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date: Tue, 23 Feb 2021 20:10:19 GMT
Server: nginx
Location: https://ads.servenobid.com/sync?pid=310&cbimg=5668&uid=98f823bed68e9356d9785158
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame ED05
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=6695969640990510464

35 B
237 B

61ms
61ms

Image
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=6695969640990510464
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 23 Feb 2021 20:10:19 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 692.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.51:80
AN-X-Request-Uuid: 99b76d94-7eec-40b7-bdca-819b09a76ce6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=6695969640990510464
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame ED05
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd&gdpr=0&gdpr_consent=&us_privacy=1---
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
https://x.bidswitch.net/sync?dsp_id=59&user_id=9b01d1bc-059c-4663-b917-4995cb113976&ssp=gumgum2
https://rtb.gumgum.com/usersync?b=bsw&i=b008a318-cad0-4188-be09-062c89db1826

35 B
237 B

1067ms
1066ms

Image
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=b008a318-cad0-4188-be09-062c89db1826
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:21 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: //rtb.gumgum.com/usersync?b=bsw&i=b008a318-cad0-4188-be09-062c89db1826
date: Tue, 23 Feb 2021 20:10:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

syncPartner
sync.outbrain.com/ Frame ED05
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Mzd_8Y1ks7UYhu82jRVGGfhtlRAMJAhNq2GzKWsMeKdu9QCo8rrtI7fm8Pla8Hqp%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd&obuid=ENC(Mzd_8Y1ks7UYhu82jRVGGfhtlRAMJAhNq2GzKWsMeKdu9QCo8rrtI7fm8Pla8Hqp)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51

0
145 B

118ms
118ms

Image
text/plain

64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 20:10:20 GMT
Cache-Control: no-cache
X-TraceId: c2e1c5e231f682797335edfee224efde
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Date: Tue, 23 Feb 2021 20:10:20 GMT
X-TraceId: 46703dc7993745164799c08f2cb24d60
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame ED05
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=9a25d2c4-0b34-4a3b-8a30-7efaea58e695

35 B
237 B

76ms
76ms

Image
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=9a25d2c4-0b34-4a3b-8a30-7efaea58e695
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:20 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Tue, 23 Feb 2021 20:10:19 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=9a25d2c4-0b34-4a3b-8a30-7efaea58e695
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame ED05
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-8a5f3546-0a41-4870-5465-517b67471ef9$ip$82.102.20.235

35 B
237 B

71ms
70ms

Image
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-8a5f3546-0a41-4870-5465-517b67471ef9$ip$82.102.20.235
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:20 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-8a5f3546-0a41-4870-5465-517b67471ef9$ip$82.102.20.235
Date: Tue, 23 Feb 2021 20:10:20 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame ED05
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-4TVJUfl1lxCRKd17WB48qj0rYe14GBsQVP0m

35 B
237 B

61ms
59ms

Image
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-4TVJUfl1lxCRKd17WB48qj0rYe14GBsQVP0m
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Tue, 23 Feb 2021 20:10:19 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-4TVJUfl1lxCRKd17WB48qj0rYe14GBsQVP0m
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame ED05
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
https://rtb.gumgum.com/usersync?b=vnt&i=275f38ea-7613-11eb-973a-65cebf90c77c

35 B
237 B

1069ms
1069ms

Image
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=275f38ea-7613-11eb-973a-65cebf90c77c
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:21 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=275f38ea-7613-11eb-973a-65cebf90c77c
Date: Tue, 23 Feb 2021 20:10:19 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 275f38eb-7613-11eb-973a-65cebf90c77c

GET
H2 204 services
sync.technoratimedia.com/ Frame ED05 0
382 B 387ms
132ms Image
text/plain 150.136.25.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:10:20 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 575093885
access-control-allow-origin: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
access-control-allow-credentials: true

GET
H2

200

usersync
rtb.gumgum.com/ Frame ED05
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd&gdpr=0&gdpr_consent=&us_privacy=1---
https://stags.bluekai.com/site/23178?id=2i6RvLEvdsgxQitvsUc4&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MTJGZJHMTCFOZSHGZ3YKFUXI5TTKVRTIJTVONPXA...
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=2i6RvLEvdsgxQitvsUc4&us_privacy=1---

35 B
237 B

69ms
69ms

Image
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=2i6RvLEvdsgxQitvsUc4&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:20 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 23 Feb 2021 20:10:20 GMT
P3p: CP="We do not support P3P header."
Location: https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=2i6RvLEvdsgxQitvsUc4&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 118
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame ED05
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT

35 B
237 B

70ms
70ms

Image
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:19 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 23 Feb 2021 20:10:19 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame ED05
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=DkI2yjFmgns3&ev=1&pid=558355

35 B
237 B

70ms
70ms

Image
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=DkI2yjFmgns3&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 20:10:20 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=DkI2yjFmgns3&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-75d6d6d469-hx2l9
expires: -1

GET
H2 200 sync
ads.servenobid.com/ Frame ED05 0
299 B 60ms
59ms Image
image/avif 54.76.211.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&cd=7752&uid=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.211.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-211-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Feb 2021 20:10:19 GMT
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame ECB7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=41d06035-612b-4a00-bb83-22b47afde833&gdpr=0&gdpr_consent=

35 B
237 B

62ms
62ms

Document
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=41d06035-612b-4a00-bb83-22b47afde833&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=41d06035-612b-4a00-bb83-22b47afde833&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D

Response headers

date: Tue, 23 Feb 2021 20:10:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Tue, 23 Feb 2021 20:10:19 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Cache-Control: no-cache
set-cookie: uuid=41d06035-612b-4a00-bb83-22b47afde833; domain=.mathtag.com; path=/; expires=Wed, 23-Mar-2022 20:10:19 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=41d06035-612b-4a00-bb83-22b47afde833&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 3518 2f03077 master zrh-pixel-x27
Expires: Tue, 23 Feb 2021 20:10:18 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame FE6C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YDVhLAAAAFoA3Szr
https://rtb.gumgum.com/usersync?b=atm&i=YDVhLAAAAFoA3Szr&gdpr=0&gdpr_consent=&_test=YDVhLAAAAFoA3Szr

35 B
237 B

74ms
74ms

Document
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YDVhLAAAAFoA3Szr&gdpr=0&gdpr_consent=&_test=YDVhLAAAAFoA3Szr
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YDVhLAAAAFoA3Szr&gdpr=0&gdpr_consent=&_test=YDVhLAAAAFoA3Szr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D

Response headers

date: Tue, 23 Feb 2021 20:10:20 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YDVhLAAAAFoA3Szr&gdpr=0&gdpr_consent=&_test=YDVhLAAAAFoA3Szr
accept-ranges: bytes
date: Tue, 23 Feb 2021 20:10:20 GMT
via: 1.1 varnish
x-served-by: cache-hhn4053-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1614111020.263093,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame 6128 170 B
752 B 172ms
59ms Document
image/png 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xYzRiMDA1OS1hNDAzLTRiNDctYjM2ZC0yZjNjZDNiZmMwY2Q=&gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV8xYzRiMDA1OS1hNDAzLTRiNDctYjM2ZC0yZjNjZDNiZmMwY2Q=&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D

Response headers

content-type: image/png
date: Tue, 23 Feb 2021 20:10:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0CAB 8 KB
3 KB 131ms
39ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=78114
Expires: Wed, 24 Feb 2021 17:52:13 GMT
Date: Tue, 23 Feb 2021 20:10:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 30DE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=1856d38b-c25e-400a-8597-35bfcc76ea02&t=1616703019

35 B
237 B

79ms
79ms

Document
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=1856d38b-c25e-400a-8597-35bfcc76ea02&t=1616703019
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=1856d38b-c25e-400a-8597-35bfcc76ea02&t=1616703019
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D

Response headers

date: Tue, 23 Feb 2021 20:10:20 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Tue, 23 Feb 2021 20:10:19 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=1856d38b-c25e-400a-8597-35bfcc76ea02&t=1616703019
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=1856d38b-c25e-400a-8597-35bfcc76ea02; domain=.adsrvr.org; expires=Wed, 23-Feb-2022 20:10:19 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwiE5IfouJCsORAFOAE.; domain=.adsrvr.org; expires=Wed, 23-Feb-2022 20:10:19 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame CF8D
Redirect Chain

https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID
https://cs.emxdgt.com/umcheck?apnxid=6695969640990510464&redirect=https://rtb.gumgum.com/usersync?b=emx&i=$EMXUID
https://rtb.gumgum.com/usersync?b=emx&uid=6695969640990510464brt153901614111019973679f1

35 B
237 B

72ms
72ms

Document
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=emx&uid=6695969640990510464brt153901614111019973679f1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=emx&uid=6695969640990510464brt153901614111019973679f1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D

Response headers

date: Tue, 23 Feb 2021 20:10:20 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

content-type: text/html
date: Tue, 23 Feb 2021 20:10:20 GMT
location: https://rtb.gumgum.com/usersync?b=emx&uid=6695969640990510464brt153901614111019973679f1
set-cookie: eapn_id=6695969640990510464; Max-Age=7776000; Expires=Mon, 24 May 2021 20:10:20 GMT; Domain=.emxdgt.com; Path=/; HttpOnly; SameSite=None; Secure
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame C07D
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YDVhLMCo5sMAAA04KBoAAAAA

35 B
237 B

67ms
66ms

Document
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YDVhLMCo5sMAAA04KBoAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YDVhLMCo5sMAAA04KBoAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D

Response headers

date: Tue, 23 Feb 2021 20:10:20 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Tue, 23 Feb 2021 20:10:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YDVhLMCo5sMAAA04KBoAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 5
X-SO-HostName: m-ad313.dc4p.scaleout.jp
X-SO-LB-Hostname: a-tgng40005.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":57,"gdpr":true,"ipv4":"0.0.0.0","key":"YDVhLMCo5sMAAA04KBoAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad313"}
X-SO-Key: YDVhLMCo5sMAAA04KBoAAAAA
X-SO-IP: 82.102.20.235
X-SO-Cluster-ID: 57
X-SO-Upstream-ID: m-ad313

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 4684
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=1871597492722952392

35 B
237 B

71ms
70ms

Document
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=1871597492722952392
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=1871597492722952392
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D

Response headers

date: Tue, 23 Feb 2021 20:10:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmhiaGhoYGhpaWQIALbPmtcQAAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 20 Mar 2022 20:10:19 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDI3MrI0NTK2NBLiM9TNDE8qKzAsMPAqCTQBAJILJy8lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzS1NDexNDI3MrI0NTK2NBLiM9TNDE8qKzAsMPAqCTSR4jU0MzQxNDQ0MLS0NDIEAOnuhV80AAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 20 Mar 2022 20:10:19 GMT; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=1871597492722952392
Content-Length: 0
Server: Jetty(9.0.6.v20130930)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 2140
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=OXNR9DSDh5jP8B0H0XVe&pi=gumgum&tc=1

35 B
237 B

68ms
68ms

Document
image/gif

52.31.141.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=OXNR9DSDh5jP8B0H0XVe&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-56.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=OXNR9DSDh5jP8B0H0XVe&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_1c4b0059-a403-4b47-b36d-2f3cd3bfc0cd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26cd%3D7752%26uid%3D

Response headers

date: Tue, 23 Feb 2021 20:10:19 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Tue, 23 Feb 2021 20:10:19 GMT Tue, 23 Feb 2021 20:10:19 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=OXNR9DSDh5jP8B0H0XVe&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A525 37 KB
14 KB 62ms
61ms Document
text/html 184.30.20.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-198.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=39565
Expires: Wed, 24 Feb 2021 07:09:44 GMT
Date: Tue, 23 Feb 2021 20:10:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A525 0
75 B 209ms
50ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=11983164&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/AdServer/js/showad.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 23 Feb 2021 20:10:20 GMT
Content-Length: 0

GET
H2 200 index-1612966669.html Show response
a.mailmunch.co/forms-cache/514656/698793/ 110 KB
39 KB 9ms
8ms XHR
text/html 2600:9000:211e:7a00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/514656/698793/index-1612966669.html
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ef6679bb7f11889936389faf91151b8d04e8a4b62eb5f824d116459219e3384

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 14:18:27 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1144318
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 10 Feb 2021 14:17:59 GMT
server: AmazonS3
etag: W/"332fc3c1818aaaae7fafe9969c284f4e"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
via: 1.1 6f6de2de0e03603ac1b58353376153d3.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: GjjFzwwy_OEMJRJAnPJxPNplAXSzKBIJCf2Jld_6ppWVEBjGYUtBHQ==

GET
H2 200 index-1541527326.html Show response
a.mailmunch.co/forms-cache/514656/698729/ 110 KB
39 KB 8ms
7ms XHR
text/html 2600:9000:211e:7a00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/514656/698729/index-1541527326.html
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b376e678f586163e24c06cd194712c8601722a05b995f14c67db68362d337dfb

Request headers

Referer: https://www.investmentwatchblog.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 08:31:50 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1510716
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 03 Sep 2020 11:51:45 GMT
server: AmazonS3
etag: W/"df269821b46ffc5129956258b4c955ad"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
via: 1.1 6f6de2de0e03603ac1b58353376153d3.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 1o-ZSbF7TNSxRXv0yTQ7yNICKQRne8Q-YAFArxbrwYmHyEThMMXCJA==

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.investmentwatchblog.com/	1970-01-23 07:57:51	Name: advanced_ads_page_impressions Value: 1
www.investmentwatchblog.com/	1970-01-19 17:05:03	Name: advanced_ads_browser_width Value: 1600
.investmentwatchblog.com/	1970-01-19 17:05:03	Name: __cfduid Value: d9aea563781c3d5bfa566d2e6500ab95b1614111013

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.investmentwatchblog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022201.js?31060231(Line 6) Message: [GPT] Cannot find targeting attribute "optimize_refreshed" for "publisher_ads".
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022201.js?31060231(Line 6) Message: [GPT] Cannot find targeting attribute "bsas2srefreshed" for "publisher_ads".
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022201.js?31060231(Line 6) Message: [GPT] Cannot find targeting attribute "optimize_refresh_int" for "/8691100/InvestmentWatchBlog_S2S_FixedFooter_ROS".
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022201.js?31060231(Line 6) Message: [GPT] Cannot find targeting attribute "optimize_inview" for "/8691100/InvestmentWatchBlog_S2S_FixedFooter_ROS".
console-api	log	URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js(Line 41) Message: Initializing model = 97d4d1d-b83b-45e3-8f2e-11f972de5c44
console-api	warning	URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js(Line 18) Message: Initialization of backend webgl failed
console-api	warning	URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js(Line 18) Message: Error: WebGL is not supported on this device at new e (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:287866) at Object.factory (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:340939) at t.initializeBackend (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:38038) at t.initializeBackendsAndReturnBest (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:39477) at t.get [as backend] (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:36077) at t.makeTensor (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:43157) at Un (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:18:79546) at e.apply (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:34:15412) at e.addWeight (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:34:36228) at e.build (https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js:34:152793)
console-api	log	URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js(Line 41) Message: Initializing model complete= 97d4d1d-b83b-45e3-8f2e-11f972de5c44 took = 252
console-api	log	URL: https://dggaenaawxe8z.cloudfront.net/predictive/predictive.js(Line 41) Message: ICPredictiveReadyCallback

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mailmunch.co
acdn.adnxs.com
ad.doubleclick.net
ads.avct.cloud
ads.investingchannel.com
ads.pubmatic.com
ads.servenobid.com
ajax.cloudflare.com
ajax.googleapis.com
ams.creativecdn.com
analytics.mailmunch.co
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
cdn-images.mailchimp.com
cdn4.buysellads.net
cm.g.doubleclick.net
creativecdn.com
cs.emxdgt.com
dggaenaawxe8z.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms.mailmunch.co
g2.gumgum.com
haltinggold.com
ib.adnxs.com
image6.pubmatic.com
jadserve.postrelease.com
lovelydrum.com
match.adsrvr.org
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.33across.com
pr-bh.ybp.yahoo.com
public.servenobid.com
rtb.gumgum.com
s-jsonp.moatads.com
s.ntv.io
s.w.org
secure.adnxs.com
securepubads.g.doubleclick.net
stags.bluekai.com
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg.socdm.com
tpc.googlesyndication.com
uat5.investingchannel.com
us-u.openx.net
use.fontawesome.com
whatfinger-videos.b-cdn.net
www.dianomi.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.investmentwatchblog.com
x.bidswitch.net
z.moatads.com
104.18.22.230
142.250.185.162
142.250.185.198
150.136.25.38
151.101.114.49
172.217.23.98
18.195.155.181
184.30.20.198
184.30.21.162
184.30.24.185
184.30.25.161
185.184.8.30
185.29.132.68
185.64.189.115
192.0.77.48
193.0.160.128
198.148.27.140
202.241.208.53
213.19.147.150
23.111.9.35
23.210.250.13
23.79.152.128
2600:9000:211e:7a00:4:c961:9640:93a1
2606:4700:20::ac43:4a4a
2606:4700::6810:a823
2620:1ec:46::19
2a00:1288:110:c305::8000
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:f48:2000:1023::3
34.195.37.70
34.197.78.225
34.203.143.197
34.226.8.26
34.98.64.218
35.156.223.207
35.190.74.222
35.190.91.111
37.252.172.36
37.252.172.38
51.89.9.254
52.0.219.4
52.17.151.21
52.31.141.56
54.197.13.220
54.76.211.112
54.84.220.80
64.202.112.191
65.9.67.221
65.9.89.93
67.202.110.22
72.251.249.9
94.31.29.32
99.80.71.186
006ed29a949e1e028dd64da98abf6de4953166a7c2aafa1c74e60e985cd9d658
0476fe5917363f988a25df8d92df534a2814341655c47fd9c322f230e22316d3
0491b3121aa5c75913e563edbade5cbcd2900c4921818cba5d001fe044ebc999
0812fe803c08105d9b36d96f6724e779a32906d74e4e0913c5debc0cdfc729f4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e5637ea03cdf817f62591f545db7036cfef91733b0492df8765748e030b6720
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1146493ff21205cb51bd0675c4cc7bcb8d65f2375cb82d48f351f572b44c8dee
1684cb0361909c64a43324d14eb77d57d541390a0511a251ba908af98024cd96
1ba590ee46c5f9269e17ad1222c167fb85ed76fef34248d8a807d4c67f170791
1d6973fc9396cb6d7bfe26d106507e296f216e09a5e3f0cdbe761dc85fe2b344
1db9a2cce2089e37b94713f00181bd7e79fc72b3f5dc67c28a83a462648ec489
1e0e612af1b17240c1c0945e073f6593066cbdac0665a1d1676e61183dde8f3e
1e7a1b22f9ef3ab49a03089b308c59a15a47c03d8ff457ca3ae55fdb764a24a0
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1feca2279a6e78133bf577b99e4f3e82896622c255d29017cec5f5cfa93e4d16
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
26f8d1904bb51602fd4486aa94441729aa501a0d52e6a79d2e1b4bef485ace11
2beb932724510672949c6a553ffb444b12101cec749817ade90c38e64b66cf4f
2fda6d9431c98b7a20a2bab002d5090da8fbd38a903351f5d36f2ee9e769270d
3108ab216f48e2b92b7ca17233d2d4cbbf1136b35b08e06556df4e692cb7194d
323f0b2229d38b81a01d5f9d0353ef8c91ab4fd8f5086403d5a66305a702705f
34a076e639ab3a82f7aabf481baea42f28f323dd18176be527f7a64e8f528ade
35745e481d29541472a57dbdfa870d8dbd47d845924f08ec4090009b9fc495c4
36dc85fa3eead781c7395ca140857860d3f0987365d6913bcef6a72ebef5c0ea
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fd98bfcb6d997a89b00f9d0d03307b2f6289f04d58dfe6fa2c78369bdd72617
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9
4505d8c682a796cf6bf1101374e0fedad0e1b29e6f7d19c0ba7e8e6bead61134
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
48f097fa20655292e0e8fab980a1cbe86f212d8d2e522cddda6e5c1b79377b55
4cb7cf5ec60e45e143b99d699644edfd1eee2ce392f4c9c05ec68da7eb9323a9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e89af5241fa8a39c717849a00a352c742d94035ae097f7b714ca31e826d4966
531914b68c115a8a32d39538248f5c905e0bc44adaa23f06b0a9b00a91e15e9a
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5841eb6d1895c740317d98a4cd9e5aeced865f5c50182647401afc3d303367e1
5b05f62826ac0cd3f71ff282791d22d8c57f8afadea9f3771a8fdc7712b8221c
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
600b305f590e26b3e541ee144b681e02d18a21a8717aa242b1526fe49cbf7a13
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
6353116fbc50156e43739cfdf88ff6bc78a730f00d60dc2439d51061769bc44e
6448e246b89c0b8b044354b947c103c6e5392b147dc9145059e21b0c29532de7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bafafc5e7cd4fd55e59176ec9e62bd3bbefef15762b02804d781f74609e4dd8
6c937330c3e1369e38405cc8fb2ce698787d2029773666fafcb36641e7e96830
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
71fd58c2bd32aa7d0053733d7b70a007edbaa5e446afd0afa3dea57cde220b26
72c0942bde467661251d02a0e8b3d935e3b99a73bdc2467cee2d6505a63749a1
754970eaac11fed3c9d4af1cd0c433507dc6886aa484c4530d17b3d6c73d1b1d
776e70a22f33932845cbb091c963a200d4726dbf863ed2768c49edf721a9dc06
7a4d6b014f162bb7942a749c0e9748442c878c12376a127b5fdd69efe2fadfaf
7b77e3ada963c7cabf2c7fcd33753be6bd71103785324ca5813fbadb5d021b6c
7c5ed260d60e4d9d8528446e01bf0b68448824a68f55099ff34ecd6f3926f305
8066e6a02d21daf5b20fa4828a764f20a44c2a76f5037e3ae70bef53648285bd
836ca5b6844573a26120a4e331623b0f409583d74d544823ca070ceea8c061c2
8a3d4babfc3b383e22367d8d85490d13d6897fabe0c638a95ba58265735930f6
8d78ab2b1f952707d4105e5459a8476debeaaaa453f38c54bbc4c8f61ed3404a
8e3ec228503e6f2c58b8ae75a4fa721143b8059c534cfc6eabcf9727d01cec64
972a6f0dcd21e5ba790542f6775899e5c2e019771309de7d11623dea442ffeae
994ddd57eb0f4ddbe9cf0411bb6ab0090b8fba4cf6392135722024ba6df61f59
9bd80d0cd9724399016838c2141ec1ad07492ff6eb7ed039c206bdd2fc2efd56
9c0ea64fd6dca16776cc9ce5de507292245310f7f4f8e59aabdaa2e5124a9fde
9c88bbf6795ced59fe226716a4b1221bdb548e874e2600e5eba42c35aac8e7fb
9cf70940d7d6c5844d4bfc98566852f08b580bafbc424f26310c31063a0bfced
9ef6679bb7f11889936389faf91151b8d04e8a4b62eb5f824d116459219e3384
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a39985f148a96933130712d6358006af0f9fa94bd9eab708357db07b74051cd6
a3dd164cb3f89e244d280ab9066876d16ae4dc0b6c5a9759f8ca801ddb9f976e
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
aa16a8b01862eddd7eeccb04c7b9487ec2417b7f43cb3a95f46e71ef2e4a902d
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b0eca686b6dc8c27f57ed1b6f196ab7996dc1d937f2fb61f0134a353d821b9f5
b2b4186b796ef0d7650a01500f1f3bd6cbf188901d3f76e2df5fdb7df40ced00
b376e678f586163e24c06cd194712c8601722a05b995f14c67db68362d337dfb
b4ab0c9d469f5fc9747b8f7433e38ebcc71a9bde85103b9ed30606d37bdbc112
b8f1c14c5b866e78f8a733e4b6dc07939ced609e89fee2bf4e5261cd6b5ecb23
ba00c79529243f195c70a6cdfa846c16d05554744d285e8e18a39d64e40ace9e
bc0ce23ecc3d318f2377595ab471c59af454bbb819fe94ae8d812ac9e609600b
c0603b2defc240668b5f489c35c80ffcedaddf2529a7c8a5d3fb298b268c5bdb
c078209e8ed7678935a3ed9e65aacda6cd62d7c585b484f30323d171482e255a
c07c910d95c18bc977c4f7af02eca414faabfed1fd63b9aa4657bf36f8222798
c1213ea319a6f4c009be1d93d05e1e88a49d42cd51a6f9b0d4ae192b82da1414
c39e0948dabf36f77f3ca79a23186e4b2d620c88e4b0a1ef7ee65b1218388685
c62ba31d908a6c8feb2342a0f658e1afd2a4df88208733e8871f893da290aec6
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
c979556e6d59f675264f916e5fe174676eabca2942f2fda0d758d0c3cf46849f
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
ca1216a67102816cf58e31d36133fe1b936e472e8c56a5fcad88ba1c9d2b0b35
cc139bb571ba15adcd2e6f37859679ce715e5de67720f0724595e5b8a6dfe9b5
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d0082fec646f28df426fd728649f7865c08272bda831760ba30e1d8c06b65791
d088dae79b2877b7ca816de6a62fe9ccd5178a409ad88106a75b5792ffdde93d
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d325c0f0224c5715012d6ec9f9272eae60b4636662496b65e7ca4e1490c2f90b
d3a0278ffa6092d6005dc82b2cdf8a737b56c5a76dd5cbef3cbcf4a2d93399ec
d3e1b87aa1cbf0245582eb35ac347ef9b037663b683ec62e4e22ee4c2208195d
d9b0525bae1be3348f09ca6c628c528e2f3b9ab1e2057decb88f673cf4a45a97
d9ce9fbb2e327378cbd641ee1b0fb5d87523c44a9a8f44ce0988b7a5174ed656
dcd8844690dea3a3efc12bbe3cd70ccccf303e011d309b955ec8af4c831e5e1d
e1bf0f793f957d7a8a82b636c8fd8bb9d828db1dc0b701c9e93b69f7ee760e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e92686f2eecf04d1fd1dafae1c2207d49979cd8780c94f3be47d6de420fe3121
ea5cb5c192a3478fe2766d2401fa6bd46a6fe23b9bfc2034d0a54c9fd3088a39
ebcf63dae282a7b1843dd363d8bf012cd9f4801dae83fe8cca067cfd4707157b
efc2e21bf484f4a4aadfa0c9b8f9a7bb0d831ea32d3f2da21aa1d759d21adc58
f0154b0356163d49d8ce700d87dfa7310dc30b8099349b7156f87564678d02d9
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f71e15d7f174e73ec1faab8960cff7cd4c3d6bd29a0f808297093d58391f1a9e
f89eef512442e9d81f72de59a73e3934bd7b2bf767775008912ae71cbbe4c822
fcf0bdccae0b06065bc72d99ca48cad4da67f250a9fe21f433d86f476d94ffee

www.investmentwatchblog.com Open in urlscan Pro 2606:4700:20::ac43:4a4a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

157 Requests

100 %HTTPS

23 %IPv6

49 Domains

63 Subdomains

43 IPs

6 Countries

2845 kBTransfer

8327 kBSize

3 Cookies

7 Outgoing links

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.investmentwatchblog.com Open in urlscan Pro
2606:4700:20::ac43:4a4a Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

100 %
HTTPS

23 %
IPv6

49
Domains

63
Subdomains

43
IPs

6
Countries

2845 kB
Transfer

8327 kB
Size

3
Cookies

157 HTTP transactions
1 data transactions