urlscan.io logo urlscan.io
SecurityTrails logo

hematologistsxoc.com Open in urlscan Pro
157.245.73.198  Public Scan

Go To Rescan Add Verdict Report
URL: https://hematologistsxoc.com/
Submission: On December 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 130 IPs in 12 countries across 131 domains to perform 607 HTTP transactions. The main IP is 157.245.73.198, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is hematologistsxoc.com.
TLS certificate: Issued by R3 on December 23rd 2023. Valid for: 3 months.
This is the only time hematologistsxoc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
99 157.245.73.198 14061 (DIGITALOC...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
3 151.101.3.42 54113 (FASTLY)
28 2600:9000:211... 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2607:f8b0:400... 15169 (GOOGLE)
10 2600:9000:211... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 199.232.192.134 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2600:9000:24f... 16509 (AMAZON-02)
1 13.225.214.107 16509 (AMAZON-02)
3 108.138.107.138 16509 (AMAZON-02)
2 23.56.210.25 16625 (AKAMAI-AS)
2 108.138.128.46 16509 (AMAZON-02)
1 13.35.93.125 16509 (AMAZON-02)
1 18.173.132.67 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 129.80.52.16 31898 (ORACLE-BM...)
4 23.192.50.109 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.85.61.12 16509 (AMAZON-02)
7 52.91.215.149 14618 (AMAZON-AES)
5 7 35.244.154.8 15169 (GOOGLE)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 14 34.231.251.31 14618 (AMAZON-AES)
5 34.225.234.246 14618 (AMAZON-AES)
17 2600:9000:210... 16509 (AMAZON-02)
2 54.165.58.209 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.238.49.125 16509 (AMAZON-02)
1 34.243.27.157 16509 (AMAZON-02)
3 5 2620:116:800b... 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
10 15 141.95.33.120 16276 (OVH)
1 34.230.189.193 14618 (AMAZON-AES)
2 3.237.175.195 14618 (AMAZON-AES)
1 2606:ae80:147... 25751 (VALUECLICK)
15 17 3.33.220.150 16509 (AMAZON-02)
18 26 142.250.80.98 15169 (GOOGLE)
9 10 34.200.65.202 14618 (AMAZON-AES)
2 3 151.101.130.49 54113 (FASTLY)
13 23 68.67.160.114 29990 (ASN-APPNEX)
2 34.95.69.49 396982 (GOOGLE-CL...)
1 2600:9000:21d... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 162.19.138.82 16276 (OVH)
3 34.120.111.33 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 34.254.47.73 16509 (AMAZON-02)
5 63.35.139.80 16509 (AMAZON-02)
3 34.204.24.130 14618 (AMAZON-AES)
2 18.238.47.29 16509 (AMAZON-02)
15 27 69.173.151.100 26667 (RUBICONPR...)
5 18 35.244.159.8 396982 (GOOGLE-CL...)
16 34 8.28.7.83 62713 (AS-PUBMATIC)
14 147.28.129.140 54825 (PACKET)
23 104.18.43.178 13335 (CLOUDFLAR...)
8 10 185.167.164.39 198622 (ADFORM)
2 2607:f350:3:2... 27630 (AS-XFERNET)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 44.214.131.156 14618 (AMAZON-AES)
3 2602:803:c002... 26667 (RUBICONPR...)
2 2620:100:a001... 19750 (AS-CRITEO)
3 52.55.204.172 14618 (AMAZON-AES)
3 208.115.232.150 46475 (LIMESTONE...)
2 104.36.115.111 62713 (AS-PUBMATIC)
3 5 63.251.86.49 32475 (SINGLEHOP...)
1 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 52.0.156.250 14618 (AMAZON-AES)
1 3.213.214.218 14618 (AMAZON-AES)
1 2600:9000:211... 16509 (AMAZON-02)
2 8 52.46.143.56 16509 (AMAZON-02)
1 52.200.139.132 14618 (AMAZON-AES)
1 104.244.42.67 13414 (TWITTER)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
1 2 35.244.193.51 396982 (GOOGLE-CL...)
3 74.119.119.139 19750 (AS-CRITEO)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 13 157.90.211.246 24940 (HETZNER-AS)
2 23.56.162.249 16625 (AKAMAI-AS)
8 23.205.78.81 16625 (AKAMAI-AS)
5 23.56.163.14 16625 (AKAMAI-AS)
3 11 35.71.139.29 16509 (AMAZON-02)
3 3 199.38.167.130 54312 (ROCKETFUEL)
3 9 2607:f350:3:2... 27630 (AS-XFERNET)
6 6 198.148.27.131 19189 (PULSEPOINT)
4 4 52.86.3.95 14618 (AMAZON-AES)
21 21 35.211.178.172 19527 (GOOGLE-2)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 3 18.210.32.32 14618 (AMAZON-AES)
1 13.226.34.99 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 23.21.78.89 14618 (AMAZON-AES)
1 4 8.28.7.81 62713 (AS-PUBMATIC)
3 67.220.228.202 16509 (AMAZON-02)
3 4 2600:1f18:4e9... 14618 (AMAZON-AES)
2 3 54.81.68.127 14618 (AMAZON-AES)
2 3 74.119.119.150 19750 (AS-CRITEO)
11 52.207.45.55 14618 (AMAZON-AES)
1 1 51.255.68.171 16276 (OVH)
4 4 52.3.160.15 14618 (AMAZON-AES)
1 1 124.146.153.167 2514 (INFOSPHER...)
3 3 23.1.200.83 16625 (AKAMAI-AS)
2 2 5.161.181.189 213230 (HETZNER-C...)
1 1 131.153.242.59 19437 (SS-ASH)
2 2 35.227.252.103 15169 (GOOGLE)
1 37.157.5.84 198622 (ADFORM)
14 16 8.28.7.82 62713 (AS-PUBMATIC)
2 5 162.248.18.34 62713 (AS-PUBMATIC)
3 3 104.18.36.155 13335 (CLOUDFLAR...)
1 8.28.7.105 62713 (AS-PUBMATIC)
9 9 54.157.67.219 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 1 23.105.12.173 30633 (LEASEWEB-...)
1 38.91.45.7 398989 (DEEPINTENT)
1 1 52.202.93.78 14618 (AMAZON-AES)
4 4 188.166.17.21 14061 (DIGITALOC...)
4 38 51.222.239.230 16276 (OVH)
2 2 173.231.178.85 32475 (SINGLEHOP...)
4 8 34.111.113.62 396982 (GOOGLE-CL...)
1 40.76.134.238 8075 (MICROSOFT...)
2 2 35.194.66.159 396982 (GOOGLE-CL...)
6 6 2606:ae80:147... 25751 (VALUECLICK)
1 2 38.68.201.140 174 (COGENT-174)
1 35.170.109.62 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
2 2 207.198.113.93 13768 (COGECO-PEER1)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 104.126.119.89 20940 (AKAMAI-ASN1)
1 1 2600:9000:251... 16509 (AMAZON-02)
1 1 2600:9000:26f... 16509 (AMAZON-02)
1 2 18.173.219.12 16509 (AMAZON-02)
5 5 3.211.60.35 14618 (AMAZON-AES)
3 3 23.20.118.237 14618 (AMAZON-AES)
1 1 131.153.172.93 19437 (SS-ASH)
4 4 216.200.232.253 30419 (MEDIAMATH...)
2 2 213.19.162.80 3356 (LEVEL3)
3 5 63.251.28.134 26558 (FREEWHEEL)
2 2 80.77.87.162 46636 (NATCOWEB)
3 3 82.145.213.8 39832 (NO-OPERA)
2 2 23.83.76.84 395954 (LEASEWEB-...)
2 2 172.240.127.129 7979 (SERVERS-COM)
17 44.206.144.68 14618 (AMAZON-AES)
1 1 23.205.76.21 16625 (AKAMAI-AS)
2 2 67.202.105.23 32748 (STEADFAST)
1 1 23.83.76.100 395954 (LEASEWEB-...)
2 2 35.214.242.163 15169 (GOOGLE)
6 6 69.194.240.13 26120 (RHYTHMONE)
2 2 34.206.181.88 14618 (AMAZON-AES)
2 2 52.45.50.84 14618 (AMAZON-AES)
2 3.227.250.254 14618 (AMAZON-AES)
1 104.126.112.185 16625 (AKAMAI-AS)
1 1 15.235.42.104 16276 (OVH)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 52.54.58.184 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 172.105.235.90 63949 (AKAMAI-LI...)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 23.88.86.2 24940 (HETZNER-AS)
2 2 23.73.245.216 16625 (AKAMAI-AS)
1 2 50.19.110.14 14618 (AMAZON-AES)
1 52.1.240.135 14618 (AMAZON-AES)
1 52.4.146.202 14618 (AMAZON-AES)
1 18.238.55.58 16509 (AMAZON-02)
2 2 54.235.170.236 ()
1 2600:1f18:ed:... ()
607 130
99    157.245.73.198 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
hematologistsxoc.com
1    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    151.101.3.42 (United States)

ASN54113 (FASTLY, US)
hb.vntsm.com
28    2600:9000:211c:b600:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.intergient.com
3    2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
7    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
10    2600:9000:211c:fa00:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.intergi.com
1    2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
psudisqus.disqus.com
2    2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:10::ac43:2483 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
3    2600:9000:24f0:bc00:1a:1459:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
config.playwire.com
1    13.225.214.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-107.ewr50.r.cloudfront.net
impression-inferences-edge-prod.playwire.com
3    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
2    23.56.210.25 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-210-25.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    13.35.93.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-125.jfk50.r.cloudfront.net
ats.rlcdn.com
1    18.173.132.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-67.jfk52.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    129.80.52.16 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
4    23.192.50.109 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-50-109.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    52.85.61.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-12.ewr53.r.cloudfront.net
geo.privacymanager.io
7    52.91.215.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-91-215-149.compute-1.amazonaws.com
carbon-cdn.ccgateway.net
script-api.ccgateway.net
tag-api-2-1.ccgateway.net
7    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
14    34.231.251.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-251-31.compute-1.amazonaws.com
ps.eyeota.net
5    34.225.234.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-234-246.compute-1.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
17    2600:9000:210b:9000:13:7c50:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.playwire.com
2    54.165.58.209 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-58-209.compute-1.amazonaws.com
fingerprinter-production.herokuapp.com
1    2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
1    18.238.49.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-125.jfk52.r.cloudfront.net
cdn.exelator.com
1    34.243.27.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-27-157.eu-west-1.compute.amazonaws.com
p.cpx.to
5    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
3    2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
15    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
1    34.230.189.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-189-193.compute-1.amazonaws.com
fid.agkn.com
2    3.237.175.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-237-175-195.compute-1.amazonaws.com
pogo.ccgateway.net
privacy-location-edge.ccgateway.net
1    2606:ae80:1471:17::1140 (United States)

ASN25751 (VALUECLICK, US)
proc.ad.cpe.dotomi.com
17    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
26    142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
cm.g.doubleclick.net
10    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
23    68.67.160.114 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    2600:9000:21dd:e400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)
4a62df8e5e0b2c9e3e33684ec34aacad.safeframe.googlesyndication.com
3    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
3    34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com
cdn.edkt.io
api.edkt.io
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    34.254.47.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-47-73.eu-west-1.compute.amazonaws.com
track.venatusmedia.com
5    63.35.139.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-139-80.eu-west-1.compute.amazonaws.com
s.cpx.to
3    34.204.24.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-24-130.compute-1.amazonaws.com
pre.ads.justpremium.com
match.justpremium.com
2    18.238.47.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-47-29.jfk52.r.cloudfront.net
aax.amazon-adsystem.com
27    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
18    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
venatusmedia-d.openx.net
us-u.openx.net
eu-u.openx.net
34    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
14    147.28.129.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
23    104.18.43.178 (None, )

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
10    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
adx2.adform.net
c1.adform.net
dmp.adform.net
2    2607:f350:3:2569:0:10:0:200a (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
2    2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    44.214.131.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-131-156.compute-1.amazonaws.com
tlx.3lift.com
3    2602:803:c002:200::113 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
3    52.55.204.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-204-172.compute-1.amazonaws.com
btlr.sharethrough.com
3    208.115.232.150 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 150-232-115-208.static.reverse.lstn.net
shb.richaudience.com
2    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    63.251.86.49 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
ce.lijit.com
1    2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
10    2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
mydmp.exelator.com
1    3.213.214.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-214-218.compute-1.amazonaws.com
onsite-tag-logs.apps.nielsen.com
1    2600:9000:211c:5a00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
8    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    52.200.139.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-139-132.compute-1.amazonaws.com
nmcsync.imrworldwide.com
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
13    157.90.211.246 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de
sync.richaudience.com
2    23.56.162.249 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-249.deploy.static.akamaitechnologies.com
acdn.adnxs.com
8    23.205.78.81 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-78-81.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    23.56.163.14 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-14.deploy.static.akamaitechnologies.com
ads.pubmatic.com
11    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
3    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
9    2607:f350:3:2569:0:10:0:200c (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
6    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    52.86.3.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-3-95.compute-1.amazonaws.com
sync.srv.stackadapt.com
21    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    18.210.32.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-32-32.compute-1.amazonaws.com
dpm.demdex.net
1    13.226.34.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-99.ewr53.r.cloudfront.net
api.intentiq.com
3    2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
2    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    23.21.78.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-78-89.compute-1.amazonaws.com
rtb.gumgum.com
4    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    67.220.228.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    2600:1f18:4e9:5a05:d869:2cda:ed4:54bd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    54.81.68.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-68-127.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
11    52.207.45.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-45-55.compute-1.amazonaws.com
usersync.gumgum.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
4    52.3.160.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-160-15.compute-1.amazonaws.com
sync.ipredictive.com
1    124.146.153.167 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    23.1.200.83 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    5.161.181.189 (Ashburn, United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.189.181.161.5.clients.your-server.de
sync-dmp.mobtrakk.com
1    131.153.242.59 (United States)

ASN19437 (SS-ASH, US)
id.a-mx.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
16    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
5    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
1    8.28.7.105 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
9    54.157.67.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-67-219.compute-1.amazonaws.com
match.prod.bidr.io
1    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    23.105.12.173 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    52.202.93.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-93-78.compute-1.amazonaws.com
rtb.adstanding.com
4    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
38    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
2    173.231.178.85 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
8    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
2    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
6    2606:ae80:1471:1b::1690 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
prebid-match.dotomi.com
2    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
1    35.170.109.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-109-62.compute-1.amazonaws.com
rtb.adentifi.com
1    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    207.198.113.93 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    104.126.119.89 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-119-89.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    2600:9000:2512:7200:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:9000:26fa:3e00:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
2    18.173.219.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-12.jfk52.r.cloudfront.net
syncv4.intentiq.com
5    3.211.60.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-60-35.compute-1.amazonaws.com
ad.360yield.com
ice.360yield.com
3    23.20.118.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-118-237.compute-1.amazonaws.com
match.sharethrough.com
1    131.153.172.93 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
4    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    213.19.162.80 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
5    63.251.28.134 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    23.83.76.84 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync-global.smartadserver.com
2    172.240.127.129 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
17    44.206.144.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-144-68.compute-1.amazonaws.com
pbs-cs.yellowblue.io
cs.yellowblue.io
1    23.205.76.21 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-76-21.deploy.static.akamaitechnologies.com
contextual.media.net
2    67.202.105.23 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    23.83.76.100 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync.smartadserver.com
2    35.214.242.163 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 163.242.214.35.bc.googleusercontent.com
csync.loopme.me
6    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    34.206.181.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-181-88.compute-1.amazonaws.com
ads.yieldmo.com
2    52.45.50.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-50-84.compute-1.amazonaws.com
ads.creative-serving.com
2    3.227.250.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-250-254.compute-1.amazonaws.com
kinesis.us-east-1.amazonaws.com
1    104.126.112.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    15.235.42.104 (Terrebonne, Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-003.roqad.pl
ws.rqtrk.eu
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    52.54.58.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-58-184.compute-1.amazonaws.com
pm.w55c.net
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    172.105.235.90 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1889-90.members.linode.com
gocm.c.appier.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
2    23.73.245.216 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-245-216.deploy.static.akamaitechnologies.com
px.owneriq.net
2    50.19.110.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-110-14.compute-1.amazonaws.com
thrtle.com
1    52.1.240.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-240-135.compute-1.amazonaws.com
crb.kargo.com
1    52.4.146.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-146-202.compute-1.amazonaws.com
sync.bfmio.com
1    18.238.55.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-58.jfk52.r.cloudfront.net
synchroscript.deliveryengine.adswizz.com
2    54.235.170.236 (None, )

ASN- ()
i.liadm.com
1    2600:1f18:ed:550f:d95e:cc8b:3e6d:5498 (None, )

ASN- ()
i6.liadm.com
Apex Domain
Subdomains		 Transfer
99 hematologistsxoc.com
hematologistsxoc.com
4 MB
67 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 859
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
image8.pubmatic.com — Cisco Umbrella Rank: 661
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image4.pubmatic.com — Cisco Umbrella Rank: 1224
ow.pubmatic.com — Cisco Umbrella Rank: 1688
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
63 KB
44 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2134
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
82 KB
38 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
16 KB
35 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
172 KB
28 intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 5443
276 KB
25 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
acdn.adnxs.com — Cisco Umbrella Rank: 610
51 KB
23 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 4765
39 KB
21 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
10 KB
21 playwire.com
config.playwire.com — Cisco Umbrella Rank: 5715
impression-inferences-edge-prod.playwire.com — Cisco Umbrella Rank: 8708
cdn.playwire.com — Cisco Umbrella Rank: 10296
236 KB
20 openx.net
u.openx.net — Cisco Umbrella Rank: 672
venatusmedia-d.openx.net — Cisco Umbrella Rank: 34621
us-u.openx.net — Cisco Umbrella Rank: 491
eu-u.openx.net — Cisco Umbrella Rank: 2473
rtb.openx.net — Cisco Umbrella Rank: 695
4 KB
17 yellowblue.io
pbs-cs.yellowblue.io — Cisco Umbrella Rank: 5403
cs.yellowblue.io — Cisco Umbrella Rank: 1547
8 KB
17 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
assets.a-mo.net — Cisco Umbrella Rank: 1553
18 KB
17 googlesyndication.com
4a62df8e5e0b2c9e3e33684ec34aacad.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 Failed
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
265 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
7 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
86 KB
16 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4065
sync.richaudience.com — Cisco Umbrella Rank: 1727
7 KB
16 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
52 KB
14 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1472
usersync.gumgum.com — Cisco Umbrella Rank: 1858
4 KB
14 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1240
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
5 KB
14 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 981
10 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 776
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
dis.criteo.com — Cisco Umbrella Rank: 550
11 KB
12 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
eb2.3lift.com — Cisco Umbrella Rank: 372
6 KB
11 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2225
sync.go.sonobi.com — Cisco Umbrella Rank: 951
10 KB
11 adform.net
adx2.adform.net — Cisco Umbrella Rank: 13773
c1.adform.net — Cisco Umbrella Rank: 560
cm.adform.net — Cisco Umbrella Rank: 1211
dmp.adform.net
6 KB
10 intergi.com
cdn.intergi.com — Cisco Umbrella Rank: 5509
190 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
5 KB
9 ccgateway.net
carbon-cdn.ccgateway.net — Cisco Umbrella Rank: 12014
pogo.ccgateway.net — Cisco Umbrella Rank: 13307
script-api.ccgateway.net — Cisco Umbrella Rank: 12385
privacy-location-edge.ccgateway.net — Cisco Umbrella Rank: 12402
tag-api-2-1.ccgateway.net — Cisco Umbrella Rank: 12636
22 KB
8 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
2 KB
8 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 4480
idsync.rlcdn.com — Cisco Umbrella Rank: 408
api.rlcdn.com Failed
38 KB
7 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2813
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2850
prebid-match.dotomi.com — Cisco Umbrella Rank: 1982
2 KB
7 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
id.crwdcntrl.net — Cisco Umbrella Rank: 2417
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
26 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
5 KB
6 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1054
match.sharethrough.com — Cisco Umbrella Rank: 495
888 B
6 cpx.to
p.cpx.to — Cisco Umbrella Rank: 10397
s.cpx.to — Cisco Umbrella Rank: 7982
6 KB
5 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
3 KB
5 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 666
ice.360yield.com — Cisco Umbrella Rank: 1817
2 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
ce.lijit.com — Cisco Umbrella Rank: 835
3 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1276
pixel.quantserve.com — Cisco Umbrella Rank: 1011
cms.quantserve.com — Cisco Umbrella Rank: 749
11 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1031
2 KB
4 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1901
2 KB
4 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
1 KB
4 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
2 KB
4 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1419
sync.intentiq.com — Cisco Umbrella Rank: 846
syncv4.intentiq.com — Cisco Umbrella Rank: 16713
3 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
3 KB
4 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1596
ssc-cms.33across.com — Cisco Umbrella Rank: 904
2 KB
4 venatusmedia.com
track.venatusmedia.com — Cisco Umbrella Rank: 26266
669 B
4 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
mp.4dex.io — Cisco Umbrella Rank: 2346
25 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
1 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042
106 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
494 KB
3 liadm.com
i.liadm.com
i6.liadm.com
2 KB
3 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
2 KB
3 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1351
2 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1370
1 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
2 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
2 KB
3 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 9457
match.justpremium.com — Cisco Umbrella Rank: 4107
6 KB
3 edkt.io
cdn.edkt.io — Cisco Umbrella Rank: 20089
api.edkt.io
8 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
838 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
899 B
3 exelator.com
cdn.exelator.com — Cisco Umbrella Rank: 24123
mydmp.exelator.com — Cisco Umbrella Rank: 18359
11 KB
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 653
mb.moatads.com — Cisco Umbrella Rank: 766
px.moatads.com — Cisco Umbrella Rank: 594
44 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
ssl.google-analytics.com — Cisco Umbrella Rank: 587
17 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3986
29 KB
3 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 27884
304 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
240 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1289
684 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1523
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 amazonaws.com
kinesis.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1312
804 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4323
1 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
987 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
465 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1601
2 KB
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1022
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
58 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
938 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4174
967 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
1011 B
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2647
556 B
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
14 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
883 B
2 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1795
nmcsync.imrworldwide.com — Cisco Umbrella Rank: 7855
1 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1053
104 B
2 herokuapp.com
fingerprinter-production.herokuapp.com — Cisco Umbrella Rank: 7141
2 KB
2 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 32882
959 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2348
202 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1556
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 910
359 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5650
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5215
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
360 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2197
438 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1209
674 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3427
343 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 638
468 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 665
593 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3279
616 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
556 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
650 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
518 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1014
35 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 3298
1 adstanding.com
rtb.adstanding.com — Cisco Umbrella Rank: 6886
358 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 925
339 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1781
4 KB
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 1702
539 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
827 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3181
582 B
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1673
342 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 713
393 B
1 nielsen.com
onsite-tag-logs.apps.nielsen.com — Cisco Umbrella Rank: 17499
264 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1296
1 KB
1 agkn.com
fid.agkn.com — Cisco Umbrella Rank: 2826
668 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1814
45 KB
1 pippio.com
pippio.com — Cisco Umbrella Rank: 777
633 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2070
609 B
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1018
916 B
1 disqus.com
psudisqus.disqus.com
2 KB
1 gstatic.com
fonts.gstatic.com
csi.gstatic.com Failed
13 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
33 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 mdhv.io Failed
jelly.mdhv.io Failed
0 servenobid.com Failed
ads.servenobid.com — Cisco Umbrella Rank: 2371 Failed
0 2mdn.net Failed
s0.2mdn.net Failed
607 131
Domain Requested by
99 hematologistsxoc.com hematologistsxoc.com
38 onetag-sys.com 4 redirects ads.pubmatic.com
sync.richaudience.com
onetag-sys.com
pbs-cs.yellowblue.io
28 cdn.intergient.com hematologistsxoc.com
cdn.intergient.com
26 cm.g.doubleclick.net 18 redirects us-u.openx.net
eb2.3lift.com
rtb.gumgum.com
onetag-sys.com
23 simage2.pubmatic.com 9 redirects ads.pubmatic.com
23 elb.the-ozone-project.com hb.vntsm.com
cadmus.script.ac
elb.the-ozone-project.com
pbs-cs.yellowblue.io
ads.stickyadstv.com
ads.pubmatic.com
21 x.bidswitch.net 21 redirects
21 ib.adnxs.com 11 redirects cadmus.script.ac
hb.vntsm.com
acdn.adnxs.com
eb2.3lift.com
17 pixel.rubiconproject.com 9 redirects hematologistsxoc.com
onetag-sys.com
17 match.adsrvr.org 15 redirects cadmus.script.ac
hb.vntsm.com
17 cdn.playwire.com cdn.intergient.com
cdn.playwire.com
cadmus.script.ac
16 cs.yellowblue.io pbs-cs.yellowblue.io
onetag-sys.com
16 image8.pubmatic.com 14 redirects ads.pubmatic.com
15 id5-sync.com 10 redirects hb.vntsm.com
14 prebid.a-mo.net hb.vntsm.com
cadmus.script.ac
ads.pubmatic.com
14 ps.eyeota.net 1 redirects hematologistsxoc.com
cadmus.script.ac
13 sync.richaudience.com 3 redirects cadmus.script.ac
sync.richaudience.com
onetag-sys.com
12 us-u.openx.net 3 redirects cadmus.script.ac
us-u.openx.net
11 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
11 eb2.3lift.com 3 redirects cadmus.script.ac
eb2.3lift.com
ads.pubmatic.com
11 image2.pubmatic.com 7 redirects ads.pubmatic.com
10 token.rubiconproject.com 6 redirects eus.rubiconproject.com
10 pagead2.googlesyndication.com imasdk.googleapis.com
cadmus.script.ac
hematologistsxoc.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
hb.vntsm.com
10 cdn.intergi.com cdn.intergient.com
cdn.intergi.com
9 match.prod.bidr.io 9 redirects
9 sync.go.sonobi.com 3 redirects
9 ups.analytics.yahoo.com 8 redirects assets.a-mo.net
8 pixel.tapad.com 4 redirects ads.pubmatic.com
8 eus.rubiconproject.com cadmus.script.ac
eus.rubiconproject.com
assets.a-mo.net
sync.richaudience.com
pbs-cs.yellowblue.io
8 s.amazon-adsystem.com 2 redirects ads.pubmatic.com
onetag-sys.com
7 c1.adform.net 7 redirects
7 idsync.rlcdn.com 5 redirects
7 securepubads.g.doubleclick.net cdn.intergient.com
securepubads.g.doubleclick.net
cadmus.script.ac
hb.vntsm.com
imasdk.googleapis.com
6 bh.contextweb.com 6 redirects
6 tpc.googlesyndication.com hematologistsxoc.com
cadmus.script.ac
5 ads.stickyadstv.com 3 redirects elb.the-ozone-project.com
5 ads.pubmatic.com cadmus.script.ac
elb.the-ozone-project.com
rtb.gumgum.com
ads.pubmatic.com
5 s.cpx.to cadmus.script.ac
hematologistsxoc.com
5 script-api.ccgateway.net carbon-cdn.ccgateway.net
cadmus.script.ac
4 sync.1rx.io 4 redirects
4 prebid-match.dotomi.com 4 redirects
4 sync.mathtag.com 4 redirects
4 ad.360yield.com 4 redirects
4 match.adsby.bidtheatre.com 4 redirects
4 sync.ipredictive.com 4 redirects
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 sync.srv.stackadapt.com 4 redirects
4 gum.criteo.com 2 redirects cadmus.script.ac
4 track.venatusmedia.com hb.vntsm.com
4 px.ads.linkedin.com 1 redirects hematologistsxoc.com
eb2.3lift.com
4 secure.cdn.fastclick.net hematologistsxoc.com
secure.cdn.fastclick.net
cadmus.script.ac
3 t.adx.opera.com 3 redirects
3 match.sharethrough.com 3 redirects
3 ssum.casalemedia.com 3 redirects
3 image4.pubmatic.com 2 redirects ads.pubmatic.com
3 secure-assets.rubiconproject.com 3 redirects
3 dis.criteo.com 2 redirects eb2.3lift.com
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 aax-eu.amazon-adsystem.com us-u.openx.net
3 cms.quantserve.com 3 redirects
3 rtb.gumgum.com 2 redirects pre.ads.justpremium.com
3 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
3 dpm.demdex.net 2 redirects
3 p.rfihub.com 3 redirects
3 mug.criteo.com
3 ap.lijit.com 2 redirects hb.vntsm.com
3 shb.richaudience.com hb.vntsm.com
3 btlr.sharethrough.com hb.vntsm.com
3 fastlane.rubiconproject.com hb.vntsm.com
3 lb.eu-1-id5-sync.com hb.vntsm.com
cadmus.script.ac
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 imasdk.googleapis.com cdn.intergi.com
cdn.playwire.com
imasdk.googleapis.com
3 bcp.crwdcntrl.net tags.crwdcntrl.net
3 c.amazon-adsystem.com cdn.intergient.com
c.amazon-adsystem.com
3 config.playwire.com cdn.intergient.com
hb.vntsm.com
3 static.addtoany.com hematologistsxoc.com
static.addtoany.com
3 hb.vntsm.com hematologistsxoc.com
hb.vntsm.com
cadmus.script.ac
3 www.googletagmanager.com hematologistsxoc.com
www.googletagmanager.com
2 api.edkt.io cadmus.script.ac
2 i.liadm.com 2 redirects
2 thrtle.com 1 redirects
2 px.owneriq.net 2 redirects
2 pm.w55c.net 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 kinesis.us-east-1.amazonaws.com hb.vntsm.com
2 ads.creative-serving.com 2 redirects
2 ads.yieldmo.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 csync.loopme.me 2 redirects
2 ssc-cms.33across.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 ssbsync-global.smartadserver.com 2 redirects
2 cs.admanmedia.com 2 redirects
2 pixel-eu.rubiconproject.com 2 redirects
2 ce.lijit.com 1 redirects
2 syncv4.intentiq.com 1 redirects
2 static.criteo.net cadmus.script.ac
hb.vntsm.com
2 pixel-sync.sitescout.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 cm.adgrx.com 2 redirects
2 rtb.openx.net 2 redirects
2 sync-dmp.mobtrakk.com 2 redirects
2 eu-u.openx.net us-u.openx.net
2 static.cloudflareinsights.com elb.the-ozone-project.com
2 creativecdn.com 2 redirects
2 acdn.adnxs.com cadmus.script.ac
2 lexicon.33across.com 1 redirects
2 mydmp.exelator.com 1 redirects
2 www.google.com hematologistsxoc.com
cadmus.script.ac
2 googleads.g.doubleclick.net hematologistsxoc.com
2 venatusmedia-d.openx.net hb.vntsm.com
2 hbopenbid.pubmatic.com hb.vntsm.com
2 bidder.criteo.com hb.vntsm.com
2 mp.4dex.io hb.vntsm.com
2 apex.go.sonobi.com hb.vntsm.com
2 adx2.adform.net hb.vntsm.com
2 secure.adnxs.com 2 redirects
2 u.openx.net 2 redirects
2 aax.amazon-adsystem.com hb.vntsm.com
2 pre.ads.justpremium.com hb.vntsm.com
cadmus.script.ac
2 script.4dex.io cadmus.script.ac
2 i.clean.gg hb.vntsm.com
2 fingerprinter-production.herokuapp.com cdn.intergient.com
hb.vntsm.com
2 tags.crwdcntrl.net cdn.intergient.com
hematologistsxoc.com
2 hb.vntsm.io hb.vntsm.com
2 www.google-analytics.com www.googletagmanager.com
1 i6.liadm.com
1 dmp.adform.net 1 redirects
1 synchroscript.deliveryengine.adswizz.com
1 sync.bfmio.com
1 crb.kargo.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 ums.acuityplatform.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 sync.crwdcntrl.net
1 tags.bluekai.com
1 ssbsync.smartadserver.com 1 redirects
1 contextual.media.net 1 redirects
1 pbs-cs.yellowblue.io elb.the-ozone-project.com
1 ice.360yield.com 1 redirects
1 server.cpmstar.com 1 redirects
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 hb.yahoo.net
1 ad.turn.com 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 us01.z.antigena.com ads.pubmatic.com
1 rtb.adstanding.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 ow.pubmatic.com
1 cm.adform.net
1 id.a-mx.com 1 redirects
1 tg.socdm.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 match.justpremium.com pre.ads.justpremium.com
1 api.intentiq.com
1 id.hadron.ad.gt hb.vntsm.com
1 analytics.twitter.com
1 nmcsync.imrworldwide.com
1 secure-gl.imrworldwide.com
1 onsite-tag-logs.apps.nielsen.com cdn.exelator.com
1 ssl.google-analytics.com cadmus.script.ac
1 tlx.3lift.com hb.vntsm.com
1 tag-api-2-1.ccgateway.net hematologistsxoc.com
1 privacy-location-edge.ccgateway.net hb.vntsm.com
1 pixel.quantserve.com hematologistsxoc.com
1 cdn.edkt.io cadmus.script.ac
1 4a62df8e5e0b2c9e3e33684ec34aacad.safeframe.googlesyndication.com cadmus.script.ac
1 px.moatads.com hematologistsxoc.com
1 rules.quantcount.com cadmus.script.ac
1 cms.analytics.yahoo.com 1 redirects
1 proc.ad.cpe.dotomi.com hb.vntsm.com
1 pogo.ccgateway.net hb.vntsm.com
1 fid.agkn.com hb.vntsm.com
1 id.crwdcntrl.net hb.vntsm.com
1 secure.quantserve.com hb.vntsm.com
1 p.cpx.to hb.vntsm.com
1 cdn.exelator.com hb.vntsm.com
1 cadmus.script.ac hb.vntsm.com
1 pippio.com 1 redirects
1 carbon-cdn.ccgateway.net hematologistsxoc.com
1 geo.privacymanager.io ats.rlcdn.com
1 cdn.id5-sync.com hematologistsxoc.com
1 mb.moatads.com z.moatads.com
1 ad-delivery.net hb.vntsm.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 ats.rlcdn.com hb.vntsm.com
1 z.moatads.com cdn.intergient.com
1 impression-inferences-edge-prod.playwire.com cdn.intergient.com
1 psudisqus.disqus.com hematologistsxoc.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com hematologistsxoc.com
1 fonts.googleapis.com hematologistsxoc.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 jelly.mdhv.io Failed ads.stickyadstv.com
0 ads.servenobid.com Failed elb.the-ozone-project.com
0 api.rlcdn.com Failed hb.vntsm.com
0 csi.gstatic.com Failed imasdk.googleapis.com
0 s0.2mdn.net Failed imasdk.googleapis.com
607 210

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
hematologistsxoc.com
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-10 -
2024-04-08		 a year crt.sh
cdn.intergient.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
static.addtoany.com
E1		 2023-10-29 -
2024-01-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cdn.intergi.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-13 -
2024-04-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-07 -
2024-08-06		 a year crt.sh
*.playwire.com
Amazon RSA 2048 M02		 2023-02-11 -
2024-03-11		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
ccgateway.net
R3		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.herokuapp.com
Amazon RSA 2048 M02		 2023-04-02 -
2024-04-30		 a year crt.sh
script.ac
E1		 2023-10-31 -
2024-01-29		 3 months crt.sh
cdn.exelator.com
Amazon RSA 2048 M02		 2023-10-09 -
2024-11-04		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-13		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2023-11-14 -
2024-02-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
api.edkt.io
GTS CA 1D4		 2023-11-25 -
2024-02-23		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.venatusmedia.com
Amazon RSA 2048 M02		 2023-01-24 -
2024-02-22		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-17		 a year crt.sh
tracking.justpremium.com
Amazon RSA 2048 M01		 2023-01-26 -
2024-02-24		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
the-ozone-project.com
E1		 2023-10-26 -
2024-01-24		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-08-02 -
2024-08-13		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
onsite-tag-logs.apps.nielsen.com
Amazon RSA 2048 M01		 2023-04-09 -
2024-05-07		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-09		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh
kinesis.us-east-1.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-07-04 -
2024-08-01		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh

This page contains 83 frames:

Primary Page: https://hematologistsxoc.com/
Frame ID: 180FD278AE60D706682F2D6E664242AF
Requests: 304 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 3F129EAE3B9927ADA69A799E1900F881
Requests: 1 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.10.29/iframe/iframe.html
Frame ID: BC21BBA51EC15092E0C31F2807E864FA
Requests: 2 HTTP requests in this frame

Frame: https://hematologistsxoc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: 70733EB25B80F3E0494265EBA0C8B35D
Requests: 1 HTTP requests in this frame

Frame: https://4a62df8e5e0b2c9e3e33684ec34aacad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4E7271B395BA54ABB8B8DBFBD6753878
Requests: 1 HTTP requests in this frame

Frame: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
Frame ID: D4BD386920493FB179EEEAF434A66116
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Frame ID: 28AD10318680E3BD6AAD28E2DE9C5C36
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A9BC0AF7181709EEF524B8780EF8CAFB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 985F0EBE1C34B419B0B831E5CDAD7CCC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 14F1E837E3F250119A8E7A3CEB6F2215
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4379891692491416&output=html&h=90&slotname=8254753489&adk=1066506388&adf=3279755401&pi=t.ma~as.8254753489&w=728&lmt=1703386951&format=728x90&url=https%3A%2F%2Fhematologistsxoc.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703386951445&bpp=5&bdt=514&idt=160&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&cookie=ID%3D1a254c9e649bf350%3AT%3D1703386949%3ART%3D1703386949%3AS%3DALNI_Mbc35GkgNZEzLV0buttwB5FxCL-zg&gpic=UID%3D00000a048a46ede6%3AT%3D1703386949%3ART%3D1703386949%3AS%3DALNI_MZrd3UoYS-ZO4U3dU1IUPysDe6hTQ&correlator=310160980786&frm=21&ife=1&pv=2&ga_vid=1681994010.1703386948&ga_sid=1703386952&ga_hid=12896758&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1515&ady=59&biw=1600&bih=1200&isw=970&ish=250&ifk=3580895807&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320885&oid=2&pvsid=1809756970991620&tmod=1646918576&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1028&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u5adp1fnuyqd&fsb=1&dtd=175
Frame ID: 19DEC48DD5E1FBC75A7609ABA4E15D79
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA77664E4327E41E2617E5B649C4B577
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5E22683E4BEA14339265DA54D09A9DA
Requests: 2 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: 2C26334E1FDDFB156062EBF2A1B3EECF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 507CE958B30FA372DCAF574F77145D18
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2F561AA2D9A6A161AE508D949F30C735
Requests: 2 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5168118996&rd=1
Frame ID: F6B0B0D17D0BFD2B51F683F31DBFB264
Requests: 5 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4518969610&rd=1
Frame ID: 7695E7863FC0E7EE26582A0BA36F9074
Requests: 3 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a9o7031703386950056
Frame ID: DD21CEBD689DEDFF2BDB26BB5379061C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6D73211E7E09BD560EBA317B8AEF9ED4
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Frame ID: B02111C4E8DFF4946573A0880534901B
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A3F0590621A955A45B887A8AB32D8FB2
Requests: 3 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950674&bidder=ozone
Frame ID: 55D9A7DAD96B57BFCA029779AC555564
Requests: 8 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=Cs8BShRoZW1hdG9sb2dpc3RzeG9jLmNvbVILYWFzLTllMWI4MzBaCHBiYTEuMy4yahRoZW1hdG9sb2dpc3RzeG9jLmNvbfoBBjcuMzUuMOgCAYgDxr6erAaoA1rqAyRmYzQ5YzRkYy05OWY0LTQxNDMtOGM2Zi0xNGQ3Y2U0ZTQ1MDOqBANEQ0iyBQNVU0TSBQkxMDUxOTkzNTjYBQDgBQDqBQdkZXNrdG9w-gUEZGMxM6oHA3dlYsoHFGhlbWF0b2xvZ2lzdHN4b2MuY29t4AcB
Frame ID: 16CEFE8CC4D7835A5D945231CC1C245A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8740F81D0131318E5E59354EEA4E862E
Requests: 19 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=Cs8BShRoZW1hdG9sb2dpc3RzeG9jLmNvbVILYWFzLTllMWI4MzBaCHBiYTEuMy4yahRoZW1hdG9sb2dpc3RzeG9jLmNvbfoBBjcuMzUuMOgCAYgDxr6erAaoA1rqAyQ1ZWRjMzRhOS1kNDMwLTQwMmEtOTJjMC00Mjc1Y2MwNTgxNGWqBANEQ0iyBQNVU0TSBQkxMDUxOTkzNTjYBQDgBQDqBQdkZXNrdG9w-gUEZGMxM6oHA3dlYsoHFGhlbWF0b2xvZ2lzdHN4b2MuY29t4AcB
Frame ID: 43B064C0218F030F28CBDA4BFAF1E38F
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: FA427771D5739D868433CF2157AF9878
Requests: 24 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: EDA54CBA938650B934F42A5EA9A8F8E8
Requests: 7 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Frame ID: 2BE6212A570E841220A02328DFC25E88
Requests: 9 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: B2A7ACA44635F36FA89F9502BA5C549C
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Frame ID: 9C52DC15296F94E07EDAEEBA24578F6A
Requests: 7 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Frame ID: 217CD6366A14359AEA8E8F91501587D3
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: 00B96AFC933035C5599F7DC034145018
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=6834136095838192859&gdpr=0&gdpr_consent=
Frame ID: F38079A173E6DEB559F723DC50EBC6AA
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80ZmY3YWJlYi1mYTM0LTQ0OWMtODI5ZC03YjZhNjE0OWIxOGQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: D1DE512E5F6B225F3561BA03C8DF4725
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 7B6CA1E9A781FA29349D660C61B2E3ED
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=60b38027-9256-4e4c-9c17-a4e547150eb1
Frame ID: D22370074D0EF1267D638F6E2B0A8942
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZYefScCo8YMAAAVjPmYAAAAA
Frame ID: 766FE6573EECCB70A6E5B3D6E263517E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Frame ID: 1A6B1A39AC1522174936224012EFCC12
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=DF95D64B-0F5A-4194-9DAD-94E25614560D&redir=true&gdpr=0&gdpr_consent=
Frame ID: 655A5375A71E95BEE6169A06435AA6E2
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 9E1551B0A318E17851067F0513EE8F1E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1168756271806296904&gdpr=0&gdpr_consent=
Frame ID: 25D63A02A22FF5BB2313E919C87207E5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 5E282B3D043539CFAEB424137531DAB3
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 1904257847F388FBF8152F59E6BAC01A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: ED18105AEA7D3C48F1830B1CF55E9605
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Frame ID: 9EB0DD5CF0B50465AC1D5B4CB128EC69
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e278fba4-a208-11ee-ae5d-8536e7367e78
Frame ID: EA02E83D2F78B471F0B57826AD738852
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/getsync?jp=5&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
Frame ID: 766D2CB5929A0E0E6B35D61F255DBF16
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Frame ID: 653221FEC6A14160766B064A9CD2F7C7
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Frame ID: C4615F5FA5D22D91F66C874785CA8364
Requests: 19 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hematologistsxoc.com
Frame ID: 78C1FC7FE4D72FC04A24DDDAC14F79A1
Requests: 2 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Frame ID: 746EFFBC1F68E04713532D94D2549EA0
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: E201E60531CC7631C146C87EDAE78726
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: CAFE60FD173235AE70CA278C34B6030C
Requests: 4 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Frame ID: 6753ED8345E7A7195208C04D6ECF067F
Requests: 1 HTTP requests in this frame

Frame: https://jelly.mdhv.io/v4/pixie
Frame ID: 99553C06ADA315123F33F1D653300A69
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=191d98afa9c8b70e9edb0757965e136
Frame ID: 9A370FADAAFD77958475B4EDA9C9A965
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212393167165331
Frame ID: 69D0D06D5452A2C298A60D9F3C9FD631
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Frame ID: A8E007474995A8BB8274DD359ED55DD6
Requests: 1 HTTP requests in this frame

Frame: https://jelly.mdhv.io/v4/pixie
Frame ID: 5C337C4A8E9BCBB02C5DD1E3E17FF0EE
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=191d98afa9c8b70e9edb0757965e136
Frame ID: FE5450C0549A9460EB1CFA20A964CD1E
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 042FD867AC210998C82216E5F729CE8C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477422425422998
Frame ID: 583B3FAE90DA1216BCDBB37A29FB4990
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
Frame ID: FACFA5CB1E04AEAEA837851631C70DC0
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Frame ID: 20F2360B07E9DDB76BE8EFD6FC6D03F8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pK69pCwk1RheLa5&gdpr=0&gdpr_consent=
Frame ID: 000B2C7615F81CDCF3DCBD25BCA146D1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: C7A318107CA1B558AA408F5BEF6DA4EB
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 65F09B1B1C197DE28C99BC744FFF1096
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUfc39824af1b143b68db7786ec1ef5df7
Frame ID: A89D50611045355DA0779F7992B1B724
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=868629311101
Frame ID: C0197612FED8B534D3647BDCB1E37388
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 4E0C8827CEB3092DE918A4ADBF700A2F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a116587-9f4a-4700-aed2-14e163937cf0&gdpr=0&gdpr_consent=
Frame ID: 5A654AC9CEDF9EC914C6848F4652CB71
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=N_QqIGVzBdq97zLcTJ-HZQ
Frame ID: 55A24F9BB2C9DE64B50729C003892589
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005
Frame ID: CCA4546AD383C5D8F59957CBEFD9DD2F
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 7B8F33397A4EB506864BBD3CF778B02A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: FA6B5CE1D9226E8DCD50F7572899A34C
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: E128BA78EAFA45796E7D615E5DCABB1A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BF02334EE8324B91A71A305D942A5094&gdpr=0&gdpr_consent=
Frame ID: E7687692EDB522AD35B87C1C7B73420B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7566733561853016117
Frame ID: 264320F52DDEC03AFC3F0970B2047A65
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Frame ID: 4A2B8C907EE1204DA0C554E6DD527431
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=DF95D64B-0F5A-4194-9DAD-94E25614560D
Frame ID: F92FE9644DE51FBF0E478EBD908AFBD6
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Frame ID: 9402BAD665FF6CBA946C992419DAA9C7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=DF95D64B-0F5A-4194-9DAD-94E25614560D
Frame ID: 04E067A93392810D2752D72B417F1133
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PlayStation Universe - PS5, PS4, PSVR, PS Vita News and Reviews

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css
Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

607
Requests

71 %
HTTPS

26 %
IPv6

131
Domains

210
Subdomains

130
IPs

12
Countries

7706 kB
Transfer

14199 kB
Size

327
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 165
  • https://idsync.rlcdn.com/712453.gif?partner_uid=user_2d474c46-c25c-412c-8ae0-f257d6a857cf_1703386948883 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIW-KxJDCj8IARDptAoaN3VzZXJfMmQ0NzRjNDYtYzI1Yy00MTJjLThhZTAtZjI1N2Q2YTg1N2NmXzE3MDMzODY5NDg4ODMQABoNCMW-nqwGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d5ab3ef661e2078861d7ee513c9b710e1fe15072c98483f768e22b4fa03fccca791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d5ab3ef661e2078861d7ee513c9b710e1fe15072c98483f768e22b4fa03fccca791426b5417dce21&rand=09823624 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d5ab3ef661e2078861d7ee513c9b710e1fe15072c98483f768e22b4fa03fccca791426b5417dce21&rand=09823624&expected_cookie=c63f001b-2e4b-4eae-8f56-6d1327dacc7d
Request Chain 166
  • https://ps.eyeota.net/pixel?pid=m51mh00&t=ajs&uid=user_2d474c46-c25c-412c-8ae0-f257d6a857cf_1703386948883 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=m51mh00&t=ajs&uid=user_2d474c46-c25c-412c-8ae0-f257d6a857cf_1703386948883
Request Chain 195
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=60b38027-9256-4e4c-9c17-a4e547150eb1&bid=1e2n4ou
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mm92XzNNc2Q0RmhRUGRtejRydml0azZzay1kM3k4dWZzLXlxTFVfMW8yRTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mm92XzNNc2Q0RmhRUGRtejRydml0azZzay1kM3k4dWZzLXlxTFVfMW8yRTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_gid=CAESEFRLDnE4CQYTIjZjlDA7kes&google_cver=1
Request Chain 197
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-DRPS6F1E2pWgtMC.Hkc5O5JGIemBrisjzUg-~A
Request Chain 198
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00&_test=ZYefRQAJNFXoKgBd HTTP 302
  • https://ps.eyeota.net/match?uid=ZYefRQAJNFXoKgBd&bid=0rijhbu&referrer_pid=m51mh00&_test=ZYefRQAJNFXoKgBd
Request Chain 199
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dm51mh00 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526referrer_pid%253Dm51mh00 HTTP 302
  • https://ps.eyeota.net/match?uid=1168756271806296904&bid=2cr76e1&referrer_pid=m51mh00
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
  • https://s.cpx.to/sync?dsp_uid=CAESENdsrc8ODozBlthI4SWR5uU&dsp=dbm&google_cver=1
Request Chain 232
  • https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://s.cpx.to/sync?dsp=OPENX&dsp_uid=7d982723-beab-4c4a-aa36-8af41c0e1948
Request Chain 233
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D13058%26url%3Dhttps%253A%252F%252Fhematologistsxoc.com%252F%26hn_ver%3D72%26fid%3Dc66b6aac-81b5-407d-81b1-0dda14ad81c0%26dsp%3Dpub_common%26dsp_uid%3D8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b%26dsp%3DTTD%26dsp_uid%3Dabed8f56-b7f0-4ae7-b17f-4fa974ca40c7 HTTP 302
  • https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=1168756271806296904&pid=13058&url=https%3A%2F%2Fhematologistsxoc.com%2F&hn_ver=72&fid=c66b6aac-81b5-407d-81b1-0dda14ad81c0&dsp=pub_common&dsp_uid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&dsp=TTD&dsp_uid=abed8f56-b7f0-4ae7-b17f-4fa974ca40c7
Request Chain 234
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Request Chain 308
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d HTTP 307
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
Request Chain 319
  • https://idsync.rlcdn.com/397416.gif?partner_uid=ce7da9c73a774fc176b4844d03a97e26 HTTP 307
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008gZDVVAdDLuk6iaHmtbL-2YFZZmSdhGlksXaNYa0Uug8
Request Chain 320
  • https://s.amazon-adsystem.com/dcm?pid=7be11c9c-3fd1-4409-a016-f23294a75c34&id=ce7da9c73a774fc176b4844d03a97e26 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=7be11c9c-3fd1-4409-a016-f23294a75c34&id=ce7da9c73a774fc176b4844d03a97e26&dcc=t
Request Chain 325
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0&b=1&g=rQ7MDbbMtQCBp9Hg70BWfPq%2Fg8i0KMQKCOGHpeeF0rI%3D
Request Chain 326
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhematologistsxoc.com%2F&domain=hematologistsxoc.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=n7PzvHxVS3IrMUNZWkZwMnRhWitXaWxDY3BCMGxnakVCY2FEaVlBajZJaVNzVFN4dzZ3TS9xWUhkRzRONnVEbGtJeW4rNFYrSDdiS2hxUmYvZDdub00zbkFCb1hjcVI0WjBjYS9oT1BCT29kYnl1TWFUaGczZC8vOTBRVUNpVFZSanJyZzdQNFVGSjYzYUhrVXBSVCtXTVNiSm0ybGVXc3ZleDQzdWVJL3ZQWldaVUtDamlaRE42bFJoRkJkS0tCS0Q2ejl5a01IT1JsNDAwcVVZMDFFNkxsTlJiMmNhM2xES1MxSURTNjlpV1o0MzhsMEhuRFpxb01rdmQ1R3lrWHFwTjNCfA&cppv=2
Request Chain 331
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5168118996 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5168118996&rd=1
Request Chain 332
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4518969610 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4518969610&rd=1
Request Chain 344
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 346
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477422425422998
Request Chain 347
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=059f3da4-3b3c-4fba-83a2-f5b63c749cad&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=R3ItRnpMRnVuZzdpQWZ4cnNQeG14dw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESELQpZzNW81FjQV6IkSrV2CI&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=oF42wijvagBY
Request Chain 348
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=ZSfz20w6V599SbOcGzQRzmAJ-SQ
Request Chain 349
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=1168756271806296904
Request Chain 350
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c&google_hm=ODA2OTRhNjEtN2NlNS00MWVlLWI2NTEtZDAwYzVmMDRkZjlj HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECO4iizuybj-519XdAzOA4M&google_cver=1&ssp=sonobi&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 351
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=TevWFDYtx8ksdtnrnpanHSnJOdaVMA3At6SqisoFIOE&pi=sonobi&tc=1
Request Chain 352
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=059f3da4-3b3c-4fba-83a2-f5b63c749cad HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=059f3da4-3b3c-4fba-83a2-f5b63c749cad
Request Chain 353
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=116da9d98c&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=60b38027-9256-4e4c-9c17-a4e547150eb1&pubid=116da9d98c HTTP 302
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=32c247a8-fb6c-4888-bea3-65495c6a7f20
Request Chain 358
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&us_privacy= HTTP 302
  • https://match.justpremium.com/match/gg?jp_uid=r-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407&ex_uid=u_811c0878-b6df-4b3b-8127-4905eac05e44
Request Chain 365
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A&gdpr=0
Request Chain 371
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=YpSRNW3HnTd5w59hYJeEOmfDymF5xZlhNcKOpuNX
Request Chain 372
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3495483585301946031
Request Chain 374
  • https://match.adsrvr.org/track/cmf/openx?oxid=5d11218d-7c59-7449-f36d-927de8bfeba6&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=5d11218d-7c59-7449-f36d-927de8bfeba6&gdpr=0&gdpr_consent=
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLiAcMbLOuxFadd6PdY_WI&google_cver=1
Request Chain 377
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=60b38027-9256-4e4c-9c17-a4e547150eb1&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 378
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NzE5OTU2NTE3MTY2NTcyOTUyMTEx HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 379
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIazyVxRyJLC8IHDCz-_Vfk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 380
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NzE5OTU2NTE3MTY2NTcyOTUyMTEx
Request Chain 382
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/719956517166572952111?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-AfWCAzVE2oQzXGHZZIN5G61qeoZF6rqwu1Zr2oHflA--~A&dongle=0883
Request Chain 383
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=719956517166572952111&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=80694a61-7ce5-41ee-b651-d00c5f04df9c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=a340ea5d-5402-4eab-bedb-772822b89e8c&ssp=triplelift&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=80694a61-7ce5-41ee-b651-d00c5f04df9c&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 385
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1168756271806296904&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 388
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=YpSRNW3HnTd5w59hYJeEOmfDymF5xZlhNcKOpuNX
Request Chain 389
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5535339530113223752
Request Chain 391
  • https://match.adsrvr.org/track/cmf/openx?oxid=5d11218d-7c59-7449-f36d-927de8bfeba6&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=5d11218d-7c59-7449-f36d-927de8bfeba6&gdpr=0&gdpr_consent=
Request Chain 393
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLiAcMbLOuxFadd6PdY_WI&google_cver=1
Request Chain 394
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1168756271806296904
Request Chain 395
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_4ff7abeb-fa34-449c-829d-7b6a6149b18d&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=83bc2694-b8ec-454a-9ca1-f36621b68b35&expires=1&user_group=5&ssp=gumgum2&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 396
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=aa2c85fd-544c-4c1f-9416-829020efeae0
Request Chain 397
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36
Request Chain 398
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-VA2LgTpE2pf4y5eB1T2uKlVCNsSPtTKgcdc1~A
Request Chain 399
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=3bfe154f-c2ab-4098-9374-4fce5cae1094
Request Chain 401
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=6834136095838192859&gdpr=0&gdpr_consent=
Request Chain 404
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=60b38027-9256-4e4c-9c17-a4e547150eb1
Request Chain 405
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZYefScCo8YMAAAVjPmYAAAAA
Request Chain 406
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=60b38027-9256-4e4c-9c17-a4e547150eb1
Request Chain 408
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Request Chain 409
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=34d9000b-9205-4125-a9cc-fdcb37030b38&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=80694a61-7ce5-41ee-b651-d00c5f04df9c HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=80694a61-7ce5-41ee-b651-d00c5f04df9c&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=MzAxYmQ2MjcxM2Q5NWZjNw&gdpr=0&gdpr_consent=&us_privacy=1---&ssp=adaptmx&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 410
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=34d9000b-9205-4125-a9cc-fdcb37030b38 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A
Request Chain 411
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Damx_com%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=amx_com&uid=34d9000b-9205-4125-a9cc-fdcb37030b38
Request Chain 412
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=openx&uid=64cfae42-c5c6-47a0-98e1-526869e4292b
Request Chain 414
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D34d9000b-9205-4125-a9cc-fdcb37030b38%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5535339530113223752 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dpubmatic%26uid%3DDF95D64B-0F5A-4194-9DAD-94E25614560D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=pubmatic&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Request Chain 415
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3Fus_privacy%3D1---%26A%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&s=191503&us_privacy=1---&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=index_rtb&uid=ZYefSehwxCOfO0YynO09kgAA%261378
Request Chain 416
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=sovrn&uid=H31WhBZHGoaNboL8TIe4PwDm
Request Chain 417
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=appnexus&uid=1168756271806296904
Request Chain 420
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=64cfae42-c5c6-47a0-98e1-526869e4292b
Request Chain 422
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCd0wwN0xEejhBQUJiRl9wVEt2UQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAFBcU7LDz8AABLjZUYDPQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFBcU7LDz8AABLjZUYDPQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFBcU7LDz8AABLjZUYDPQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFBcU7LDz8AABLjZUYDPQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=8286368670581380728&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFBcU7LDz8AABLjZUYDPQ&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 423
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1168756271806296904&gdpr=0&gdpr_consent=
Request Chain 426
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=pubmatic&bidswitch_custom_parameter=80694a61-7ce5-41ee-b651-d00c5f04df9c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=eec4f6cbab7d85460597b4e4ea93a9b7&expires=30&ssp=pubmatic&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 427
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nad7uZL0d7uG8HXtn6RutpjwIO2G9nPtyvGpy3D1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8fd0bb6d-ba1b-4a12-af15-18ba8edaac46&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Request Chain 428
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e278fba4-a208-11ee-ae5d-8536e7367e78
Request Chain 429
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=35XWSw9aQZSdrZTiVhRWDQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 430
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=DF95D64B-0F5A-4194-9DAD-94E25614560D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=DF95D64B-0F5A-4194-9DAD-94E25614560D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=eb47532c-e479-4bde-8a8c-0a2391166c17%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=eb47532c-e479-4bde-8a8c-0a2391166c17%2C%2C
Request Chain 433
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REY5NUQ2NEItMEY1QS00MTk0LTlEQUQtOTRFMjU2MTQ1NjBE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6bcf3bce-e561-4471-802a-4dd2b55aa055&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Request Chain 434
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHFuzquKDeIeTLLle0Rkujc&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:45c78ba2-30c1-4260-8e97-1ae1950b655c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Request Chain 435
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:BF02334EE8324B91A71A305D942A5094 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dpubmatic%26uid%3DDF95D64B-0F5A-4194-9DAD-94E25614560D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=pubmatic&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Request Chain 436
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
Request Chain 438
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-luf3QPdE2uV6S6IiQteTk3OsVsnE9qU-~A&gdpr=0
Request Chain 439
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=4f0cb74bcce005a7&is_secure=true&networkId=17100&version=1&nuid=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACR7ytneWC4wMQKDXrAAAAAAA&expiration=1703473354&nuid=DF95D64B-0F5A-4194-9DAD-94E25614560D&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Request Chain 440
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=51f3fc79-6dbc-4c17-8d3e-c2df37f1f720&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f2734658-000b-4255-94b4-86713de7e47a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 441
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10E2C7E3A_9602646D&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 443
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4301131125610587739&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 444
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4fcf7faa-f51c-4b8c-9a8f-57b9600041ed-65879f49-5553&gdpr=0&gdpr_consent=
Request Chain 445
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=H31WhBZHGoaNboL8TIe4PwDm
Request Chain 448
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQIWLYW6-H-DTN2
Request Chain 449
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFJV0xZVzYtSC1EVE4y HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECMKp8ey_PV1sfivqpxxKBo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFJV0xZVzYtSC1EVE4y&google_push=
Request Chain 450
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=&expires=30
Request Chain 451
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjFjNjE3OGY1Yjk3ZjVmNWIwMWNiYjExZmVkYTI1MDFjZWU5YTI3YQ
Request Chain 453
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQIWLYW6-H-DTN2&ex=d-rubiconproject.com&status=ok
Request Chain 454
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Bj4Af8fikmacxJL9VMWrpw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QsWKBoZE2oLKALp9QIzI6avxxAmq4wQjVn_7EA--~A
Request Chain 455
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7eIGJVXeSzGh8qIarhNPsw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7eIGJVXeSzGh8qIarhNPsw
Request Chain 456
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKLobj47TQUONk9mZ8Gjov4&google_cver=1
Request Chain 457
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFBcU7LDz8AABLjZUYDPQ&expires=30
Request Chain 458
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQIWLYW6-H-DTN2&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQIWLYW6-H-DTN2&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1CSWNkT1NWRTJ1SGd1MlpobVhlSmFJU2FBV2VJWFJHa35B&ovsid=LQIWLYW6-H-DTN2&dpid=58160
Request Chain 459
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQIWLYW6-H-DTN2
Request Chain 460
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQIWLYW6-H-DTN2 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIWLYW6-H-DTN2 HTTP 302
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIWLYW6-H-DTN2&ripv6=2602:ffc8:2:104::12 HTTP 302
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIWLYW6-H-DTN2&ripv6=2602:ffc8:2:104::12&ckls=true&ci=fsjNOJRpbg&nc=false&trid=1166611941
Request Chain 461
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQIWLYW6-H-DTN2
Request Chain 462
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=51f3fc79-6dbc-4c17-8d3e-c2df37f1f720&expires=30
Request Chain 463
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQIWLYW6-H-DTN2
Request Chain 466
  • https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D$UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1168756271806296904&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID&cb=1703386954152 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8715551654 HTTP 302
  • https://sync.1rx.io/usersync/turn/4301131125610587739?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=2&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D3%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=317&uid=3789845405557970657&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D3%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=3&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D4%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=3463885546634072000V10&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D4%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=4&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D5%2526redirect%253Dhttps%25253A%25252F%25252Felb.the-ozone-project.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D0%252526gdpr_consent%25253D%252526us_privacy%25253Dpbs-ozone%252526uid%25253D%252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=H31WhBZHGoaNboL8TIe4PwDm&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253Dpbs-ozone%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=5&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
Request Chain 467
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZYefSehwxCOfO0YynO09kgAA%261378
Request Chain 469
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&khaos=LQIWLYW6-H-DTN2 HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQIWLYW6-H-DTN2
Request Chain 470
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Request Chain 472
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=1168756271806296904&gdpr=0&gdpr_consent=
Request Chain 473
  • https://ad.360yield.com/server_match?partner_id=2048&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2F056f32ee5cf49404607e368bd8d3f2af%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2048&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2F056f32ee5cf49404607e368bd8d3f2af%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/?gdpr=0&euconsent=&uid=3b613cb4-75dd-4618-bbba-ff26a23f8deb
Request Chain 474
  • https://ad.360yield.com/server_match?partner_id=2048&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2F056f32ee5cf49404607e368bd8d3f2af%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2048&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2F056f32ee5cf49404607e368bd8d3f2af%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/?gdpr=0&euconsent=&uid=3b613cb4-75dd-4618-bbba-ff26a23f8deb
Request Chain 475
  • https://match.sharethrough.com/universal/v1?supply_id=mmnOOyXZ&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/6ccbc109824ae3014a36fd8993cc151d/?uid=059d375e-d427-4900-b250-76702de8c33b&gdpr=0
Request Chain 476
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=0471c56c-752b-4a57-8d10-1zz1703386942 HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Drichaudience%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=richaudience&user_id=PkHxDkULn_TZPyOIw0i20 HTTP 302
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&us_ps=
Request Chain 477
  • https://id5-sync.com/s/286/9.gif?puid=0471c56c-752b-4a57-8d10-1zz1703386942&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BID5UID%7D HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F441%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/441/8/2.gif?puid=u_811c0878-b6df-4b3b-8127-4905eac05e44&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-eb169aptoi8Nucpox1hWh2u9NJK7Y9LynItIw30t0A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/286/124/7/3.gif?puid=3b613cb4-75dd-4618-bbba-ff26a23f8deb&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/286/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/2/6/4.gif?puid=1168756271806296904&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F434%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/286/434/5/5.gif?puid=32c247a8-fb6c-4888-bea3-65495c6a7f20&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F796%2F4%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/796/4/6.gif?puid=51f3fc79-6dbc-4c17-8d3e-c2df37f1f720&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=1168756271806296904&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1246%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/286/1246/3/7.gif?puid=H31WhBZHGoaNboL8TIe4PwDm&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F429%2F2%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/286/429/2/8.gif?puid=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F108%2F1%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/108/1/9.gif?puid=eb47532c-e479-4bde-8a8c-0a2391166c17&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAFBcU7LDz8AABLjZUYDPQ&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?gdpr=0&euconsent=&uid=ID5-eb169aptoi8Nucpox1hWh2u9NJK7Y9LynItIw30t0A
Request Chain 480
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c
Request Chain 481
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=hematologistsxoc.com&sn=ChromeSyncframe&so=3&topUrl=hematologistsxoc.com&bundle=Ug83Ql9NbCUyQkJ3VEI0VWo4bkc5eTlxZ2RpejZXMXJ3NTlUTXFSQmFJSGRNeXo4JTJGQlFQT3JpUG1NJTJCaUJudWRTcUp4ajJaQk1QMHRYVHFWbFpLdDlFJTJCeUFGZ3JueE9mUjl3JTJCME5JMDdPNWtDczRzUTNjN01YSmt3N0IwSUhSRGs0YXZubzg&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Wx8303xJWXFib281L1lZa2U0QkpZSTFBdW90OCttL2pza1pqRXdDRzFyRWsyMEcrY1lNOWxoZW4wSTdyOVlBWkREeVR5R2I3VTRZREZqaENoVjJPbGFKejlwNVFnczFuODBPT1VSdHhBYTZ3TGRQcFlzajRqSnFITTR0ekFuWlNsUkxQYWJBL1pQMit3WmV2YnRTemVzWUZSUzVOZ09FbU1sMzVhWDFjdjVJV0ZJSkx6NmtBbWh1eE9zU0lHVjRTQlB0M1JjZE5vb09kVUFwWjArVWs3T2thT0czY2VNajVQSU0xOXFJbkkvc21hTHh3YVJpalJDb0dUUmpWcnNzcVNEZW1ycTdkM0ZYT2hnNnhSWHFnUnVLTWJuRzBMZ3Jaa3lwKzFpWWV0RjR3THB3dz18&cppv=2
Request Chain 483
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=2a116587-9f4a-4700-aed2-14e163937cf0&gdpr=0&gdpr_consent=
Request Chain 484
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LQIWLYW6-H-DTN2&gdpr=0
Request Chain 485
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1168756271806296904
Request Chain 486
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=d1f57e1b756ada72b8e9a692e2bd67af&gdpr_consent=&gdpr=0
Request Chain 488
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0c32439b-e436-47c4-908f-e5450afe98d4
Request Chain 489
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440 HTTP 302
  • https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUfc39824af1b143b68db7786ec1ef5df7
Request Chain 490
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJnGORxcKBDwOSWzZVqDMErMpiix6Bc6Zw
Request Chain 491
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=3789845405557970657
Request Chain 492
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SuNLcDLYgOKaXJ1Yv6UKuLnRnDpS5QyZzrHcMms3TwY
Request Chain 493
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Request Chain 494
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMzt8_LAVP-ew0zUTlmsIXU&google_cver=1
Request Chain 495
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=oF42wijvagBY&ev=1&us_privacy=&pid=562985
Request Chain 496
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=796602abc3a607c7&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAACAhqVBHbP9AMEyzLYAAAAAAA&expiration=1703473354
Request Chain 497
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A
Request Chain 498
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
Request Chain 499
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=6448104358935255946 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=9471ba49-594e-5366-929b-275bf71cb811&ssp=onetag&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 502
  • https://x.bidswitch.net/sync?ssp=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dozone%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=ozone&user_id=k-9i3GmK57mI_Qh2LnBRm7bWjw-4e2DYab-xsBgw&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=bidswitch&gdpr=0&gdpr_consent=&us_privacy=&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c
Request Chain 503
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr=0&gdpr_consent=&gdpr=0&khaos=LQIWLYW6-H-DTN2 HTTP 302
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LQIWLYW6-H-DTN2&gdpr=0
Request Chain 507
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=DF95D64B-0F5A-4194-9DAD-94E25614560D
Request Chain 508
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11592&uid=oF42wijvagBY&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 509
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11596&id=1168756271806296904&gdpr=0&gdpr_consent=
Request Chain 510
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs.yellowblue.io/cs?aid=115667&uid=32c247a8-fb6c-4888-bea3-65495c6a7f20
Request Chain 511
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs.yellowblue.io/cs?aid=11563&id=b5113d1b-abb6-490c-b82a-ceefc9163fe5
Request Chain 512
  • https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E HTTP 302
  • https://cs.yellowblue.io/cs?aid=11585&id=3463885546634072000V10
Request Chain 513
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs.yellowblue.io/cs?aid=11580&puid=212393167165331
Request Chain 514
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=059d375e-d427-4900-b250-76702de8c33b&gdpr=0
Request Chain 515
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=3789845405557970657&gdpr=0&gdpr_consent=
Request Chain 516
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs.yellowblue.io/cs?aid=11571&id=36a7f0f4-caef-4256-9c65-efbae82ce7a6&gdpr_consent=null&gdpr=0
Request Chain 517
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6662495113 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/60b38027-9256-4e4c-9c17-a4e547150eb1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005
Request Chain 518
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=1e26a1572a169e52a2703326f6a29f37&gdpr_consent=&gdpr=0
Request Chain 519
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c
Request Chain 520
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs.yellowblue.io/cs?aid=11584&uid=3zV1cwwll1wlB5EWvjcY&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 523
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 524
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LQIWLYW6-H-DTN2&gdpr=0
Request Chain 525
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=191d98afa9c8b70e9edb0757965e136&gdpr_consent=&gdpr=0
Request Chain 527
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJnGOuTz-nP1UBUOmpYLDXFV0Zelt961aQ
Request Chain 528
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=TJzH23PleSyZwIHghBt2hY3oVukuxJuIuiLhCNU8oZ0
Request Chain 529
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=2a116587-9f4a-4700-aed2-14e163937cf0&gdpr=0&gdpr_consent=
Request Chain 530
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1168756271806296904
Request Chain 531
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0c32439b-e436-47c4-908f-e5450afe98d4
Request Chain 532
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440 HTTP 302
  • https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUfc39824af1b143b68db7786ec1ef5df7
Request Chain 533
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=3789845405557970657
Request Chain 534
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Request Chain 535
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMzt8_LAVP-ew0zUTlmsIXU&google_cver=1
Request Chain 536
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=oF42wijvagBY&ev=1&us_privacy=&pid=562985
Request Chain 537
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=7e2a1a56304507c7&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAACAhqVBHbP-ANBn5CEAAAAAAA&expiration=1703473354
Request Chain 538
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A
Request Chain 539
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
Request Chain 540
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=onetag&bsw_custom_parameter=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=onetag&bsw_custom_parameter=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=92c3f4b2-9779-4b1b-b7f8-c8e2a9ef279a&ssp=onetag&expires=30&user_group=5&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 549
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=978477422425422998&bid=omt9pi0
Request Chain 550
  • https://idsync.rlcdn.com/423476.gif?partner_uid=2R9EcIdUapuKrAooi9bGCcfOFZboXb2jW5vGgVd_0Dbo HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=08d75eeb-b11e-4229-ac14-128ed1248a7e
Request Chain 551
  • https://ws.rqtrk.eu/pushpull?pid=6b6d3924-92d3-4998-bf20-3f75688546c0&dmp=6b6d3924-92d3-4998-bf20-3f75688546c0&uid=2KQ3TJ3jnucuzEH0LiJRzpMC1san_sDAmLdOpxesuTO8&cb=1703386954&src=www&type=100&return-unstable=true&g=1&redirect=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dm5ri0ru%26uid%3D%24BROWSER_ID HTTP 302
  • https://ps.eyeota.net/match?bid=m5ri0ru&uid=a7d849ba-207e-49d4-8e6c-a45229312952
Request Chain 552
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LQIWLYW6-H-DTN2 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LQIWLYW6-H-DTN2
Request Chain 553
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LQIWLYW6-H-DTN2&gdpr=0
Request Chain 555
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PDID] HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=0471c56c-752b-4a57-8d10-1zz1703386942
Request Chain 557
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=191d98afa9c8b70e9edb0757965e136&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo0447_7315991477537956800&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAFBcU7LDz8AABLjZUYDPQ&dataProviderId=817&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MTkxZDk4YWZhOWM4YjcwZTllZGIwNzU3OTY1ZTEzNg==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEB2JN6QtivaBiI7zdDvUdus&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=Wviw1oMp1RheLa5&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=1168756271806296904&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5191779&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=51f3fc79-6dbc-4c17-8d3e-c2df37f1f720 HTTP 302
  • https://jelly.mdhv.io/v4/pixie
Request Chain 559
  • https://ssc-cms.33across.com/ps/?ri=0010b00002QLYzgAAH&ru=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212393167165331
Request Chain 560
  • https://ads.yieldmo.com/pbsync?is=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=3zV1cwwll1wlB5EWvjcY&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Request Chain 561
  • https://match.sharethrough.com/universal/v1?supply_id=1UfPRnxS&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=059d375e-d427-4900-b250-76702de8c33b&gdpr=0
Request Chain 563
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/191d98afa9c8b70e9edb0757965e136?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-s2jtZUVE2oMaj.DJRcA3F3A.kfR8BHnFM9Y96TyO~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=1168756271806296904&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=229984&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=51f3fc79-6dbc-4c17-8d3e-c2df37f1f720 HTTP 302
  • https://jelly.mdhv.io/v4/pixie
Request Chain 566
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 567
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477422425422998
Request Chain 568
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
Request Chain 569
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=a340ea5d-5402-4eab-bedb-772822b89e8c&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Request Chain 570
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pK69pCwk1RheLa5&gdpr=0&gdpr_consent=
Request Chain 571
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 573
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUfc39824af1b143b68db7786ec1ef5df7
Request Chain 574
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=868629311101
Request Chain 575
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 576
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a116587-9f4a-4700-aed2-14e163937cf0&gdpr=0&gdpr_consent=
Request Chain 577
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=N_QqIGVzBdq97zLcTJ-HZQ
Request Chain 578
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=383102425 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/1508/2a116587-9f4a-4700-aed2-14e163937cf0?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005
Request Chain 582
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BF02334EE8324B91A71A305D942A5094&gdpr=0&gdpr_consent=
Request Chain 583
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7566733561853016117&uid=Q7566733561853016117&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7566733561853016117
Request Chain 584
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=DF95D64B-0F5A-4194-9DAD-94E25614560D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=992ed80c-653e-41c3-b214-c0e12aadbea6
Request Chain 590
  • https://idsync.rlcdn.com/712188.gif?partner_uid=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESENZA6eFZGfW-3kj1NDWzWzk&google_cver=1
Request Chain 599
  • https://sync.srv.stackadapt.com/sync?nid=eyeota HTTP 302
  • https://ps.eyeota.net/match?bid=tpm4omv&uid=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=&gdpr_consent=
Request Chain 600
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=18c99c6265b-45260000010a500f&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dm51mh00 HTTP 302
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=76692478080830854102662236212404619659&referrer_pid=m51mh00
Request Chain 601
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2PGWBgxbMvo6Ha6WHZxdzRBsqK9W3vWsF3hYdsXIIlf8 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=eb47532c-e479-4bde-8a8c-0a2391166c17%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=eb47532c-e479-4bde-8a8c-0a2391166c17%2C%2C
Request Chain 602
  • https://dmp.adform.net/serving/cookie/match/?party=1009 HTTP 302
  • https://ps.eyeota.net/match?uid=5535339530113223752&bid=9gdtmu1
Request Chain 603
  • https://i.liadm.com/s/59742?bidder_id=220889&bidder_uuid=2woid7n5OErtfNBtKOfGlsX0lUduA2JK5AGMXrMnt3lY HTTP 303
  • https://i.liadm.com/s/59742?bidder_id=220889&bidder_uuid=2woid7n5OErtfNBtKOfGlsX0lUduA2JK5AGMXrMnt3lY&_li_chk=true&previous_uuid=cf9ca983164b42128a8a47508784042d HTTP 303
  • https://i6.liadm.com/s/59742?bidder_id=220889&bidder_uuid=2woid7n5OErtfNBtKOfGlsX0lUduA2JK5AGMXrMnt3lY

607 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hematologistsxoc.com/ 		200 KB
200 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
6a653a32bd85f519b5e2c23df805f1e75ffc3e38b25258ab2c0e6c368f515bfb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
204640
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 03:02:26 GMT
last-modified
Sat, 23 Dec 2023 12:15:38 GMT
server
nginx/1.17.3
embedpress.css
hematologistsxoc.com/wp/wp-content/plugins/embedpress/assets/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hematologistsxoc.com/wp/wp-content/plugins/embedpress/assets/css/embedpress.css?ver=a6068f496f2e3ff47e1bafcc31613c47
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
7a03867618fb91e9f788e31fcf7fbd784ac1a9f1a6ae562a0836ddd40e6228ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:49 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
7143
content-type
text/css; charset=utf-8
addtoany.min.css
hematologistsxoc.com/wp/wp-content/plugins/add-to-any/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hematologistsxoc.com/wp/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
a94558535ca72995a47883885d6fdfdee113dcbb8e937e88196f25cb181c72b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:49 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
1463
content-type
text/css; charset=utf-8
css
fonts.googleapis.com/ 		2 KB
1018 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato|Oswald:600
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86521cf39eb21a3fbb45a89ecb3d1457a06d2bb7c1a952c320ff6d30b1040a3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 03:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 03:02:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 03:02:27 GMT
main-ac21ecea4c.css
hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/styles/ 		181 KB
181 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/styles/main-ac21ecea4c.css
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
b67bfadb26cf6f201e98db8836ce1faa76668a04284b65e03e72eefcf8c50c91

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
185355
content-type
text/css; charset=utf-8
jquery-1.12.4.min.js
code.jquery.com/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
8584747
x-cache
HIT, HIT
content-length
33738
x-served-by
cache-lga21956-LGA, cache-nyc-kteb1890056-NYC
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1703386947.241586,VS0,VE0
etag
W/"28feccc0-17b8b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
207, 67538
addtoany.min.js
hematologistsxoc.com/wp/wp-content/plugins/add-to-any/ 		129 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hematologistsxoc.com/wp/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:49 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
129
content-type
application/javascript; charset=utf-8
pdfobject.min.js
hematologistsxoc.com/wp/wp-content/plugins/embedpress/assets/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hematologistsxoc.com/wp/wp-content/plugins/embedpress/assets/js/pdfobject.min.js?ver=3.1.3
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
c1a86d7c11a5c83b82c7e6f814aff6286a9fe3483b8e0e2c16089370bad4676d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:49 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
13523
content-type
application/javascript; charset=utf-8
jq-sticky-anything.min.js
hematologistsxoc.com/wp/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hematologistsxoc.com/wp/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/jq-sticky-anything.min.js?ver=2.1.1
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
c78670d74dd4276ebea41acf32ea50bef3e18c35c9f0f85afc929baa14d5e690

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:49 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
7410
content-type
application/javascript; charset=utf-8
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QEJGXRZ2J3
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2c6cacf2809a866ed89a752f5491024b15e5b5543bc36ecabce2ad2c04f78ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93761
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Dec 2023 03:02:27 GMT
ad-manager.min.js
hb.vntsm.com/v3/live/ 		1015 KB
293 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.42 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eba8f0299ba7901370cbc32973297a0e8f7009283ae12799f8a203d43a66f76a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version
1.1
strict-transport-security
max-age=300
age
1783
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ip
96.9.249.36
content-length
299734
x-amz-id-2
q0q2uIVnEt6aeqRifzvxt0pKHb8C5IvIIaaT2eEj88FXF8GVCTe73NGXHSwYaf4G4zWkzFTpJvc=
x-served-by
cache-dub4332-DUB, cache-yyz4560-YYZ
last-modified
Tue, 19 Dec 2023 12:06:49 GMT
x-timer
S1703386948.811352,VS0,VE2
etag
"633e20086e1be366d4d9563cb9344900"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision
x-geo
US
x-cache-hits
31, 1
js
www.googletagmanager.com/gtag/ 		202 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8F83798HVT
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d1738caefd1a5ef3690792319b4ca5bf81ec164763e0f9c79e1c502b114f694
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75460
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Dec 2023 03:02:27 GMT
ramp_config.js
cdn.intergient.com/1023088/71020/ 		57 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/1023088/71020/ramp_config.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
80adb26bc20bcac160ed3e58f52f6318e363040decadf29b3ac5df1ce8bf8010

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 12:19:26 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P4
age
52981
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600, public, must-revalidate
x-amz-cf-id
S57ElQOYqW07FXNsmj4hLeZLSuDPAxXSj9As8R85-GwOezGU1ad82Q==
Naughty-Dog-Shuts-Down-The-Last-Of-Us-Online-e1702599116327.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Naughty-Dog-Shuts-Down-The-Last-Of-Us-Online-e1702599116327.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
2c6c13edd0dfc6cdf09ce79b8f1c85a13eb04a01f73b7f1a57e123518186dd7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
14016
content-type
image/jpeg
PSUGameOfTheYear2023-min-e1701721886933.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/PSUGameOfTheYear2023-min-e1701721886933.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
25ea9a9c30d137cd492002b4bdc7d5814b347f22310ce87790af80cce2dbf0a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
59723
content-type
image/jpeg
new-ps5-ps4-psvr2-game-release-dates-2024-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/new-ps5-ps4-psvr2-game-release-dates-2024-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
05a93df0a6058a1a9be10ee21e486500b337da813855c2ef40dba89808b76d6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
45415
content-type
image/jpeg
PlayStation-Store-Holiday-Sale-US-Prices-e1703288985574.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/PlayStation-Store-Holiday-Sale-US-Prices-e1703288985574.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
f8109d8c2cae96ff237d1be560dd8a8a35db04ff0ead82ae170efbe8d0678c2e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
55956
content-type
image/jpeg
Versus-Evil-Is-Shutting-Down-e1703275697213.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Versus-Evil-Is-Shutting-Down-e1703275697213.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
fb2dc62dd4b0853651818d86735fee3d4c7013696669679052e5d1d46ef87f96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
12215
content-type
image/jpeg
Like-A-Dragon-Infinite-Wealth-Will-Have-A-Rougelike-Mode-e1703274062830.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Like-A-Dragon-Infinite-Wealth-Will-Have-A-Rougelike-Mode-e1703274062830.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
73399003c6b107f80480ce214391e054479d171061134e7e36d44ce27d66c463

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
58632
content-type
image/jpeg
ForestGrove-1-min-768x432.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2022/02/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2022/02/ForestGrove-1-min-768x432.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
ab498b0fd03bb8d8d965de3ea0b0b891cc6ed8014a6c1559088a8978fbe87b4e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
64038
content-type
image/jpeg
MarvelsWolverine-1.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/MarvelsWolverine-1.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
c33e4d05fd3b17ac31f7de6443baa04c86645acad3c3205cb76dc88d4adb8da9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
53600
content-type
image/jpeg
DarkSouls2-min-768x431.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/DarkSouls2-min-768x431.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
d4fff359736f60b70833f614d85cc605aa9ca6e2794572179f41078e34fe5260

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
50716
content-type
image/jpeg
TheFinals-1-1.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/TheFinals-1-1.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
45673ee28d0594c05670f5bca70994e8bcbeb71e36d268c3e26001986dad84ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
59038
content-type
image/jpeg
MarvelsWolverine-3.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/MarvelsWolverine-3.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
8887de327c1e56dc51ac18f0fe9e38aaafb2723f81c7936bed988d5c1c8665f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
28645
content-type
image/jpeg
LordsoftheFallenTrialOfTheThreeSpirits-min-768x433.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/LordsoftheFallenTrialOfTheThreeSpirits-min-768x433.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
fab6ecd1b1667e2496df1940313f4a3b897eea71a2d99d747d4d5e0989def6d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
73334
content-type
image/jpeg
RiseoftheRonin-2-min-768x431.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/RiseoftheRonin-2-min-768x431.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
a56d3b59c47f2456396d102e65e114f1b55310b7a88d7c8714078d5529ec2c68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
41692
content-type
image/jpeg
trinity-fusion-ps5-review-cover-e1703108923266.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/trinity-fusion-ps5-review-cover-e1703108923266.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
d1c9bc09688595392a08974bdce6a8c8a693fd8b8a21d1978e7ec8e853b09ddd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
65489
content-type
image/jpeg
Resident-Evil-4-Remake-VR-Review-1-e1703196723708.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Resident-Evil-4-Remake-VR-Review-1-e1703196723708.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
67b7b5e6d2386205e2170cd9f9c76022d7b20f695a3a0b1d846da89be48ea5ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
59680
content-type
image/jpeg
South-Park-Snow-Day-Release-Date-Revealed-e1703196267692.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/South-Park-Snow-Day-Release-Date-Revealed-e1703196267692.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
465c01d1b74eb5590b78d23db57ed99ffdfa47851b4fffd3b8d42bb8119270e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
88819
content-type
image/jpeg
FirewallUltra-1-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2022/09/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2022/09/FirewallUltra-1-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
a1dfe81ce318584fcd27802f24eba4ced954064a815fd918c742087cbdd667a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
25507
content-type
image/jpeg
Is-GTA-6-Going-To-Run-At-60-FPS-On-PS5-e1701898143243.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Is-GTA-6-Going-To-Run-At-60-FPS-On-PS5-e1701898143243.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
200bce5c50e1b652b5a7ac12df35adebb03500109277ce16c7c1c2e5dd5dbad8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
36624
content-type
image/jpeg
Discovery-TV-Shows-Are-Being-Removed-From-PlayStation-e1701717783225.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Discovery-TV-Shows-Are-Being-Removed-From-PlayStation-e1701717783225.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
751a33be0206481f3170813268d08e7f505ef29911cbf068c8f2f3c0374df256

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
17340
content-type
image/jpeg
SuicideSquadKillTheJusticeLeague-3-768x432.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/SuicideSquadKillTheJusticeLeague-3-768x432.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
6fe763c8e384a73103bc6be8939fdff3a8bf7209ec6fa78986f0882549631632

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
45600
content-type
image/jpeg
AEWFightForever-1.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/AEWFightForever-1.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
473e0fa466bd2e7cb05557e7b4e2c587de843759b21183af59fcbef533c0ce62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
76532
content-type
image/jpeg
Hammerwatch-2-Key-Art-768x359.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Hammerwatch-2-Key-Art-768x359.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
166d086c02174369f57d0746efc7fd73ae99309b0d6bf93e0c8be8e5efc188ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
52555
content-type
image/jpeg
YakuzaLikeADragon-1.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/YakuzaLikeADragon-1.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
69fe9c663db3dda68f05c8ce3e599bf60677bf990ee8e6714368bece02d730c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
44190
content-type
image/jpeg
BaldursGateIIIHotFix15-min-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/BaldursGateIIIHotFix15-min-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
91a68487c7e27c5b087c45dba6ebac09a35d19c919ea99d56d91d2222c0f6f28

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
54247
content-type
image/jpeg
Overwatch2WinterWonderland-min-768x433.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Overwatch2WinterWonderland-min-768x433.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
1e8a0c997df4bf02b46955537093e3151316fb3a5bfa88fdc26e04005b9079b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
46973
content-type
image/jpeg
MetalGearSolidMasterCollectionVol1-1.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/MetalGearSolidMasterCollectionVol1-1.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
0a0d7a645e0bc972905e0edd908c126fc144a7bb800a18633225b72d95160e4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
39196
content-type
image/jpeg
BlooberTeam-768x432.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/BlooberTeam-768x432.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e207e20d302e5e5d3bdb5c9b87f17d4649978290c1186daa4bd78417607710a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
13584
content-type
image/jpeg
JetSetRadio-min-768x430.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/JetSetRadio-min-768x430.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
9309517723e71014b801033ca1a77479fc3517aca1e2aaf729490b81b556ed9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
47436
content-type
image/jpeg
BobbyKotick-768x432.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/02/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/02/BobbyKotick-768x432.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
2f0a70d9cb2e3f2780156d39a9c64fc7895e20e5bb7c9f91dc0fd1a49c1773fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
44653
content-type
image/jpeg
Suicide-Squad-Kill-The-Justice-League-Suicide-Squad-Insider-Episode-2-e1703104003382.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Suicide-Squad-Kill-The-Justice-League-Suicide-Squad-Insider-Episode-2-e1703104003382.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
27b32fda4be862baafd06dc963c15107a2a22d756a849972f8656e226e31d255

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
41665
content-type
image/jpeg
PS5-4-3-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/PS5-4-3-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
4aa07cf20cf99b42eee9c152ba983a4c205b58f5a9dfb7454b68e666008c66db

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
23657
content-type
image/jpeg
Tekken8Shaheen-min-768x431.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Tekken8Shaheen-min-768x431.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
235441426daec2904eb81a867cd9ed52dcc5ed728f8f4933fc67499e0bc3da83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
53251
content-type
image/jpeg
TheFinals-1-1-768x402.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/TheFinals-1-1-768x402.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
b962adab27cd2047136e9554e9ff792035da6abb79c4dffadbc90beb8751cd79

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
38843
content-type
image/jpeg
PS5-1.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/PS5-1.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
9d6a462baa17c99763c1187b483d8a6357b3d8df4df370048f526c27c7cd0e64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
49067
content-type
image/jpeg
CallofDutyBlackOps2-768x431.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/CallofDutyBlackOps2-768x431.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
6f2ce7fd73bbf192e194c18a1733e5dabfcca1cf0e0ee57e2aac80509ff80589

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
31389
content-type
image/jpeg
GenshinImpact-min-768x433.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/GenshinImpact-min-768x433.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
1e74f4f45676a969d84394cfbe89c4190810f699dd67c8395c6e5df49a052d4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
68496
content-type
image/jpeg
MacWalters.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/MacWalters.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
aaa3c84c6f205c067be1974436d8525c4336896d3c6ad38f78ce80f1a33042ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
39140
content-type
image/jpeg
TheFinals-2-768x432.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/TheFinals-2-768x432.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
dd41af8e2f7ca7f8bde5d1bc251657a75088befd032e99048e8ab78bca97383e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
51217
content-type
image/jpeg
PSStoreJanuarySale-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/PSStoreJanuarySale-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
742ce3de3eec5b30fb01ae3626593218238efe5e9eee64248def9d71f1824c6f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
37789
content-type
image/jpeg
Revolution-5-Pro-Review-2-768x384.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Revolution-5-Pro-Review-2-768x384.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
29c990d697d0426e92a58ba8e6e9f0a05238ce82ffb1d35bf59377e476e0f59a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
24549
content-type
image/jpeg
Alan-Wake-2-Update-12-Patch-Notes-e1700255460112.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/11/Alan-Wake-2-Update-12-Patch-Notes-e1700255460112.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
7c5caf11ff3d9dc047ce7560887eed9dbf7c2185d15d84f9b95bf7a8c9ddeeb6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
13669
content-type
image/jpeg
The-Lord-Of-The-Rings-Gollum-Is-Expeted-To-Get-A-New-Patch-Tomorrow-e1685137586258.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/05/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/05/The-Lord-Of-The-Rings-Gollum-Is-Expeted-To-Get-A-New-Patch-Tomorrow-e1685137586258.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e5df21b86b118b2060395db0adae3498fa5bc03a9b1099d5523be386c05f8ebe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
53444
content-type
image/jpeg
laika-Aged-through-blood-ps5-review-banner-min-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/laika-Aged-through-blood-ps5-review-banner-min-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
ba73cb6dde74a5644f44cbc6f3ce86b06390ae061c058c01a27fdc6aa436f8af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
39918
content-type
image/jpeg
GlenSchofield.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/GlenSchofield.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
df26c73a558a211b59df8b4958d1b94024319844ab6ccd589d7b005e76c4e301

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
38284
content-type
image/jpeg
Frostbite-768x428.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Frostbite-768x428.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
c21323436e4296de2e6bd11c50151a5ce9ecf227b70e51b1eacdf29b0910cae3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
13252
content-type
image/jpeg
FinalFantasyVIIRebirth-2.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/FinalFantasyVIIRebirth-2.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
c1a08a2cc980f7487e08ee5de63d1f9534f4304da803d795a14f034a0522af48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
50425
content-type
image/jpeg
Tekken8-4-min-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Tekken8-4-min-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
0d427dd92c2955e9855d8216bbcd5e73e93e2829e072a7f4cc0d181736e40974

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
81082
content-type
image/jpeg
DeathStranding-2.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/DeathStranding-2.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
c2c7fe48398efc2d8c72928bd74ff0a9d9dcb05d4d0a4b4fe439cda65c4e609b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
42749
content-type
image/jpeg
DNFDuel-1-min-768x430.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/DNFDuel-1-min-768x430.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
f9b58c2c20911d76509b29980640957c341a1c0494fbd993415d7ecce035bdac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
67619
content-type
image/jpeg
RiseoftheRonin-1.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/RiseoftheRonin-1.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
82e906c703e2ab0f8d933cfed5d207940502d14d1b88b1a268ceddb3f6df5c03

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
48378
content-type
image/jpeg
ArmoredCoreVI-1.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/ArmoredCoreVI-1.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
6b74aa17ffc4cd7da2000803adb835e527c4cfbac35bcad232066a9c5e20b036

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
56561
content-type
image/jpeg
PSPlusExtraPremiumDecember2023-min-768x431.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/PSPlusExtraPremiumDecember2023-min-768x431.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
3e5246255c91683b8bf94e40d2131bc9a920de20b8297806bcb3a86d9ac8f8f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
54693
content-type
image/jpeg
GodofWarRagnarokValhalla-4-min-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/GodofWarRagnarokValhalla-4-min-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
d3fea3084320dc8251d6fe5f351e961f749b69d5e3492f189391811e7fdf4159

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
46912
content-type
image/jpeg
MarvelsSpiderMan2-2-min-1-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/MarvelsSpiderMan2-2-min-1-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
9d7b696c5bf435061ff7d6511cbba282c19fb74f18fd594630a6cf0db3b68080

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
47100
content-type
image/jpeg
the-lord-of-the-rings-return-to-moria-rxsxh-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/the-lord-of-the-rings-return-to-moria-rxsxh-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
cbd8b71765c8b3a70e9fcbb62767a74142955d751dc63b9420e953e237245a98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
57893
content-type
image/jpeg
Sea-Of-Stars-Surpasses-4-Million-Players-e1702941598843.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Sea-Of-Stars-Surpasses-4-Million-Players-e1702941598843.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
ae0ff766b8551377598aad2576650716630488cca5582b73442d0616e6cc3cc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
74841
content-type
image/jpeg
Shinji-Mikami-Isnt-Interested-In-Working-On-The-Resident-Evil-Series-Again-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Shinji-Mikami-Isnt-Interested-In-Working-On-The-Resident-Evil-Series-Again-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e2b9d6e3e5160f25b3df947565b4c32b3386d9791d4ea8b6abf07748e66fad6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
32787
content-type
image/jpeg
rocksteady-suicide-squad-game-is-called-suicide-squad-kill-the-justice-league-dc-fandome-panel-date-and-time-announced-2-768x431.jpg
hematologistsxoc.com/wp/wp-content/uploads/2020/08/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2020/08/rocksteady-suicide-squad-game-is-called-suicide-squad-kill-the-justice-league-dc-fandome-panel-date-and-time-announced-2-768x431.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
164e1b351e3edc3d8c9027e739ea318e5081e2412a71c5319c00ffe848d1a465

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
30089
content-type
image/jpeg
Prince-Of-Persia-The-Lost-Crown-Has-Gone-Gold-e1702930743169.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Prince-Of-Persia-The-Lost-Crown-Has-Gone-Gold-e1702930743169.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
36cc4465bcbc56aceb2626aff04eb172e2d04afb1db254a6c1415fb8b3fee09e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
78114
content-type
image/jpeg
Suicide-Squad-Kill-The-Justice-League-Leaks-Leave-Fans-In-Disarray-e1702925390878.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Suicide-Squad-Kill-The-Justice-League-Leaks-Leave-Fans-In-Disarray-e1702925390878.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
3f4f9f99f390d55a9f45b6253d359a253c19b89b72ddccee1e1e73133cc5db92

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
57305
content-type
image/jpeg
Predecessor-Key-Art_FINAL-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Predecessor-Key-Art_FINAL-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
60edb1e5ad3cc3b414eb68e5a433dec852b1a830489b182c484e4ce2a36261d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
93773
content-type
image/jpeg
JamesMcCaffrey-min-768x461.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/JamesMcCaffrey-min-768x461.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
abc881cd1633cb8782ad1100a7dcced9cf129f28df9a3e04d1f073f113a7d1fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
40144
content-type
image/jpeg
TheFinals-1-768x402.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/TheFinals-1-768x402.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
b962adab27cd2047136e9554e9ff792035da6abb79c4dffadbc90beb8751cd79

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
38843
content-type
image/jpeg
Persona5-1.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Persona5-1.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
96732415a8b4bad9e057e060d72452df0f0c31a97fe2c66521447660ad2daef7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
68171
content-type
image/jpeg
Subnautica-1.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Subnautica-1.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
29fdc047e398171945256416771e822cc537e2d126a80eb87222b02ebea35055

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
55464
content-type
image/jpeg
FridayThe13thTheGame-1.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/FridayThe13thTheGame-1.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
845a3eda0fe11d3d7059b604603d7be7c8932d4495da9287a79f52520f61fab5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
41838
content-type
image/jpeg
Sable-1.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Sable-1.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
7a9f4ccfb8268a24be863b763efe2b8a7cd275ea6db951aa64881277533832c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
53809
content-type
image/jpeg
BaldursGateIII-2.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/BaldursGateIII-2.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
7edfa82045b6497418c19e6552465bf3fb24408d287f5d09a9408ac996ab04ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
90823
content-type
image/jpeg
SuicideSquadKillTheJusticeLeague-2-768x432.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/SuicideSquadKillTheJusticeLeague-2-768x432.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
b162f6c68f346ecf5a7b1316b910b704205b456b4df07f78a5bec72a8a038b5b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
52771
content-type
image/jpeg
SeaOfStars-1-768x425.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/SeaOfStars-1-768x425.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
152e18945ad4d2f0bbfe50c9a826606ae00d620643662a2ebdb47837276bbedd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
40048
content-type
image/jpeg
PlayStationLogo-1-1-768x432.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/PlayStationLogo-1-1-768x432.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
1921f67a7480eb686ec7bdf4edc8565bba06952de077aa024c4608ce09ce203d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
12653
content-type
image/jpeg
TheLastOfUsOnline-2-min-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/TheLastOfUsOnline-2-min-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
093f21006a9e838ba72cbdb602ae00b7b705b261af4cca2bf51bbf2b2ad6b146

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
63930
content-type
image/jpeg
TheLastOfUsOnline-1-1-768x432.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/TheLastOfUsOnline-1-1-768x432.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
527fb7cab7e18398c2019ef8dddf417c9b9a481d3074260f1bf69c2b51fc3e92

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
55508
content-type
image/jpeg
PlayStation-Studios-And-Friends-Say-Happy-Holidays-e1702683928735.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/PlayStation-Studios-And-Friends-Say-Happy-Holidays-e1702683928735.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
abe6195081819b19e4f5b508eacaa8cb2ef7105b6c53092178d97be5b510eed2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
45499
content-type
image/jpeg
Granblue-Fantasy-Versus-Rising-Review-1-e1702677426784.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Granblue-Fantasy-Versus-Rising-Review-1-e1702677426784.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
3b1f82babc0c606e3d91e6112dc502b58f69ceb553b1a6d567788d27c9720ac1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
47437
content-type
image/jpeg
Hideki-Kamiya-Explains-Why-He-Left-PlatinumGames-e1702672899166.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Hideki-Kamiya-Explains-Why-He-Left-PlatinumGames-e1702672899166.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
0a2624ab101e2b13bc7aaac9d1ec38dddddb90e3387a3ef15355cd36181e80b8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
34463
content-type
image/jpeg
Elden-Ring-Shadow-Of-The-Erdtree-Could-Arrive-February-2024-e1702670798109.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/Elden-Ring-Shadow-Of-The-Erdtree-Could-Arrive-February-2024-e1702670798109.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
a3c424db76a2a07575c0bb0360f02eec621db1707f368e4744b0fa54c8c24290

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
50666
content-type
image/jpeg
MountBlade2Bannerlord-1.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/MountBlade2Bannerlord-1.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
5683732113378107c02329419da2176b5b3e681d2be4b1c5a269e9dbe71fa1d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
64944
content-type
image/jpeg
BaldursGate3-1-768x432.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/BaldursGate3-1-768x432.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
a5097b61069f5fb0c72f5c358ddcedde99d1aa1166c89f461357a7c349e25cf7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
39585
content-type
image/jpeg
TheLastOfUsPart2Remastered-2-min-768x432.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/TheLastOfUsPart2Remastered-2-min-768x432.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
04ced9017f0f5a24b2059c92b277a25cebd8319caa3f3390f300af7d6b371de6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
39501
content-type
image/jpeg
TheLastOfUsOnline-1-768x432.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/TheLastOfUsOnline-1-768x432.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
527fb7cab7e18398c2019ef8dddf417c9b9a481d3074260f1bf69c2b51fc3e92

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
55508
content-type
image/jpeg
DougCockle.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/DougCockle.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
a2a8f88640dd1dce9cb9c5e3b62047f63639115b21c07d9ad4d6c3251cbd0068

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
45001
content-type
image/jpeg
LikeADragonGaiden-1-768x433.jpg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/LikeADragonGaiden-1-768x433.jpg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
76215c3c3fe0770878a151c93ef20252a413b6b69d29573c992708bdc31549cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
31951
content-type
image/jpeg
PS5-2-2.jpeg
hematologistsxoc.com/wp/wp-content/uploads/2023/12/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/uploads/2023/12/PS5-2-2.jpeg
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
9e9de8b805470300611d61c364a8f35e2bbca2068ee2e210f93f7ea7ad83bfcc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
29438
content-type
image/jpeg
ramp_core.js
cdn.intergient.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/ramp_core.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c64439087e84a219ed78b73ce094f38bc91d28f10f94af0608ed7c7ae60eab41

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P4
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-lambda-function
us-east-1.pageos_production:306
cache-control
max-age=600, public, must-revalidate
x-amz-cf-id
7Fv-wczOHZ9hfQnNgj5srYHW0U2UoIgbY7HSen43_nNN7V0g4uYLtA==
comment_count.js
hematologistsxoc.com/wp/wp-content/plugins/disqus-comment-system/public/js/ 		708 B
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hematologistsxoc.com/wp/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
708
content-type
application/javascript; charset=utf-8
front.js
hematologistsxoc.com/wp/wp-content/plugins/embedpress/assets/js/ 		807 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hematologistsxoc.com/wp/wp-content/plugins/embedpress/assets/js/front.js?ver=3.1.3
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
b1bcb6b8216705e7126d9637f51be025195a37b4119355328d86e1ff0b35519c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
807
content-type
application/javascript; charset=utf-8
stickThis.js
hematologistsxoc.com/wp/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/ 		524 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hematologistsxoc.com/wp/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/stickThis.js?ver=2.1.1
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
aa79ae929111a2fad6a54befa4e9158d8be3df0ff5d998cb4dde42d4b26d4da8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
524
content-type
application/javascript; charset=utf-8
main-6083bcef73.js
hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/scripts/ 		192 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/scripts/main-6083bcef73.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
4c3215011bc54f21cd9d6b8c96759c5b177efdd5d111c1d395099700d7106860

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:50 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
197081
content-type
application/javascript; charset=utf-8
page.js
static.addtoany.com/menu/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a41a067d6b8c3c9d9161cbcd63ef437b70029f56e12ad443d247c199d3054b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
725
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"1360f39ce298a46ab4d839930011f62c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jY1TkxJHw54y%2B2y55XYeYr1PSj4ZjEv1Js92f0EqUsxA5ejjnm%2BC1uOE3ZiBs4LJbw7ciGCLt6iQgiBCKjBInrUMne58c725cvT58qJ%2BNZaktqnVYEkteMpRFOvSm5gYhrTAalQU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, stale-while-revalidate=30, public
cf-ray
83a59b07df994bcf-BUF
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1023088/71020/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ae7050527c8098114ecfea1054745909fc497277838b3a743823607b72dbb9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29089
x-xss-protection
0
server
cafe
etag
469 / 19715 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 03:02:27 GMT
prebid.js.br
cdn.intergi.com/prebid/ 		441 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/prebid/prebid.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1023088/71020/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:fa00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbec0abb011cb079a1888271855ba672f6a546f14d4ce795f81ce110beb9704a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 19:30:43 GMT
content-encoding
br
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront)
x-amz-version-id
bZSptxSeUDiPsSmIilCqiRfOIxyi9Ldn
last-modified
Thu, 07 Dec 2023 14:31:35 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
27105
etag
"8dbcd7cbdf5dceb05f53ccb74d2ae477"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
119220
x-amz-cf-id
M0Bek-dKrH885kEHw0gFzZPKLHX5IXHgN-qnw5v0MMw0AqK8NffvJw==
playstation-pattern.png
hematologistsxoc.com/app/themes/psu-foundation/dist/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/app/themes/psu-foundation/dist/images/playstation-pattern.png
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/styles/main-ac21ecea4c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
55d28b3e5a6dac1af7769096cc8b42b6776a0eef7660dbf2e7c0cba16777385e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/styles/main-ac21ecea4c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
4099
content-type
image/png
TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Oswald:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e88658b8f36bddc0a8b1f24a0016ca32bb15c1cd5bd6932057e2018baa52ebe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hematologistsxoc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 04:20:46 GMT
x-content-type-options
nosniff
age
340901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12728
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:49:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2024 04:20:46 GMT
line-awesome.woff2
hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/fonts/line-awesome.woff2?v=1.1.
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/styles/main-ac21ecea4c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
063a952901506e6cbcc2abdd1995ea387e4ae9138993f5517834a75faee165d0

Request headers

Referer
https://hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/styles/main-ac21ecea4c.css
Origin
https://hematologistsxoc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
45108
content-type
font/woff2
pageos.js
cdn.intergient.com/pageos/1.10.29/ 		1 KB
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/pageos.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0e53b6325da9fb22a6fd3e8c9e26e489f5a3946ae21a85e98a60bc408ad80a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:27 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70441
etag
W/"c2cfb6dfb95142a64e1fd76ae689352b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
SmzAVZj41Byiu4yj2l4mbTruf2uJzUtztGwoPdJrS_65ZEca7XkfRw==
runtime.fb34e3885634be3af149.js
cdn.intergient.com/pageos/1.10.29/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/runtime.fb34e3885634be3af149.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4419248bade3a81f5bd3ac9518c012b9d66a6a72ac3e9b3b32150b029afa7b36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70439
etag
W/"3d746e22714ad3d611e9a01c47a322ea"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
u8MFCBvHW2reSFU6CympZTXzLyh9WUbt4kXi7wRqBP3Sm1lgsylUSA==
npm.babel.931f47f9f962263dd357.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.babel.931f47f9f962263dd357.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5b7159b991308f2fd94f48ad5974b3706a59621c213dee55f87512f8ea48075

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:28 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70440
etag
W/"f5c35176b6b2c3f8855694cc611d2cd1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
LPl-hVgQzx_35qKOHQOBv-K7GoRGqrKQv1eUKU6R1R4LOKGfTe12pg==
npm.core-js.117e0ab6d8f5b9d34ba3.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.core-js.117e0ab6d8f5b9d34ba3.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f4b36034f6579da123046b67d4d27d0037ae9bf220aa9a1c68a853ffc62d624

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70439
etag
W/"d93d7ad9d54ce4dfac0620bf650e6439"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
VBHTQWYc2CBR-UebwbOXxpdYC-m-li-Xpo4feXxfdhp3Vw6gwBEsxw==
npm.node-forge.1da8e219198d7508b389.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		274 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.node-forge.1da8e219198d7508b389.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76a9dac2cd4f474abcbc8cf5b09851add3cc839545bf015e718ebb3a7e74266a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:30 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70438
etag
W/"07aa458cdfef8c93152436e3cbca6b52"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
kVup3lpqI5S8TY1EbADu4rGR73-NqUPcpRIC4ok7pts1m--3jXeb2A==
npm.lodash.53693ece8687496b1b3b.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.lodash.53693ece8687496b1b3b.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75691728a1c9acf8b840fd1fd028809b9d08cd068c43f75221dd6651e2e39090

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70439
etag
W/"a906b2362946a4d0157c37c0b5ea6558"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
DPVwVR2_GCpHJ7RWUaKP9od1SSxIpY-4FxqPojgH6Cw3MY2WXqzKnw==
npm.tldts-core.49dcd4988d4852a55563.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.tldts-core.49dcd4988d4852a55563.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d4fa518c70ea18943468b4f5093e6df5cbcc2307cd4efb0dcae6dded5963ec8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70439
etag
W/"0c0f667d012055f06128ec3cfa173b75"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
4EHxBHoCg8gfISG7fPXFR1c5ZWb27v5lv2CoZnRiSwFgH7oxtGuVHQ==
npm.uuid.1ed3e6e8fd2e9ed632ca.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.uuid.1ed3e6e8fd2e9ed632ca.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61791124e32c348e2d914fdc3d400225de1f0f9d2a741bb53ec7c065468dcfe8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70439
etag
W/"8a1fe01817afc854527392c0c9b2b702"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
0lIxyu6Giq37qRGd3QQDlScvl7kuej3wfCT2Oe3-l6Xv3It7S6-Ssg==
npm.tldts.58df92d35064febc5180.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.tldts.58df92d35064febc5180.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c539feb89b124bb756d1bda6c27dc28abb04130d766b5645b1ca3234f4d327f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:30 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70438
etag
W/"e05bf1768d0afb5465c7c4bd50dd38ce"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
Ir0HxNBWJWhMHNQUxfXCymzF35FMTxGwkKbb1pXPNc2Oi-Kw5-LdYA==
npm.ua-parser-js.69879e68322e7080931d.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.ua-parser-js.69879e68322e7080931d.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
804eba2d87e0f54467ba39b62d79252b853e91fd430ca8f142834784bf8a8154

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70439
etag
W/"a117a41826c48e23be2f6b3fec5d9210"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
eJSlMAf0qPe164rLm7Oco7CU3-9Dd7Ip9Naxt1QavpbiMgMrSMetdw==
npm.intersection-observer.bf965418c2b103f16084.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.intersection-observer.bf965418c2b103f16084.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c64b4231b22e466a3938f937fa9ba0a0a747adafcea4f07a0814a81a4e5b1d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:25 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70443
etag
W/"adb426bc30848f4dd346794392d03c80"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
PWONIeGykJ08AFp723NtQ8oprKcUoHtQhtggEKBk4xSZNKhISqe60A==
npm.ieee754.7aca64a358fb19dfd85f.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		1 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.ieee754.7aca64a358fb19dfd85f.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bd0d458b6232554bbf560c1faf1215de00eff3b07d32af68b40ec202464f914

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70439
etag
W/"aaf9244ea6938209edd5ef07176342b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
BAWf7hkxhsKkqQ1pKbKEOpE-moC_0J7yit5mqS7BNKecGumWtdklnw==
npm.buffer.54731ebfae6a175b7898.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.buffer.54731ebfae6a175b7898.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d907657f7138e28542d27bd08c28d794d4d82fbbf13f34ab3ccaea61f84fe4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70439
etag
W/"8847c6637db006b5db32da6899f440ef"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
g8BzwFn3P24qd8-TQB6Edbbp9WQgMRkuAkKfJlP2aQeJNo1daCPYiQ==
npm.base64-js.e1a1780355e1cff93d81.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.base64-js.e1a1780355e1cff93d81.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58111e9341b58618f475848342ae62c313b3d729952a373778d940fdc97f9c0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70439
etag
W/"5dd07f52d5fa24a3bdbe81d5040fa382"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
BP7OS2yqfErrxaK8x48aUae-iWB_jm-Jn9uzx4VUrM-a_64KzjpGQw==
main.04fc3f37606502080be5.js
cdn.intergient.com/pageos/1.10.29/ 		148 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/main.04fc3f37606502080be5.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21849f75dce1c267ca1106443d5aac619e2128aac89eaaf47f81e18ca07f71d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70439
etag
W/"05a8ef2efdbd72a3ac26e027e26e8d14"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
g6JKIQvTDB-6Sgs4SvB3G77JOJYGuLbrmaz3d6DyGLgY_N39TUnKlw==
sm.24.html
static.addtoany.com/menu/ Frame 3F12 		677 B
711 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.24.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
age
1897
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
83a59b085fc34bcf-BUF
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 03:02:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzIIGe9qNOLVuT0r7dv%2BClrIZ8IjAuAS9moZipSnjipUAJtboQ6SWuxbRq8AjBVflNWsqSHB61QJRcnGmgEpcHJrfC%2FttTamlbExeS3uWtukTqf2bBLYEqCR1tZipw%2BuRuSX1FD9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.0lg1QMGN.js
static.addtoany.com/menu/modules/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/modules/core.0lg1QMGN.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03fc7c2991c6ff541ec79af79825f54c15ab7bbea66f5a0c6635300de5e2ffd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hematologistsxoc.com/
Origin
https://hematologistsxoc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"f7a2848ba5154bff921586a6e44f406d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OD2yU5%2FX1jmxZj%2FgUQAnUDnmmGfVVhJQ39ThLB3r028ngdS%2FFaupgWg1mLb7AKNHzK0ckMhZvvqgMU5wwBymnHdpZdJ95BuzNLU91CgSa6GRi9V6EtuA67HDIvnuX5d9wByVRFlrZc%2FMyO5dQW2UI8ok"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
83a59b089b964bc6-BUF
count.js
psudisqus.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://psudisqus.disqus.com/count.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/wp/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.17
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 03:02:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
138
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 19 Dec 2023 16:18:28 GMT
Server
nginx
ETag
"6581c254-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
1S2aHt54Ot_bv9j3k9vCljia1uuaWxWxE6JoQ5b5U2mhDq2morBnmg==
collect
www.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QEJGXRZ2J3&gtm=45je3bt0v9131706422&_p=1703386947690&gcd=11l1l1l1l1&dma=0&cid=1681994010.1703386948&ul=en-us&_geo=1&_rdi=1&_s=1&sid=1703386947&sct=1&seg=0&dl=https%3A%2F%2Fhematologistsxoc.com%2F&dt=PlayStation%20Universe%20-%20PS5%2C%20PS4%2C%20PSVR%2C%20PS%20Vita%20News%20and%20Reviews&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1305
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QEJGXRZ2J3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8F83798HVT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QEJGXRZ2J3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
801bb99d513023d8ba15da886ae92f9dafa9337a376252e6844adbfb1f0ad349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75461
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Dec 2023 03:02:28 GMT
content.html
hb.vntsm.io/ 		32 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:28 GMT
cf-cache-status
MISS
x-amz-request-id
EW8FHW4QJX77MXSX
content-length
32
x-amz-id-2
7IRncy8cqGrqDIw9JborhxpLgMJIcXzL5m6Sz0WEFr8QgbcEK13wwelkgf4qChYEQrrHqA5Albs=
geo
US
geo-subdivision
US-NY
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83a59b0a7d9d4bd8-BUF
5d443c779ad51d436ff8d7e9.enc
hb.vntsm.com/v2/live/ 		69 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/5d443c779ad51d436ff8d7e9.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.42 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c37817d11dd4ef72466eaf2ed36f98f0c2edc8eb97d7b0a843d350e2b7281021
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:28 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
venatus-cdn-hb-rule-version
1.1
strict-transport-security
max-age=300
age
600
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-ip
96.9.249.36
content-length
9340
x-amz-id-2
zkj5w/PxZJInXSGtlXKV85HWcp5/kI8JhcTHSDE/OhgBzu5tYKBWHaNrwRw0Dg+jIG5wa8mzSs0=
x-served-by
cache-dub4331-DUB, cache-yyz4567-YYZ
last-modified
Fri, 15 Dec 2023 17:44:45 GMT
x-timer
S1703386948.179022,VS0,VE169
etag
"ea433f467627cd1ade55efba8cdd6641"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision
x-geo
US
x-cache-hits
2613, 1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 00:25:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
9415
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 23 Dec 2024 00:25:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		65 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hematologistsxoc.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3a9370e1f499de402991f4ab8a0154e48c135a127827b780d3a21e3f41241a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
x-xss-protection
0
expires
Sun, 24 Dec 2023 03:02:28 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-8F83798HVT&gtm=45je3bt0v892168995&_p=1703386947690&gcd=11l1l1l1l1&dma=0&cid=1681994010.1703386948&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703386948&sct=1&seg=0&dl=https%3A%2F%2Fhematologistsxoc.com%2F&dt=PlayStation%20Universe%20-%20PS5%2C%20PS4%2C%20PSVR%2C%20PS%20Vita%20News%20and%20Reviews&en=ramp_js&_fv=1&_ss=1&_ee=1&ep.pageview_id=1703386947708&tfd=1542
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8F83798HVT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoCard.e9a12be02bf0a5088f3e.js
cdn.intergient.com/pageos/1.10.29/ 		554 B
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/videoCard.e9a12be02bf0a5088f3e.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/runtime.fb34e3885634be3af149.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:37 GMT
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70432
etag
"ce3cc474e63b7f656de18953fb710c43"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
554
x-amz-cf-id
3-ij0bYwA9ElJRnGtcVNBwetDbe3hjvW_eiuQn5LBRQ4yLeW1yaSMg==
batchHandler.2df46c486d723860096e.js
cdn.intergient.com/pageos/1.10.29/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/batchHandler.2df46c486d723860096e.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/runtime.fb34e3885634be3af149.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e44bb0945f31eba7a6d9b3bfceddf8601f0f590278bf4fbb5c6b5968648c4b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:28 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70441
etag
W/"3a21b9b20d44f8fbd198ec3c39cafff9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
4P41vb4kJoL6H_NZXydSmYc9fWBgaBWklJessoR_DJBBiVIHbh8L5w==
styles.css
config.playwire.com/1023088/v2/websites/71020/ 		724 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://config.playwire.com/1023088/v2/websites/71020/styles.css
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/main.04fc3f37606502080be5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:bc00:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
096032ee859f5e6a55404f402a3ab0bbccf727246b2e41290e6eb6ebccfab672

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:37:15 GMT
via
1.1 vegur, 1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server
Cowboy
x-amz-cf-pop
JFK50-P3
age
69912
vary
Origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703317036&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=TQ6qLc8T944%2F%2FE1TJ%2FLN9uClcPdE%2F0hDu%2Fdz4dPQzfM%3D"}]}
content-type
text/css
x-cache
Hit from cloudfront
cache-control
public, max-age=86400
content-length
724
x-amz-cf-id
er0s33PTcaK_pkDIfltD5-iEuei5GdiUwVoSnE7D-HYcokBbx_zy8g==
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1703317036&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=TQ6qLc8T944%2F%2FE1TJ%2FLN9uClcPdE%2F0hDu%2Fdz4dPQzfM%3D
iframe.html
cdn.intergient.com/pageos/1.10.29/iframe/ Frame BC21 		498 B
873 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/main.04fc3f37606502080be5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62559016ebda1c53dba450764062fa6a5e716dd217d121a90821cc473fb97243

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
70419
cache-control
public, max-age=31536000
content-length
498
content-type
text/html
date
Sat, 23 Dec 2023 07:28:50 GMT
etag
"29e042a33ab77a24dc0425380c53d7be"
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id
sH4X-n16SHsn9gGsdkHcT73E8twXCNCIeUrxdfJqaUWyFgVyjxYMGQ==
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
USA
impression-inferences-edge-prod.playwire.com/websites/71020/v1/Sat/22/desktop/Chrome/ 		239 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://impression-inferences-edge-prod.playwire.com/websites/71020/v1/Sat/22/desktop/Chrome/USA
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/main.04fc3f37606502080be5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-107.ewr50.r.cloudfront.net
Software
CloudFront /
Resource Hash
d02702b2bb851c27f83ea7e0e1c42d09b932de881a93fa72bb4f18362c13af42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:00:38 GMT
via
1.1 110142bfecf028552c3361846a29130a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR50-C1
age
110
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600, public, must-revalidate
content-length
239
x-amz-cf-id
6P5fEuxu2oacN7ELZIZLuU3LKS3XBoRchbKNGUUnDfS5iqroDGUAQw==
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/main.04fc3f37606502080be5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:54:27 GMT
content-encoding
gzip
via
1.1 22e9d361a9c4153886c1c8aa0eb4ffa8.cloudfront.net (CloudFront), 1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:12 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK50-P3
age
482
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
dadUOffAW4MOPDHwYq1vJYpb9nXWhwh3WPb0f8C9YT_OYWPmWxsKvQ==
nielsen.d2ea0d333dd6c1f47d23.js
cdn.intergient.com/pageos/1.10.29/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/nielsen.d2ea0d333dd6c1f47d23.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/runtime.fb34e3885634be3af149.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:28 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70441
etag
W/"70341af160996aa15aad5fcd74fdda2a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
R6Udq9ml_w14-i769B21Z3mpqx67uvkuM-tCwMgG12LddqkoTgUL_w==
moatheader.js
z.moatads.com/playwireprebidheader597261727146/ 		115 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/main.04fc3f37606502080be5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.210.25 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-210-25.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
84dfaddbf8131076cd650990f063bb5c915dd5f32bbc92b36d3acc99c0333fdf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:28 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:34:08 GMT
server
AmazonS3
x-amz-request-id
FFQHK68HCXBYQ1JZ
etag
"b32f4eb5e53103b6d2c6962c3cfebd65"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=54618
accept-ranges
bytes
content-length
43783
x-amz-id-2
cU9tayFdnXp5mUf5ttAnsOh4clFABfhW1Uo6ocnHB28PYsrQaGHvGAxgCTpa0PJg4vo+QBarEvI=
sync.min.js
tags.crwdcntrl.net/lt/c/17138/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/17138/sync.min.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/main.04fc3f37606502080be5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb5a0b8fcbf1decb1e853e023fe85e46412ff5b0ee8651e9fca53e647ad4db9c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 13:43:41 GMT
content-encoding
gzip
via
1.1 d0bce79fed43d50812383302c31b7430.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 16:08:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
47928
etag
W/"e58ede9df83358c5264710a9117c0471"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
IwINtNDpcGCef37hU2kT17a7VJxDoLBh3rxRROWEi-8wiPmwSnDL4A==
ajax-loader.gif
hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/images/ajax-loader.gif
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/styles/main-ac21ecea4c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
480f5e86198e1ac52312cc345faf38720bb2e301eb626e8a6f637f546e131c32

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/wp/wp-content/themes/psu-foundation/dist/styles/main-ac21ecea4c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:28 GMT
last-modified
Sat, 23 Dec 2023 12:15:53 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
4133
content-type
image/gif
main.js
hematologistsxoc.com/cdn-cgi/challenge-platform/scripts/jsd/ Frame 7073 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hematologistsxoc.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.245.73.198 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e009e2d2af449caf723ed6395aa52c4054759d7e4d35e10b5a4ca9f74699c3f5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:28 GMT
last-modified
Sat, 23 Dec 2023 12:15:51 GMT
server
nginx/1.17.3
accept-ranges
bytes
content-length
7341
content-type
application/javascript; charset=UTF-8
content.html
hb.vntsm.io/ 		32 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:28 GMT
cf-cache-status
HIT
x-amz-request-id
EW8FHW4QJX77MXSX
age
0
content-length
32
x-amz-id-2
7IRncy8cqGrqDIw9JborhxpLgMJIcXzL5m6Sz0WEFr8QgbcEK13wwelkgf4qChYEQrrHqA5Albs=
geo
US
geo-subdivision
US-NY
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83a59b0c4de64bd8-BUF
ats.js
ats.rlcdn.com/ 		110 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-125.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding
gzip
via
1.1 f2d96237236476e7356cfe5344feb776.cloudfront.net (CloudFront)
date
Sat, 23 Dec 2023 08:08:19 GMT
last-modified
Thu, 19 Oct 2023 08:25:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
68050
x-amz-server-side-encryption
AES256
etag
W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
P-Zr204t6PDMik_qkz5OZixhAMyvpC0t-ACgQ7abg2s0Wn8u_MDQaQ==
iframe.js
cdn.intergient.com/pageos/1.10.29/iframe/ Frame BC21 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/iframe/iframe.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/iframe/iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d6ba9f0ef4650d36ec24679ff25d4e8b5a198b726e35a544192305eb9b6f6ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.intergient.com/pageos/1.10.29/iframe/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70440
etag
W/"18272a08d0b7f1b30c4fa4acc25b73cb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
YycMp11GG6O4izHnHd2RGUfPlPUApbqE3qB-euwBaLvZzHDKzqX0pw==
aws-sdk-kinesis.min.js.br
cdn.intergient.com/pageos/js/libs/ 		227 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/batchHandler.2df46c486d723860096e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:28 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 19:02:54 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70441
etag
"575b9635960fa1d9b7ba4dafe1d2e7f5"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
57858
x-amz-cf-id
ldZPtjGaRpUimccfLlL_V2G7k9bSXFemC2DqpH3Z1RGkbMixrn6ohw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 01:34:40 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
5269
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
c0ROhbIsSGrYVuwLoXe98f5EtKwuAeiL4CJa0OnWviGGWUL1m7LBFg==
bd056b42-51db-43ce-9a8e-3b11319b5d1f
config.aps.amazon-adsystem.com/configs/ 		564 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-67.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
4afbf2acf0f7c04bd35576ff5318205980107f927ee3c4ad7725784a98f7f3d4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:55:47 GMT
via
1.1 29117767a034875a8b49afd641f25d82.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P2
age
401
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
Rn9b22f5uhlvn_ScO7w8I27sm3IW2ttCST7sSvUcojRWLphXwzKOaw==
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fhematologistsxoc.com&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
0b945764f409a5cfd72296efcc62d2eb4af033d2a67c1842a16eed73a42f9a69

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 01:34:39 GMT
via
1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
5269
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://hematologistsxoc.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2862
x-amz-cf-id
K5PoDpiH2NFgQMK_zVEjXD6H-dxeR0hFkqlaoym9udvBDnE2sW_u-A==
px.gif
ad-delivery.net/ 		43 B
916 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:28 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABPtcPr6ca6MaNshbrtA8zfTHW_cQGDynG0kyLNs3zleopcpceh4DM41LFahzhYarCpHhujoaZVC6oqPBA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogYvAHJ7KB4fjXMJJLLsHwIpDam%2Bq3lriiB3Yd9Bcw7O%2F0oEXhVGNbUoC7Oh04paQ294b%2F%2BefQEfbT%2B0gxJexSEpxM7%2BbBXzCte11hEtx6LedppqzLXx0l1C2iFpdWr6kSTB%2BNlTLjv9JXQ0lw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
83a59b0e6ce34bc7-BUF
expires
Sun, 24 Dec 2023 03:13:39 GMT
v2
mb.moatads.com/yi/ 		251 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mix2djWwZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-DQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fhematologistsxoc.com%2F&pcode=playwireprebidheader597261727146&rx=450994739280&callback=MoatNadoAllJsonpRequest_56349438
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.52.16 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
a11756d12f15ee66f5bba8b0e3eda45c0b75128d3686ed63183fe4b747ac1cc6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
server
istio-envoy
etag
"ff5aead884e87053affd5514aa665f92c0ea03c5"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
37
timing-allow-origin
*
content-length
251
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.50.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-50-109.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:28 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sun, 24 Dec 2023 03:17:28 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 15:47:08 GMT
content-encoding
gzip
via
1.1 d0bce79fed43d50812383302c31b7430.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
40521
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
du2wC_qyyXbSm3ZtoNXBKZom9GeKIa7BqqacrAyWVRmuppbzfZsjtg==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
KNY29QN45MVGW8S4
age
2860
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83a59b0f29b44bcf-BUF
x-amz-id-2
mBalHHT+POONn3rG2rjjcverig52+u65oL2xnTphyM9XbtgQ8esnFmFV5NAbPDdalZBT7I0zLzM=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.50.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-50-109.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:28 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Sun, 24 Dec 2023 03:17:28 GMT
/
geo.privacymanager.io/ 		30 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-12.ewr53.r.cloudfront.net
Software
/
Resource Hash
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 06:25:31 GMT
via
1.1 7dc4818c830423900ae855831181d2b8.cloudfront.net (CloudFront), 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1, EWR53-P1
age
74218
x-amzn-requestid
34f8ad15-6fce-4bf9-b8c2-bce37a969c21
x-amzn-trace-id
Root=1-65867d5b-1ececa8116651dbb300e3bc3;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
QYiGSFhADoEEoDQ=
content-length
30
x-amz-cf-id
zXEoMn09GVntpIHIQ-91JDp869cthYiIGbZQU9HGGpr8cFtSyPKWPQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
npm.tslib.a525f4431df01363b9dc.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.tslib.a525f4431df01363b9dc.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/runtime.fb34e3885634be3af149.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0056b9e206cc0e68ceb7560a8b32f0edbbb01df097125b75f85866be361be3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70440
etag
W/"967e69fd7d057976c10ee76c74f91d33"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
q9BIfK8px5yHgMNEiH8gS-gy98Uahw6_vKcbnYdfZDYHzu6X2cCl2Q==
npm.fingerprintjs.f1d959000bcb8de9da56.js
cdn.intergient.com/pageos/1.10.29/vendor/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/vendor/npm.fingerprintjs.f1d959000bcb8de9da56.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/runtime.fb34e3885634be3af149.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c894b361bd611c760e0fd7fc99923e77145a91b345d294d0c2b764e8bb29b02a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70439
etag
W/"08aeaf98e3a2c1549eeb327e1de1b1dd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
Ydzs8arWRWEBhyQyKwbKLtl-CqhBQXMhz9yXVytunwlxKVYnafV6Yg==
config.json
config.playwire.com/audience_segments/ 		267 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.playwire.com/audience_segments/config.json
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/main.04fc3f37606502080be5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:bc00:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
157515f54951254d757376e5447d5ca9ef4f71f861689656d4fe2bb7ef441e40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 08:39:13 GMT
via
1.1 vegur, 1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
content-encoding
br
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
JFK50-P3
age
66196
x-cache
Hit from cloudfront
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1703320753&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=7GQEdkrWERcuMp4eYkNiAXzBl7U0TGPY3DpMw0mEmBY%3D
server
Cowboy
access-control-max-age
7200
access-control-allow-methods
GET
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703320753&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=7GQEdkrWERcuMp4eYkNiAXzBl7U0TGPY3DpMw0mEmBY%3D"}]}
access-control-allow-origin
*
content-type
application/json
access-control-expose-headers
hw-country-code
cache-control
public, max-age=600
hw-country-code
US
vary
Accept-Encoding
x-amz-cf-id
av0Oy0Yhhvom3I8hqCyEqz3AS9AeKBM32r3n7OfYs0gEpAy9Xarxzg==
123.ef2b404040af9235900f.js
cdn.intergient.com/pageos/1.10.29/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/123.ef2b404040af9235900f.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/runtime.fb34e3885634be3af149.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58688e3b6c0e8285a9e9a2252bc1ea25a49a3510fbf198519caa315f61d5187d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70440
etag
W/"371a8bcb6bfe9fff5fa49e1b098651be"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
b0Wn26xexTKshThj6Ecx-MOhoSDbfC2zxEcw3_vBRY7VhNhfQ4hCcA==
script
carbon-cdn.ccgateway.net/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://carbon-cdn.ccgateway.net/script?id=hematologistsxoc.com&parentId=5bb3e20859
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-91-215-149.compute-1.amazonaws.com
Software
/
Resource Hash
da07e9a9eb3a5cc11ce9390e2e16ad61add709f4ec7bb2d99935f88d9cf8d2eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
cache-control
private,max-age=900
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
392.0dca8d686b62772b8ddf.js
cdn.intergient.com/pageos/1.10.29/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/392.0dca8d686b62772b8ddf.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/runtime.fb34e3885634be3af149.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d51a0d59102580d344430382426c071607c31f319b4753d4c0730761cd28c8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:29 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70440
etag
W/"fc23f3dfa21f08c491aa3ca0581db846"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
YGELpUT2bDA913dUSQNBX2kw8wjJDiP6mK-uXWNahYyZ9wn4nUEGRw==
trendiVideo.6ba975a6d786595ece89.js
cdn.intergient.com/pageos/1.10.29/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.29/trendiVideo.6ba975a6d786595ece89.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/runtime.fb34e3885634be3af149.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:b600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f825b6412127a791a0c94fc9c1607def12326ed8422ab48b95c5ced4d11aae5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:28:31 GMT
content-encoding
br
via
1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
70438
etag
W/"b0f1d748abc6fc480fe66c9a3cf4db30"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
bERWaqxME4tr_eCHbZe8mLTiztLYfC7wvNs1973W1K4GFvR1sNjXHA==
tyche.js
cdn.intergi.com/hera/releases/4.10.4/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.4/tyche.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/main.04fc3f37606502080be5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:fa00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee646a16b300650f87e8e31e484dd268861c8b2b3dc0bbd72b43fbe5f520f09d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:58:04 GMT
x-amz-version-id
XUvNncH10a0y.1cc3IXYDCBpq33y4v4T
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
176665
etag
"66a8694e1261fe258942fb27113c2247"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
930
x-amz-cf-id
zD4ODrxlcuWMAQueVG6x3_7xGHQ2PlAA8XZjKqIPgEy44xJHwpZTwQ==
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://idsync.rlcdn.com/712453.gif?partner_uid=user_2d474c46-c25c-412c-8ae0-f257d6a857cf_1703386948883
  • https://idsync.rlcdn.com/1000.gif?memo=CIW-KxJDCj8IARDptAoaN3VzZXJfMmQ0NzRjNDYtYzI1Yy00MTJjLThhZTAtZjI1N2Q2YTg1N2NmXzE3MDMzODY5NDg4ODMQABoNCMW-nqwGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=d5ab3ef661e2078861d7ee513c9b710e1fe15072c98483f768e22b4fa03fccca791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d5ab3ef661e2078861d7ee513c9b710e1fe15072c98483f768e22b4fa03fccca791426b5417dce21&rand=09823624
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d5ab3ef661e2078861d7ee513c9b710e1fe15072c98483f768e22b4fa03fccca791426b5417dce21&rand=09823624&expected_cookie=c63f001b-2e4b-4eae-8f56-6d1327dacc7d
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=d5ab3ef661e2078861d7ee513c9b710e1fe15072c98483f768e22b4fa03fccca791426b5417dce21&rand=09823624&expected_cookie=c63f001b-2e4b-4eae-8f56-6d1327dacc7d
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 92AF718E1D4147ECA9B0D5C9948D3E44 Ref B: EWR311000101021 Ref C: 2023-12-24T03:02:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNOK4OfgPu6c1kfZzFfg==

Redirect headers

date
Sun, 24 Dec 2023 03:02:29 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2ECF3F9375F249A1BCF80B4056836AC2 Ref B: EWR311000101021 Ref C: 2023-12-24T03:02:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=10339&puuid=d5ab3ef661e2078861d7ee513c9b710e1fe15072c98483f768e22b4fa03fccca791426b5417dce21&rand=09823624&expected_cookie=c63f001b-2e4b-4eae-8f56-6d1327dacc7d
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNOK4Lo3O1aM8bkWgb2g==
/
ps.eyeota.net/pixel/bounce/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=m51mh00&t=ajs&uid=user_2d474c46-c25c-412c-8ae0-f257d6a857cf_1703386948883
  • https://ps.eyeota.net/pixel/bounce/?pid=m51mh00&t=ajs&uid=user_2d474c46-c25c-412c-8ae0-f257d6a857cf_1703386948883
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=m51mh00&t=ajs&uid=user_2d474c46-c25c-412c-8ae0-f257d6a857cf_1703386948883
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
1ca0c1365f17447e34b7d0baf8684ac2b3fab17ba4cb728aab5f7ca66970ad37

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
application/javascript
Date
Sun, 24 Dec 2023 03:02:29 GMT
Content-Length
1211
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=m51mh00&t=ajs&uid=user_2d474c46-c25c-412c-8ae0-f257d6a857cf_1703386948883
Date
Sun, 24 Dec 2023 03:02:29 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
map
bcp.crwdcntrl.net/6/ 		115 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/17138/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.234.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-234-246.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2e5f9d1e4098f2aa81e777d1a16879c32ee944a039fb1f09c8b4bac6327ce5bb

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:29 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache
x-server
10.40.2.160
access-control-allow-credentials
true
content-length
115
expires
0
map
bcp.crwdcntrl.net/6/ 		156 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.234.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-234-246.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ff5213f3dc3bcf8ff080cd7e7fb64e77d3667f037add7576806d660da752827a

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:29 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache
x-server
10.40.7.7
access-control-allow-credentials
true
content-length
156
expires
0
runtime.453bc0175ba4fb0dbae9.js
cdn.intergi.com/hera/releases/4.10.4/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.4/runtime.453bc0175ba4fb0dbae9.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:fa00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d614edeac6f54e693b67dbace5e6c59e582a74982c882cbbd0693b760d5bb37a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:40:48 GMT
x-amz-version-id
OrIm431ioWAQ1JkLXeGBuztZVwy2VMeE
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:26:22 GMT
server
AmazonS3
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
etag
W/"4d479eba63c273a73aabdd788dc71b20"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
303702
x-amz-cf-id
Zfr77HIENTr_-ngS1ykP_9LVFLD50dfIctrcUiPdCy_KfvLvv-1WPA==
npm.core-js.0febe481e216d32cc862.js
cdn.intergi.com/hera/releases/4.10.4/vendor/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.4/vendor/npm.core-js.0febe481e216d32cc862.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:fa00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d150a2f5a244e0ae65f42f6d7d9f60c8ba403524b0f398fcae2984e0c606d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:47:18 GMT
x-amz-version-id
NZLkbBY.qmOW2cFy_UOa97EnNBazar4N
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:26:22 GMT
server
AmazonS3
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
etag
W/"a290cc5d3b6fa9fd7d9ddcde337cad1d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
303312
x-amz-cf-id
7WMsQnWr5gKI1gmWNlEDp_O8W3Mcl1Zwf4rLw4tQ6Hi70SbFdtBP0w==
npm.babel.710695bfdff5d3f32c7c.js
cdn.intergi.com/hera/releases/4.10.4/vendor/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.4/vendor/npm.babel.710695bfdff5d3f32c7c.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:fa00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8c69eade84d852ca05c160dd196bf2f8ce92082e81eb4182f6ee76fbcd12cae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:47:18 GMT
x-amz-version-id
hYD7jEyUGdU3T8po6FGpEo_EBXoJ5GuF
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:26:22 GMT
server
AmazonS3
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
etag
W/"fa4730175a98f5d8dfcead93ebdeeb5b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
303312
x-amz-cf-id
NJnuBUu0wm16mxpyJR6KhOW2Y3jH3SrjWleUv--Kht2gHP-KheMtlw==
npm.lodash.4f9a9c517903a550f8ca.js
cdn.intergi.com/hera/releases/4.10.4/vendor/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.4/vendor/npm.lodash.4f9a9c517903a550f8ca.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:fa00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff535025543261ff945ed6ef924a7fa83ab5d8c45d5ecda5443f0e41ba376651

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:47:18 GMT
x-amz-version-id
.OaQBQElagAgfMQiYXLbMbuQGg2QaN2g
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:26:22 GMT
server
AmazonS3
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
etag
W/"b06b9cf7e43cb99c4e91e088aef6e120"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
303312
x-amz-cf-id
h8fahnpfyCikMK6S0yjntAv8ItiQj0qK1BHnK1zoMTZsdb5S79Rt0A==
npm.intersection-observer.8a75150af1963d7509be.js
cdn.intergi.com/hera/releases/4.10.4/vendor/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.4/vendor/npm.intersection-observer.8a75150af1963d7509be.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:fa00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6802e8a7ef65daf42c9cbaedb523345b796d33754e13f336d5e8e26ef75069e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:47:18 GMT
x-amz-version-id
Zm7lw4jmcmABEkCbJExFv_dt_dNKgU2n
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:26:22 GMT
server
AmazonS3
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
etag
W/"ab837a362b73121a34607781a8dbb5f4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
303312
x-amz-cf-id
smzEk4JGd6brw3xvViYBTGaDaWiWQu_ygJ6KUEJ6kpEOY4QrZ2i3eg==
635.77549019adbd2a9c886a.js
cdn.intergi.com/hera/releases/4.10.4/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.4/635.77549019adbd2a9c886a.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:fa00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b24b986f8a5332274f4088dfcc3b5c309f78a0e104d908ca425e7bba73fecc38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:47:18 GMT
x-amz-version-id
xrpVyqYhB.167.Ujqn73ZQ4OA3_gw.oe
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:26:22 GMT
server
AmazonS3
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
etag
W/"17c5dcc859da46289077ffde25c84de4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
303312
x-amz-cf-id
_tqoldsiJ1roZiNorvd-stGFzw7ZdZs9IUzak8AHF8jIjgtBk9XapA==
main.3e8190c2ca70a96bb73f.js
cdn.intergi.com/hera/releases/4.10.4/ 		175 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.4/main.3e8190c2ca70a96bb73f.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:fa00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
678884f5dc34dd9d9f69c78fd08d6e95ba39a309195b4687e5c5971f2d55899f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:47:18 GMT
x-amz-version-id
B3l43x8dVf.cXbPtsz_Os8UYHQh_R3mj
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:26:22 GMT
server
AmazonS3
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
etag
W/"3249ab43b3a2d926c563e3f6b900f11e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
303312
x-amz-cf-id
WasJXxW0lbOh_XoiaTLG7DlBLwtdBkNrN6Dk540_9Kkis1TpleIOng==
lib.982ce9ee65976d7dc535.js
cdn.intergi.com/hera/releases/4.10.4/lib/ 		172 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/hera/releases/4.10.4/lib/lib.982ce9ee65976d7dc535.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.4/tyche.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:fa00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ec766ac6273cc95e1764ae0ae6889f310849d1d31f159526dcdd7a6cad9c4db

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:47:18 GMT
x-amz-version-id
g2A0FOMJDuFol5FdJJoQFeQ8KCZ_Yk0H
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 14:26:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
303312
etag
"83613d6af41ebdea6c0dd716e45457be"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
172
x-amz-cf-id
mrt3ZIf7pZK2WQqwaqdHjaEfJy2woJ1FO-HJf6nTYFwOaKLEOkMxhg==
embed.js
cdn.playwire.com/bolt/js/zeus/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt/js/zeus/embed.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/trendiVideo.6ba975a6d786595ece89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
46c99639a315e170f68f3debe5558a17ec639f3921c12fb1623b5e6aba5e6647

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
content-encoding
br
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-C3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=600, public, must-revalidate
x-amz-cf-id
MLox9Z_zRbPFyOsLqxm0JLCk82LiGzTNfdx0y93Iuq3on9OvAl9y_w==
profile
fingerprinter-production.herokuapp.com/visitors/c95e9ef2dabaab51a916d4b4a18c6b69/ 		32 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fingerprinter-production.herokuapp.com/visitors/c95e9ef2dabaab51a916d4b4a18c6b69/profile
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.29/main.04fc3f37606502080be5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.58.209 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-58-209.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
d8ceffe128c59833e7b25427d61f97415c24d085e152f6b33b3884d09badced6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 03:02:28 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server
Cowboy
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703386949&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=0E7BxOm1Q5UQKNF1Knzv8cSeg8oi5uDfz15Esh8qPNU%3D"}]}
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Vary
Origin
Content-Type
application/json
Connection
keep-alive
Content-Length
32
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1703386949&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=0E7BxOm1Q5UQKNF1Knzv8cSeg8oi5uDfz15Esh8qPNU%3D
script.js
cadmus.script.ac/d1oykxszdrgjgl/ 		129 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c63cc618de0f54dfc0a0af374aba9dc4e4e4d67d43a02162ea4e5fab90a3c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
content-encoding
gzip
last-modified
Wed, 20 Dec 2023 16:21:21 GMT
server
cloudflare
age
0
etag
W/"dc70fe6d240944175a1cc70996f1d2176dea2ac6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
83a59b10ce2e4bcc-BUF
static.min.js
cdn.exelator.com/build/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.exelator.com/build/static.min.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-125.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a84968788428f98d340f10ada89ecab924a68eea26aaafc0c424edc981a7697e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
13EhbDJXZCAdYoXnSII.9TQPnQd89SiV
content-encoding
gzip
via
1.1 e3d2c542026df7b9357e3b591c889f64.cloudfront.net (CloudFront)
date
Sun, 24 Dec 2023 01:49:07 GMT
last-modified
Mon, 05 Sep 2022 22:25:32 GMT
server
AmazonS3
x-amz-request-id
W88SC2YP0QVN310W
x-amz-cf-pop
JFK52-P3
etag
W/"a427037ef1482423da13ad8bf262d61a"
age
4403
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
XYFgGbChPH0Y8CLIbDk_PcIG3hqHbUDuTYF9a6rVuTtHohMOBWp8aA==
x-amz-id-2
8tnvSnl+EPYjP3IRz41t6OGZt2Y0nO2VA483Mb9g5b7q57iMpH5YW7quRDgIHeANkpiNSjjBfhg=
px.js
p.cpx.to/p/13058/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/13058/px.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.27.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-27-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
961813c2cc407cc2f799d1d4b17e1bb11730d890608625f8b74513143614f9b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
cache-control
public, max-age=2419200
content-length
4396
content-type
application/javascript; charset=UTF-8
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 31 Dec 2023 03:02:29 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.50.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-50-109.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Sun, 24 Dec 2023 03:17:29 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.intergi.com
URL: https://cdn.intergi.com/hera/releases/4.10.4/main.3e8190c2ca70a96bb73f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Sun, 24 Dec 2023 03:02:29 GMT
prebid
id5-sync.com/api/config/ 		135 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
b7feb2ccb750c6afdae8a8baea473cd146c12aa3d943276680cde314005d2cd5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		152 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=17262
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.234.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-234-246.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
863a2908ba3a521f1a8ddbf98941b6ccec7e7d630e6fe32ec4d5610f36f068c2

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:29 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache
x-server
10.40.8.231
access-control-allow-credentials
true
content-length
152
expires
0
f
fid.agkn.com/ 		130 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2104320612&r=https%3A%2F%2Fhematologistsxoc.com%2F
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.189.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-189-193.compute-1.amazonaws.com
Software
AAWebServer /
Resource Hash
d8ea000d44aee5be5ae2e512242b63591f1542c4025f9da0e9783ad302b95620

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:29 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
130
expires
0
classification
pogo.ccgateway.net/v1/p/5bb3e20859/ 		62 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pogo.ccgateway.net/v1/p/5bb3e20859/classification?url=https%3A%2F%2Fhematologistsxoc.com%2F
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-237-175-195.compute-1.amazonaws.com
Software
/
Resource Hash
37d54ce9d8fdcf4ed78ed03153d57e8e80d5b5841c1b76c74f8a6a3534e140ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:29 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
content-type
application/json
audience_segments
fingerprinter-production.herokuapp.com/visitors/c95e9ef2dabaab51a916d4b4a18c6b69/ 		25 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fingerprinter-production.herokuapp.com/visitors/c95e9ef2dabaab51a916d4b4a18c6b69/audience_segments
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.58.209 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-58-209.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
6c51d463706b61b30554907747d95ff62188a36783b1a3bf949c7fbc193e79e2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 03:02:28 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server
Cowboy
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703386949&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=0E7BxOm1Q5UQKNF1Knzv8cSeg8oi5uDfz15Esh8qPNU%3D"}]}
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Vary
Origin
Content-Type
application/json
Connection
keep-alive
Content-Length
25
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1703386949&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=0E7BxOm1Q5UQKNF1Knzv8cSeg8oi5uDfz15Esh8qPNU%3D
7.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/ 		172 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/7.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt/js/zeus/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a83b69c4d61363d1a637b939e0f5b9ce4a6146959ae3a4bdf39f535f4c936128

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:08 GMT
x-amz-version-id
FdossolYzPXCIZ06.h7vbQQIRnMGR8TA
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:15 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"16ca7473fcf2676a6f41e7a8602f2172"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304282
x-amz-cf-id
eC1u6zWEAWot6gzQ68deP6UU5if6dzY5pLDicLMqc0hcPXMW7ha7gQ==
user.js
script-api.ccgateway.net/script/launcher/2/ 		2 KB
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/script/launcher/2/user.js
Requested by
Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=hematologistsxoc.com&parentId=5bb3e20859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-91-215-149.compute-1.amazonaws.com
Software
/
Resource Hash
a11d3b4b6f2902037c365146ff80b5bf95923f3176f1a827355e45177314d423

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
cache-control
private,max-age=604800
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
userId
script-api.ccgateway.net/ 		225 B
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/userId
Requested by
Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=hematologistsxoc.com&parentId=5bb3e20859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-91-215-149.compute-1.amazonaws.com
Software
/
Resource Hash
bb6be47e0aa1e85333d196449e2eef7dc536b8718363e3aa3872a8477a3ebb35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
cache-control
private,max-age=3156000
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
api.js
script-api.ccgateway.net/script/launcher/5/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/script/launcher/5/api.js
Requested by
Host: carbon-cdn.ccgateway.net
URL: https://carbon-cdn.ccgateway.net/script?id=hematologistsxoc.com&parentId=5bb3e20859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-91-215-149.compute-1.amazonaws.com
Software
/
Resource Hash
67942c522b8f0e187f291d3dde230596fa526a323a9f50a0d667b6956839d98e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
cache-control
private,max-age=604800
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1471:17::1140 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://hematologistsxoc.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Sun, 24 Dec 2023 03:32:29 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=60b38027-9256-4e4c-9c17-a4e547150eb1&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=60b38027-9256-4e4c-9c17-a4e547150eb1&bid=1e2n4ou
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:29 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?uid=60b38027-9256-4e4c-9c17-a4e547150eb1&bid=1e2n4ou
date
Sun, 24 Dec 2023 03:02:29 GMT
server
Kestrel
content-length
191
match
ps.eyeota.net/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mm92XzNNc2Q0RmhRUGRtejRydml0azZzay1kM3k4dWZzLXlxTFVfMW8yRTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mm92XzNNc2Q0RmhRUGRtejRydml0azZzay1kM3k4dWZzLXlxTFVfMW8yRTQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_gid=CAESEFRLDnE4CQYTIjZjlDA7kes&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_gid=CAESEFRLDnE4CQYTIjZjlDA7kes&google_cver=1
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:29 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=m51mh00&google_gid=CAESEFRLDnE4CQYTIjZjlDA7kes&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-DRPS6F1E2pWgtMC.Hkc5O5JGIemBrisjzUg-~A
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-DRPS6F1E2pWgtMC.Hkc5O5JGIemBrisjzUg-~A
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:29 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-DRPS6F1E2pWgtMC.Hkc5O5JGIemBrisjzUg-~A
date
Sun, 24 Dec 2023 03:02:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
ps.eyeota.net/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00
  • https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3Dm51mh00&_test=ZYefRQAJNFXoKgBd
  • https://ps.eyeota.net/match?uid=ZYefRQAJNFXoKgBd&bid=0rijhbu&referrer_pid=m51mh00&_test=ZYefRQAJNFXoKgBd
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=ZYefRQAJNFXoKgBd&bid=0rijhbu&referrer_pid=m51mh00&_test=ZYefRQAJNFXoKgBd
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:29 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by
cache-yyz4541-YYZ
pragma
no-cache
date
Sun, 24 Dec 2023 03:02:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1703386950.647152,VS0,VE0
x-cache
HIT
location
https://ps.eyeota.net/match?uid=ZYefRQAJNFXoKgBd&bid=0rijhbu&referrer_pid=m51mh00&_test=ZYefRQAJNFXoKgBd
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
match
ps.eyeota.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3Dm51mh00
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526referrer_pid%253Dm51mh00
  • https://ps.eyeota.net/match?uid=1168756271806296904&bid=2cr76e1&referrer_pid=m51mh00
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=1168756271806296904&bid=2cr76e1&referrer_pid=m51mh00
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:29 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:29 GMT
an-x-request-uuid
e2332fe5-96ac-4a35-93a7-ff36d71816ab
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ps.eyeota.net/match?uid=1168756271806296904&bid=2cr76e1&referrer_pid=m51mh00
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hematologistsxoc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 24 Dec 2023 03:02:29 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rules-p-Hwnr8j7tWA3Nu.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:e400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 02:20:34 GMT
content-encoding
gzip
via
1.1 2f04b33f21912079fa9d6afaee0c5dd0.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2516
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 23:45:13 GMT
server
AmazonS3
etag
W/"25e2d4f54b5bb37c6c82b554454ef41a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
yPT5MjAcx-zmndVfdRBHCYenTeKlhHbCHPLIofBtimqY2arfbPpG8g==
getuidj
ib.adnxs.com/ 		11 B
574 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:29 GMT
an-x-request-uuid
227f99a7-2bce-495b-a336-3c3c62dccf0b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rid
match.adsrvr.org/track/ 		109 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
2585a5956c53405fab851d3d9d3ab6040ebdce6d06fc28d9bdda06d721506267

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hematologistsxoc.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 23 Jan 2024 03:02:29 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.210.25 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-210-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:29 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Dec 2023 03:02:29 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		697 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1259344902462092&correlator=468770599672007&eid=31080123&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A121113066%2CVM_5d443c779ad51d436ff8d7e9&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C4x4&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703386949608&lmt=1703333738&adxs=1515&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhematologistsxoc.com%2F&vis=1&psz=970x-1&msz=970x-1&fws=1024&ohw=0&ga_vid=1681994010.1703386948&ga_sid=1703386950&ga_hid=1760994325&ga_fc=true&dlt=1703386947114&idt=1467&prev_scp=hb_pb%3D0.11%26hb_adid%3D5d443da494fc8910b6354c43-1010%26hb_iv%3D1%26sv%3D1%26re_ve%3D8e148798-v7.35.0%26pg_ld_id%3De88ba153-2eda-4d1d-8932-126d7388ee68%26mo%3Dscan%26ac_id%3D5d443c436ab8da237ffd4fb4%26si_id%3D5d443c779ad51d436ff8d7e9%26pl_id%3D5d443da494fc8910b6354c43%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-12-15%252017%253A44%253A42%26ta_si%3D728x90%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3De1166ce8-3c6e-48a2-a0c3-890273cf065a%26tpcs%3Dunknown%26to_sp%3D1&cust_params=pf_src%3Dml%26amznbid%3D0%26amznp%3D0%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26salad%3Dkale%26dd%3Draspberry%26di%3Dpineapple%26vd%3Draspberry%26vi%3Dpineapple%26sitecont_cat%3Dgames_hardcore%252CPlayStation%26tyche_code%3D4.10.4%26pageos_code%3D1.10.29%26k1%3D17%26k2%3D62%26k3%3D30%26k4%3D2%26k5%3D1%26k6%3D0%26k7%3D8%26hour%3D17%26day%3DSaturday%26OS%3DWindows%252010%26browser%3DChrome%2520120%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.10.4%26kver%3Dv3%26ab_test%3Dna_A%26ad_clicker%3Dfalse%26user_id%3D1681994010.1703386948%26session_id%3D1703386948%26pageview_id%3D1703386947708%26page_focus%3Dtrue&adks=1560129403&frm=20
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38e1971b954a0a070e84771d8b4dcaf47bbee838b3e75cd0c71ab87c3f16c8d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
338
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4a62df8e5e0b2c9e3e33684ec34aacad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E72 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4a62df8e5e0b2c9e3e33684ec34aacad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 03:02:29 GMT
expires
Mon, 23 Dec 2024 03:02:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
8717e05e0ba09338a30278e8f68211f64eef901a26d12ffbf3c113b3d18ae0d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
edgekit.min.js
cdn.edkt.io/rNn9xk/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/rNn9xk/edgekit.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
52edb8a053b824a4bf919e8489aadd1420d86f20b6d622d7188ee5aa5e955d91

Request headers

Referer
https://hematologistsxoc.com/
Origin
https://hematologistsxoc.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 22:33:19 GMT
content-encoding
gzip
age
16150
x-guploader-uploadid
ABPtcPpdvDzr__QJQN9qkAj57zIxFxll1qDKO-G7m1-Asyt3Yeeq3bawm6jCKSW4UX8Wu4IpTu-R0VzSrFvpn5Z0YFJWnA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7874
last-modified
Wed, 20 Dec 2023 18:07:58 GMT
server
UploadServer
etag
"ca3331c8da5854fb047074298f911730"
x-goog-generation
1703095678379268
x-goog-hash
crc32c=/eqo/g==, md5=yjMxyNpYVPsEcHQpj5EXMA==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
7874
accept-ranges
bytes
expires
Sun, 24 Dec 2023 22:33:19 GMT
localstore.js
script.4dex.io/ 		483 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 03:02:29 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2317654
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxldgRTtTdZyiPTL8aG4wb9YKuBeHF%2FC8jYbjb26tglFqPFDa8dYFRlz5CCOQsGZevR6wRlcpFE1%2BSDZMrvZi6TsahEcQEdXuzCsaY18WJou2gL%2FYUzTisAkexG28DfIvIEdhpQVY0vwBJtv"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
83a59b14cd374bcd-BUF
track_enc
track.venatusmedia.com/dual/ 		16 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.47.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-47-73.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:29 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
pre_content.json
config.playwire.com/1023088/v2/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://config.playwire.com/1023088/v2/pre_content.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:bc00:1a:1459:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
902b9468500abc448d2b33bf4aa7c87baaa7f6bdee47d35d3cb026a9965cf2eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 07:23:31 GMT
via
1.1 vegur, 1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
content-encoding
br
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
JFK50-P3
age
70738
x-cache
Hit from cloudfront
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1703316211&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8OIZW5Yg%2Byg1xPxDdyygMTQxJAwipn9yXFmi1xo5XAc%3D
server
Cowboy
access-control-max-age
7200
access-control-allow-methods
GET
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1703316211&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=8OIZW5Yg%2Byg1xPxDdyygMTQxJAwipn9yXFmi1xo5XAc%3D"}]}
access-control-allow-origin
*
content-type
application/json
access-control-expose-headers
hw-country-code
cache-control
public, max-age=600
hw-country-code
US
vary
Accept-Encoding
x-amz-cf-id
8FQqM0CXcfOWExPJRLe3Be8NXVV5Dg1pGK3Azd7c00BhYXs4C91ZLg==
fire.js
s.cpx.to/ 		45 B
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=13058&url=https%3A%2F%2Fhematologistsxoc.com%2F&hn_ver=72&fid=c66b6aac-81b5-407d-81b1-0dda14ad81c0&dsp=pub_common&dsp_uid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&dsp=TTD&dsp_uid=abed8f56-b7f0-4ae7-b17f-4fa974ca40c7
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.139.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-139-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ddce7e25f2a9edf200e6fed5e587dc34d5fb77af40bbf72c1b3977f0f99b6fe4

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:30 GMT
access-control-allow-credentials
true
expires
Sun, 24 Dec 2023 03:02:30 GMT
content-length
45
vary
Origin
p3p
CP="NOI DEV ADM"
bundle
script-api.ccgateway.net/script/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/script/bundle?id=hematologistsxoc.com&parentId=5bb3e20859
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-91-215-149.compute-1.amazonaws.com
Software
/
Resource Hash
6bde823fd23d9b0171f67c1516cb37ea54b162cafaf0bc31414c360f8cd51f18

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
cache-control
public,max-age=1200
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
pixel;r=1207265869;rf=0;a=p-Hwnr8j7tWA3Nu;url=https%3A%2F%2Fhematologistsxoc.com%2F;uht=2;fpan=1;fpa=P0-1412044388-1703386949503;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=he...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1207265869;rf=0;a=p-Hwnr8j7tWA3Nu;url=https%3A%2F%2Fhematologistsxoc.com%2F;uht=2;fpan=1;fpa=P0-1412044388-1703386949503;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=hematologistsxoc.com;dst=0;et=1703386949688;tzo=600;ogl=;ses=ecd2bb72-a0b0-4c7b-9109-bc91b6536ab7;mdl=
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
1.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/1.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c35177c068c145f522b6efebff3ea9bfe10ecf4a9f6bd18a7debfd4bef91cdb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:09 GMT
x-amz-version-id
MTn1KERLlrf4_6kUrgAqcHSW28wxaVB2
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:15 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"63234423ebabd476916f442909d2ed02"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304281
x-amz-cf-id
sDLPXs_bohn3FcTt_0hvxYZ3y8gHDMqpYzZeEE8nQD8botrJCPsm6g==
location
privacy-location-edge.ccgateway.net/privacy/ 		5 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy-location-edge.ccgateway.net/privacy/location
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-237-175-195.compute-1.amazonaws.com
Software
/
Resource Hash
1c55d9b826e8dfa994370e306ae8dc2e849f3e003381dc848a0b95f782c0c0e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Dec 2023 03:02:29 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
xhr
pre.ads.justpremium.com/v/2.0/t/ 		52 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1703386949843
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.24.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-24-130.compute-1.amazonaws.com
Software
/
Resource Hash
bd4fe2dc43b282c793d8d6416a3a2ae77d993b24863eb7cea3ed1ad15b46735c

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:30 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
frame.html
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		1 KB
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5b945f7c5e7974cecbce00308034a7fb43515ddbb572fe923e6c8e74e726695

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
304282
cache-control
public, max-age=31536000
content-encoding
br
content-type
text/html
date
Wed, 20 Dec 2023 14:31:08 GMT
etag
W/"b431c498e08deca7853cb2b1f0c7243e"
last-modified
Wed, 20 Dec 2023 14:27:15 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-id
6P6nHiumfi4pHDzlS8LD0_A36m-OVzsW7jF855w6lej_odnkgTQb_A==
x-amz-cf-pop
EWR53-C3
x-amz-server-side-encryption
AES256
x-amz-version-id
X_oCCgQQhhvnplz75YtwnnlShQTbjRln
x-cache
Hit from cloudfront
script-load
tag-api-2-1.ccgateway.net/v1/event/record/ 		42 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag-api-2-1.ccgateway.net/v1/event/record/script-load?engttl=60&engcount=0&engid=76442ac644574111892eaf7ae5bce0ec&cns=&cns=&cn2=&cn1=&accountid=43ce7925-afb8-48af-896b-d9aabce331a7&landing_url=https%3A%2F%2Fhematologistsxoc.com%2F&utm_source=&utm_content=&utm_term=&utm_medium=&utm_campaign=&pageViews=1&prevPvid=274ef77f2a034549a11560d884af46e2&url=https%3A%2F%2Fhematologistsxoc.com%2F&curReferer=https%3A%2F%2Fhematologistsxoc.com%2F&extReferer=https%3A%2F%2Fhematologistsxoc.com%2F&APPNEXUS=&GLAM-SID=0b405c49e8c44096a3dbf254ecc191db&GLAM-JID=e68011a275dc4f9faf664a6143deefd2&GLAM-AID=f90092d27ffd4bdbbdbd3fd779bbe59f&pvid=274ef77f2a034549a11560d884af46e2&ccuid=99a49291-143b-48b9-8305-0899021c365d&sid=656b1859-7611-44a4-b23e-70f53d788f32&nct=1703386949000&r=&ns=true&lang=en-US&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&title=PlayStation%2520Universe%2520-%2520PS5%252C%2520PS4%252C%2520PSVR%252C%2520PS%2520Vita%2520News%2520and%2520Reviews&devicefp=96.9.249.36%3A2&browserCache=true&localCache=false&cookieType=0&nocookies=true&ios=false&parentId=5bb3e20859&scriptId=hematologistsxoc.com&skey=06694474-03fc-4c44-b40e-f8ca94ab65b6&url=https%3A%2F%2Fhematologistsxoc.com%2F
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-91-215-149.compute-1.amazonaws.com
Software
Atreugo /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
content-encoding
gzip
server
Atreugo
vary
Origin, Accept-Encoding
content-type
image/gif
access-control-allow-origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
setUser
script-api.ccgateway.net/ 		0
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script-api.ccgateway.net/setUser?parent=5bb3e20859&site=hematologistsxoc.com&ccuid=99a49291-143b-48b9-8305-0899021c365d&ccsid=656b1859-7611-44a4-b23e-70f53d788f32
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.91.215.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-91-215-149.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
cache-control
private,max-age=300
content-length
0
content-type
text/javascript
zeus_boot.f8ba654721b7cf134a55.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		134 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_boot.f8ba654721b7cf134a55.js?f8ba654721b7cf134a55
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
795ebc9cf0b003e22e91d51254f919a29adedd40cc49973ef4090bbd1ca4b8dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:09 GMT
x-amz-version-id
Bm0M6CxJq66xVBOznaCYes8OJ2MPe3Ev
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:16 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"ba685f0ee5a36f05bd7af68f996b184c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304281
x-amz-cf-id
2WEWrkcoGSI5BvFqZSCGBroPwu9fGD7dnnB8KO6JWVBqP9-AZRTJzA==
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 03:02:30 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BShmoqfi%2F0M8iQJNRzH2L%2FLdNMudoH%2BLmbvATSGviZmD6HQbw3CcPuJk3ZG83r8rn%2F082hc6y9E5BHxSu4jlS%2F0%2BhpF67x7OuWruGZGQCIKMRE45FaY5bQPPCDtXJdx9IbFJeB1sFup%2BavE7"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
83a59b155d594bcd-BUF
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		229 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.50.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-50-109.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:29 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Sun, 24 Dec 2023 03:17:29 GMT
frame.1fce372587db5178291e.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		146 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.1fce372587db5178291e.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_boot.f8ba654721b7cf134a55.js?f8ba654721b7cf134a55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6ecb897e5ac951bbbcbb6223fb5bd0953d52ffe167086edb10033fc9822ddb8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:09 GMT
x-amz-version-id
y7OHMH5AUfZoi.5rjSjJNq.NyGmjycN7
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:15 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"d6afcb78c20bf368212883e467dabc29"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304281
x-amz-cf-id
1iVTsFZvijYAbcODy0amLLxl3SUQMOWvrsker7rjIvCnfaDrWhnfbw==
483.json
id5-sync.com/g/v2/ 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/483.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
871e5df4bd808c109becaa5507692c3b0ad83bb82b67ecf7fec088cc147c8b23
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pegasus_theme.3f49652ebdc70b060cdb.css
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/pegasus_theme.3f49652ebdc70b060cdb.css
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_boot.f8ba654721b7cf134a55.js?f8ba654721b7cf134a55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd6046fc1f4a0429f959a468afc2ab3ff4e3578721543ca80ac243acc2320d83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:09 GMT
x-amz-version-id
01MZCdGC4m.uwM.DTo6uo6W6pC6r7oIl
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:15 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"3e8ad784bd322a1441848466c06bc7d5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31536000
age
304282
x-amz-cf-id
rr7aSOeiU3mB2G61dUvSIjENl9JwqnBfaOzTncrTqNXaq-bRMhYQvg==
pegasus_theme.3f49652ebdc70b060cdb.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/pegasus_theme.3f49652ebdc70b060cdb.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_boot.f8ba654721b7cf134a55.js?f8ba654721b7cf134a55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e554726cf1b447ed389f6823a77e95c17c286b5519fa891821f068a15f2dab4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:09 GMT
x-amz-version-id
QjivsYs8yX3bI5KovXPkdKlFx7pr6rgB
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:15 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"f71e87dfeea5d886599e86bebad440f6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304282
x-amz-cf-id
7FKyXooi6yW0NLyLkI5YeJDf7KHoKb-IOFTGOi_BiReoFcbZwrQhvw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fhematologistsxoc.com%2F&pid=JGYnWBRjk43fj&cb=0&ws=1600x1200&v=23.1211.1645&t=3500&slots=%5B%7B%22sd%22%3A%225d443da494fc8910b6354c43-1010%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F21726375739%2C121113066%2FVM_5d443c779ad51d436ff8d7e9%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22cattax%22%3A6%2C%22cat%22%3A%5B%22IAB681%22%5D%2C%22sectioncat%22%3A%5B%22IAB681%22%5D%2C%22pagecat%22%3A%5B%22IAB681%22%5D%7D%7D%7D&schain=1.0%2C1!playwire.com%2C1023088%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%228ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b%22%2C%22lotame%22%3A%22fac01178818c102bd4a11c68d541a9fb927a3f79756eb2bcf56f99da16eb89a2%22%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-47-29.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:30 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 08c35fba3c05c07f78b1292e4a5f949a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P3
x-amz-rid
EKRT3JQHGZ3DY117SAYM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://hematologistsxoc.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
V3f7VCDqvYp00Vj4ooKaj8ZcTU9UZrqsnWrbbIus9Sn0qMF3FnEB3A==
token
pixel.rubiconproject.com/ 		0
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=34010&customParamenters
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
  • https://s.cpx.to/sync?dsp_uid=CAESENdsrc8ODozBlthI4SWR5uU&dsp=dbm&google_cver=1
0
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=CAESENdsrc8ODozBlthI4SWR5uU&dsp=dbm&google_cver=1
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Server
63.35.139.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-139-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 03:02:30 GMT
date
Sun, 24 Dec 2023 03:02:30 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.cpx.to/sync?dsp_uid=CAESENdsrc8ODozBlthI4SWR5uU&dsp=dbm&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
  • https://s.cpx.to/sync?dsp=OPENX&dsp_uid=7d982723-beab-4c4a-aa36-8af41c0e1948
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=OPENX&dsp_uid=7d982723-beab-4c4a-aa36-8af41c0e1948
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Server
63.35.139.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-139-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 03:02:30 GMT
date
Sun, 24 Dec 2023 03:02:30 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

date
Sun, 24 Dec 2023 03:02:30 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://s.cpx.to/sync?dsp=OPENX&dsp_uid=7d982723-beab-4c4a-aa36-8af41c0e1948
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
fire.js
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D13058%26url%3Dhttps%253A%252F%252Fhematologistsxoc.com%252F%26hn_ver%3D72%26fid%3Dc66b6...
  • https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=1168756271806296904&pid=13058&url=https%3A%2F%2Fhematologistsxoc.com%2F&hn_ver=72&fid=c66b6aac-81b5-407d-81b1-0dda14ad81c0&dsp=pub_common&dsp_uid=8ebd...
35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=1168756271806296904&pid=13058&url=https%3A%2F%2Fhematologistsxoc.com%2F&hn_ver=72&fid=c66b6aac-81b5-407d-81b1-0dda14ad81c0&dsp=pub_common&dsp_uid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&dsp=TTD&dsp_uid=abed8f56-b7f0-4ae7-b17f-4fa974ca40c7
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Server
63.35.139.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-139-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
date
Sun, 24 Dec 2023 03:02:30 GMT
content-length
35
expires
Sun, 24 Dec 2023 03:02:30 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
an-x-request-uuid
e4bc4516-9ed4-4801-a4fb-601c4a40db88
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=1168756271806296904&pid=13058&url=https%3A%2F%2Fhematologistsxoc.com%2F&hn_ver=72&fid=c66b6aac-81b5-407d-81b1-0dda14ad81c0&dsp=pub_common&dsp_uid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&dsp=TTD&dsp_uid=abed8f56-b7f0-4ae7-b17f-4fa974ca40c7
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
0
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Server
63.35.139.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-139-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 24 Dec 2023 03:02:30 GMT
date
Sun, 24 Dec 2023 03:02:30 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
date
Sun, 24 Dec 2023 03:02:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fhematologistsxoc.com%2F&pid=JGYnWBRjk43fj&cb=1&ws=1600x1200&v=23.1211.1645&t=3500&slots=%5B%7B%22sd%22%3A%225d5584cf434cc43cb684fd8e-1002%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21726375739%2C121113066%2FVM_5d443c779ad51d436ff8d7e9%22%7D%2C%7B%22sd%22%3A%225d5585c16ab8da237ffd524a-1001%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21726375739%2C121113066%2FVM_5d443c779ad51d436ff8d7e9%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22cattax%22%3A6%2C%22cat%22%3A%5B%22IAB681%22%5D%2C%22sectioncat%22%3A%5B%22IAB681%22%5D%2C%22pagecat%22%3A%5B%22IAB681%22%5D%7D%7D%7D&schain=1.0%2C1!playwire.com%2C1023088%2C1%2C%2C%2C&pubid=bd056b42-51db-43ce-9a8e-3b11319b5d1f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%228ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b%22%2C%22lotame%22%3A%22fac01178818c102bd4a11c68d541a9fb927a3f79756eb2bcf56f99da16eb89a2%22%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-47-29.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:30 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 08c35fba3c05c07f78b1292e4a5f949a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P3
x-amz-rid
1DWVPNCDM66DS9ZGESJ8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://hematologistsxoc.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
3pMhH9B0kZWAqV88VInt-DM505m2NkAnZ7wDe5TTcDSHmLBSsLOzCw==
track_enc
track.venatusmedia.com/dual/ 		16 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.47.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-47-73.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:30 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
df8381fff17ce48df50797cbd81fae3e66d0333a2d0ff1a4a68d47cf0d5bdd3a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
c
prebid.a-mo.net/a/ 		1010 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
c4348dfa21425e191c95d6fed4102c2ccd4966e7f8729df5a3235f21c5486951

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 03:02:30 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hematologistsxoc.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
156
content-length
497
auction
elb.the-ozone-project.com/openrtb2/ 		2 B
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83a59b193f3b39ef-YYZ
content-length
2
expires
0
openrtb
adx2.adform.net/adx/ 		0
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		139 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f5c26ab9c2405c9049dceaeb76d5551bc7c3907070cecc34112e22acb236f0c4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
an-x-request-uuid
d42e0419-a3a7-4094-aa4e-8ecb037d12f4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2212c7ec7fa32702c%22%3A%228e95c2151bcd41d7c724%7C970x90%2C728x90%2C970x250%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fhematologistsxoc.com%2F&s=beb12818-9385-4adf-a7b6-aac0167824fc&pv=ccacdb6f-9c1f-4156-89d3-f0cedb24e95f&vp=desktop&lib_name=prebid&lib_v=7.35.0&us=8&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fhematologistsxoc.com%2F%22%2C%22domain%22%3A%22hematologistsxoc.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22hematologistsxoc.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%225d443c436ab8da237ffd4fb4%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%228ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
3b79dedf1433d1519001844b35c8a2b5a52dc452f144dbc33008b2aa11a5be57
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-152
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
531
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
mp.4dex.io/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83a59b193f196aee-BUF
expires
0
auction
tlx.3lift.com/header/ 		19 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fhematologistsxoc.com%2F&tmax=3500
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.214.131.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-131-156.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt
x-auction-status
3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		378 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!venatus.com,5d443c436ab8da237ffd4fb4,1,,,&eid_pubcid.org=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b%5E1&rf=https%3A%2F%2Fhematologistsxoc.com%2F&tg_i.page=https%3A%2F%2Fhematologistsxoc.com%2F&tg_i.domain=hematologistsxoc.com&tk_flint=pbjs_lite_v7.35.0&x_source.tid=16e6e62f-a879-47f7-8068-605a2211db5b&l_pb_bid_id=18dda615075dd8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_5d443da494fc8910b6354c43%2F1010&slots=1&rand=0.4331650356336425
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2f5c94be77dc56e5d73d4e9dc492c871cc904680aeb2887c10e1d69444ccd97b

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
378
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=16333927496&lsavail=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:30 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.204.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-204-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:30 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.204.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-204-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:30 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
/
shb.richaudience.com/hb/ 		0
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 03:02:30 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://hematologistsxoc.com
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
arj
venatusmedia-d.openx.net/w/1.0/ 		173 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venatusmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fhematologistsxoc.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=16e6e62f-a879-47f7-8068-605a2211db5b%2C16e6e62f-a879-47f7-8068-605a2211db5b&nocache=1703386950194&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&schain=1.0%2C1!venatus.com%2C5d443c436ab8da237ffd4fb4%2C1%2C%2C%2C&aus=970x90%2C728x90%2C970x250%7C970x90%2C728x90%2C970x250&divids=1010-5d443da494fc8910b6354c43%2C1010-5d443da494fc8910b6354c43&aucs=%2C&auid=539871863%2C539871861
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
900c75a72f78f7e52dffe729e6a810a592de1ba5be985a39582de2417da20e7f

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hematologistsxoc.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		355 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=9&rp_schain=1.0,1!venatus.com,5d443c436ab8da237ffd4fb4,1,,,&eid_pubcid.org=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b%5E1&rf=https%3A%2F%2Fhematologistsxoc.com%2F&tg_i.page=https%3A%2F%2Fhematologistsxoc.com%2F&tg_i.domain=hematologistsxoc.com&tk_flint=pbjs_lite_v7.35.0&x_source.tid=14932912-26b9-4237-beb3-f6362c93d9d7&l_pb_bid_id=3433a10ece5a0ef&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_5d5584cf434cc43cb684fd8e%2F1002&slots=1&rand=0.5627135093374411
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2f487700bb09461f6532287109774bb28f53f8c42eb0115a9ca686c657f4b997

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
355
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		375 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=55&rp_schain=1.0,1!venatus.com,5d443c436ab8da237ffd4fb4,1,,,&eid_pubcid.org=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b%5E1&rf=https%3A%2F%2Fhematologistsxoc.com%2F&tg_i.page=https%3A%2F%2Fhematologistsxoc.com%2F&tg_i.domain=hematologistsxoc.com&tk_flint=pbjs_lite_v7.35.0&x_source.tid=4961b111-8dbd-434c-9b93-9c252c6187bb&l_pb_bid_id=3558ab5d45a1dc5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_5d5585c16ab8da237ffd524a%2F1001&slots=1&rand=0.9401370390664638
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b7bc0028dbeb31889f31090300f1ad29f50071d24eadaf7518bf1a2ccc54c0c2

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
375
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.55.204.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-204-172.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:30 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
arj
venatusmedia-d.openx.net/w/1.0/ 		173 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venatusmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fhematologistsxoc.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=14932912-26b9-4237-beb3-f6362c93d9d7%2C4961b111-8dbd-434c-9b93-9c252c6187bb%2C4961b111-8dbd-434c-9b93-9c252c6187bb&nocache=1703386950246&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&schain=1.0%2C1!venatus.com%2C5d443c436ab8da237ffd4fb4%2C1%2C%2C%2C&aus=160x600%7C728x90%2C970x90%7C728x90%2C970x90&divids=1002-5d5584cf434cc43cb684fd8e%2C1001-5d5585c16ab8da237ffd524a%2C1001-5d5585c16ab8da237ffd524a&aucs=%2C%2C&auid=539871855%2C539871861%2C539871863
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4686ff80d831d395db83f226f31635c11552abe4dfaafbc3cfc6aafa894e4917

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hematologistsxoc.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
adx2.adform.net/adx/ 		0
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx2.adform.net/adx/openrtb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
trinity.json
apex.go.sonobi.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2246129c12ac2f3c4%22%3A%228e95c2151bcd41d7c724%7C160x600%7Cc%3Dd%2C%22%2C%2247b945d6d32f74f%22%3A%228e95c2151bcd41d7c724%7C728x90%2C970x90%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fhematologistsxoc.com%2F&s=4d3f453c-e5d8-4d0e-8a4e-0cdac6bfd361&pv=ccacdb6f-9c1f-4156-89d3-f0cedb24e95f&vp=desktop&lib_name=prebid&lib_v=7.35.0&us=8&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fhematologistsxoc.com%2F%22%2C%22domain%22%3A%22hematologistsxoc.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22hematologistsxoc.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%225d443c436ab8da237ffd4fb4%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%228ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
51bd07464cde0b30954b998443bb68af086dd66462f59560c82bb95026ef1158
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-154
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
582
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
auction
elb.the-ozone-project.com/openrtb2/ 		2 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83a59b193f3f39ef-YYZ
content-length
2
expires
0
c
prebid.a-mo.net/a/ 		1010 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
71d3782ab2efa9cedb7454694f592e42df01e1ef8734a5c624847fdc191719f5

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 03:02:30 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hematologistsxoc.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
75
content-length
497
bid
ap.lijit.com/rtb/ 		24 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
0a811e6f9e1db11519b738874e1dc1326686bd17058a5d78479c5dce61f478d8

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 24 Dec 2023 03:02:30 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://hematologistsxoc.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
/
shb.richaudience.com/hb/ 		0
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 03:02:30 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://hematologistsxoc.com
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.115.232.150 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
150-232-115-208.static.reverse.lstn.net
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 03:02:30 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://hematologistsxoc.com
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
x-err
Parsing the Prebid Request. adrequest and manager domains do not match
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83a59b193f1a6aee-BUF
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:30 GMT
an-x-request-uuid
9864d7fd-4fad-46a8-8eae-17721f20c0c1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=5880583145&lsavail=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:30 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
admgr.18397a801d96ce8840e4.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		165 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/admgr.18397a801d96ce8840e4.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_boot.f8ba654721b7cf134a55.js?f8ba654721b7cf134a55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a1cf4718ff9f5e581deb93f417fd9e5a1ca136b0c5ea2f5e750509030085fad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:09 GMT
x-amz-version-id
PZohCDYrLOlZUOYs5uWdtc.xzGZmEsFz
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:15 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"8e09385e885238a4a4c8fc1f4c171e5c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304282
x-amz-cf-id
clSJi7W6WkNmeD4_9uzcMPtKxTtICPY7KgM_UgdcZL3QJBgXn3nVtg==
v3
id5-sync.com/gm/ 		692 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
3608a96494e626165a7fa990c57cba272267d5a972328b87550fcdec465c602e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pegasus_appearance_manager.f0757945b6f7ace4c8f6.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/pegasus_appearance_manager.f0757945b6f7ace4c8f6.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_boot.f8ba654721b7cf134a55.js?f8ba654721b7cf134a55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a9376a6abc6df47008a26894a201098d1c20d3b01cd0eab8a2160ee2efe666f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:09 GMT
x-amz-version-id
H5X0sPvHpKpDaR2xeVhjgel2qwN8E6xw
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:15 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"0919215670962934237878e9b5c83ffc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304282
x-amz-cf-id
peC7uWddyOoA6HLrFA0K15mBrWyJkv3lXV_rSfUvfeVfYyQ3m4oQHw==
pegasus_controlbar~scrubber.36741499579a4c774cc5.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/pegasus_controlbar~scrubber.36741499579a4c774cc5.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_boot.f8ba654721b7cf134a55.js?f8ba654721b7cf134a55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04da066bd84e8958d82cd664633b30f17470b9c087c7557f220ebd55a26b8fae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:09 GMT
x-amz-version-id
hI4yDC85LVLMz58VO0UdWoiC_UoR7qAT
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:15 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"e7c4608f03461d1e30fb38ffd706b8ee"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304281
x-amz-cf-id
XFwyvL-enU1iTsi-6UFTJjN-z0rhDn_iYiQaDeJUUCqbZzBYIsYJ6w==
pegasus_controlbar.ff2dac22ae244285bd51.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/pegasus_controlbar.ff2dac22ae244285bd51.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_boot.f8ba654721b7cf134a55.js?f8ba654721b7cf134a55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9906607ad275b2d8e8d5d041890f95d003684821700bbcce9cace7ac6d9bc3c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:09 GMT
x-amz-version-id
V2HIbOosjZTfz1Q88ZWimrnkysjnilnc
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:15 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"7cad323fbdf3825a31677652f8369696"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304282
x-amz-cf-id
rB40pr-KS1IXYv4Hrz0plg70wU7p1XmXyx9pXp0SJ2sOaF7fWYbk0Q==
zeus_mouseinput.a07efd19b17472ae33ab.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_mouseinput.a07efd19b17472ae33ab.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_boot.f8ba654721b7cf134a55.js?f8ba654721b7cf134a55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f04cab34a429ef6786fbe0407e3ff66f65609b94f3905e62cdd489a161fde7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:09 GMT
x-amz-version-id
P2UHbSAomdW4teTuj1AE0G6qjjWEIuIR
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:16 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"caee6e14b86870ac76ade3cd0b39b7cc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304282
x-amz-cf-id
vBeupLkZ6rUDAXzJ4-8VzVmyR0OBO8oJ1OqLHJ_WZHs3rcBj6Zv32w==
pegasus_content.94e8039dd9d0d1784dac.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/pegasus_content.94e8039dd9d0d1784dac.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_boot.f8ba654721b7cf134a55.js?f8ba654721b7cf134a55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c71f83b7106a5c625bedf1fb10174c308fcdb9424619a566212cf7f4271bf993

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:09 GMT
x-amz-version-id
YNKoHiROtHUwfvnyzcUKfSbV0yfN8udI
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:15 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"9b4ac4a74e73452bd9bcac9066c2539f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304282
x-amz-cf-id
ThZhXSjy_INUc6UZ9Osh7L8B0fde9E5d5wlLL0l2EIsQyHJruBXeVA==
scrubber.f57d98cf4d20555a6928.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/scrubber.f57d98cf4d20555a6928.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_boot.f8ba654721b7cf134a55.js?f8ba654721b7cf134a55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
349eec9055aad9a944335a9f25678aff9e0e76ae941e0ef3538b6930d8cb13a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:09 GMT
x-amz-version-id
Q3jhwEj1gEuPDgG97UeYJcftkaJ6m1EG
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:16 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"42d1cc89a0ed0718ccc18d6aeea7d35c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304282
x-amz-cf-id
oXhtQngAia8W8eEZR5z1FoYEK9CRHfZz3OOYfk53K7YDOxjgtlIKKg==
pegasus_watermark.c000adcedbecba188edb.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/pegasus_watermark.c000adcedbecba188edb.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_boot.f8ba654721b7cf134a55.js?f8ba654721b7cf134a55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40ad38b6d19c818c4a403f3d7285fbafcec73c22e3064082e88feb78b4f15d33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:09 GMT
x-amz-version-id
AB6YjuIbYtqqDfe0kOeCqXq3itIf_3AQ
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:16 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"c4bcc22ff0b1fd81b718cfd4ca7f084f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304282
x-amz-cf-id
KpkEQT8vJtWYmVOslG001IjDRidHBRp4ZbwDat6nNoFsPnmyb4IP4A==
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 24 Dec 2023 01:49:44 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4366
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sun, 24 Dec 2023 03:49:44 GMT
googleAdsPlayer.21a6cf11fb024aa75a07.js
cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/ Frame D4BD 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/googleAdsPlayer.21a6cf11fb024aa75a07.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/zeus_boot.f8ba654721b7cf134a55.js?f8ba654721b7cf134a55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:7c50:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18c05864f8cbb41e87c87b3e065e1415a99a12bbc6df46329876a0471273495e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/frame.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 14:31:10 GMT
x-amz-version-id
XljTojwWGjImQCJ1VKp1yXFAxqkBn701
content-encoding
br
last-modified
Wed, 20 Dec 2023 14:27:15 GMT
server
AmazonS3
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
etag
W/"f1b691b3375edef2cc5ea3b4b3cf522a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
age
304281
x-amz-cf-id
uMTRpLmb4KHMc5eUudIVPgJ-FD3zTIQZO6a7sKpYRnHBKXA0DAtqVw==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D4BD 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.playwire.com
URL: https://cdn.playwire.com/bolt4/js/zeus/releases/4.6.43/frame/googleAdsPlayer.21a6cf11fb024aa75a07.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.playwire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Sun, 24 Dec 2023 03:02:30 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		297 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1259344902462092&correlator=244785146350659&eid=31080123&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A121113066%2CVM_5d443c779ad51d436ff8d7e9&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1a254c9e649bf350%3AT%3D1703386949%3ART%3D1703386949%3AS%3DALNI_Mbc35GkgNZEzLV0buttwB5FxCL-zg&gpic=UID%3D00000a048a46ede6%3AT%3D1703386949%3ART%3D1703386949%3AS%3DALNI_MZrd3UoYS-ZO4U3dU1IUPysDe6hTQ&abxe=1&dt=1703386950837&lmt=1703333738&adxs=2000&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhematologistsxoc.com%2F&vis=1&psz=970x-1&msz=1940x-1&fws=1024&ohw=0&ga_vid=1681994010.1703386948&ga_sid=1703386950&ga_hid=1760994325&ga_fc=true&dlt=1703386947114&idt=1467&ppid=8ebd1ed4d5de4bbea9bb5a958c98d85b&prev_scp=hb_pb%3D0.01%26hb_adid%3D5d443da494fc8910b6354c43-1010%26hb_iv%3D1%26sv%3D1%26re_ve%3D8e148798-v7.35.0%26pg_ld_id%3De88ba153-2eda-4d1d-8932-126d7388ee68%26mo%3Dscan%26ac_id%3D5d443c436ab8da237ffd4fb4%26si_id%3D5d443c779ad51d436ff8d7e9%26pl_id%3D5d443da494fc8910b6354c43%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-12-15%252017%253A44%253A42%26ta_si%3D728x90%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3De1166ce8-3c6e-48a2-a0c3-890273cf065a%26tpcs%3Dunknown%26bf_br%3D53500000%26af_im%3D53500000%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2&cust_params=pf_src%3Dml%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26salad%3Dkale%26dd%3Draspberry%26di%3Dpineapple%26vd%3Draspberry%26vi%3Dpineapple%26sitecont_cat%3Dgames_hardcore%252CPlayStation%26tyche_code%3D4.10.4%26pageos_code%3D1.10.29%26k1%3D17%26k2%3D62%26k3%3D30%26k4%3D2%26k5%3D1%26k6%3D0%26k7%3D8%26hour%3D17%26day%3DSaturday%26OS%3DWindows%252010%26browser%3DChrome%2520120%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.10.4%26kver%3Dv3%26ab_test%3Dna_A%26ad_clicker%3Dfalse%26user_id%3D1681994010.1703386948%26session_id%3D1703386948%26pageview_id%3D1703386947708%26page_focus%3Dtrue%26testgroup%3D42&adks=1044078221&frm=20
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f969e7700dad628cf43d38db108feba5b89995345bd478e6e4c2a8e3e6363d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.609.1_en.html
imasdk.googleapis.com/js/core/ Frame 28AD 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.playwire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
325310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245986
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Dec 2023 08:40:40 GMT
expires
Thu, 19 Dec 2024 08:40:40 GMT
last-modified
Mon, 18 Dec 2023 19:42:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame D4BD 		0
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A9BC 		0
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 985F 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24b1e9c85f895f6b64e29d323e862d6a471663669b3789a7f8ea4d2bffd10203
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51237
x-xss-protection
0
server
cafe
etag
18064879464079266057
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 03:02:31 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		595 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1259344902462092&correlator=3725039329415199&eid=31080123&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A121113066%2CVM_5d443c779ad51d436ff8d7e9&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=160x600%2C728x90%7C970x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1a254c9e649bf350%3AT%3D1703386949%3ART%3D1703386949%3AS%3DALNI_Mbc35GkgNZEzLV0buttwB5FxCL-zg&gpic=UID%3D00000a048a46ede6%3AT%3D1703386949%3ART%3D1703386949%3AS%3DALNI_MZrd3UoYS-ZO4U3dU1IUPysDe6hTQ&abxe=1&dt=1703386951025&lmt=1703333738&adxs=20%2C436&adys=178%2C1156&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhematologistsxoc.com%2F&vis=1&psz=160x270%7C1600x-1&msz=160x250%7C728x-1&fws=1028%2C1536&ohw=160%2C0&ga_vid=1681994010.1703386948&ga_sid=1703386950&ga_hid=1760994325&ga_fc=true&dlt=1703386947114&idt=1467&ppid=8ebd1ed4d5de4bbea9bb5a958c98d85b&prev_scp=hb_pb%3D0.01%26hb_adid%3D5d5584cf434cc43cb684fd8e-1002%26hb_iv%3D1%26sv%3D1%26re_ve%3D8e148798-v7.35.0%26pg_ld_id%3De88ba153-2eda-4d1d-8932-126d7388ee68%26mo%3Dscan%26ac_id%3D5d443c436ab8da237ffd4fb4%26si_id%3D5d443c779ad51d436ff8d7e9%26pl_id%3D5d5584cf434cc43cb684fd8e%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-12-15%252017%253A44%253A42%26ta_si%3D160x600%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3De1166ce8-3c6e-48a2-a0c3-890273cf065a%26tpcs%3Dunknown%26st_ty%3Dvert%26bf_br%3D53500000%26af_im%3D53500000%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2%7Chb_pb%3D0.01%26hb_adid%3D5d5585c16ab8da237ffd524a-1001%26hb_iv%3D1%26sv%3D1%26re_ve%3D8e148798-v7.35.0%26pg_ld_id%3De88ba153-2eda-4d1d-8932-126d7388ee68%26mo%3Dscan%26ac_id%3D5d443c436ab8da237ffd4fb4%26si_id%3D5d443c779ad51d436ff8d7e9%26pl_id%3D5d5585c16ab8da237ffd524a%26co%3DUS%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-12-15%252017%253A44%253A42%26ta_si%3D728x90%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3De1166ce8-3c6e-48a2-a0c3-890273cf065a%26tpcs%3Dunknown%26st_ty%3Dhorb%26bf_br%3D53500000%26af_im%3D53500000%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2&cust_params=pf_src%3Dml%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26salad%3Dkale%26dd%3Draspberry%26di%3Dpineapple%26vd%3Draspberry%26vi%3Dpineapple%26sitecont_cat%3Dgames_hardcore%252CPlayStation%26tyche_code%3D4.10.4%26pageos_code%3D1.10.29%26k1%3D17%26k2%3D62%26k3%3D30%26k4%3D2%26k5%3D1%26k6%3D0%26k7%3D8%26hour%3D17%26day%3DSaturday%26OS%3DWindows%252010%26browser%3DChrome%2520120%26pagecount%3D1%26window_width%3D1600%26window_height%3D1200%26screen_orientation%3Dlandscape%26refresh_count%3D0%26tyche_version%3D4.10.4%26kver%3Dv3%26ab_test%3Dna_A%26ad_clicker%3Dfalse%26user_id%3D1681994010.1703386948%26session_id%3D1703386948%26pageview_id%3D1703386947708%26page_focus%3Dtrue%26testgroup%3D42&adks=1962449759%2C1690883147&frm=20
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f852e10f255d20e47990e1ecc9e3135a8dca4f1151931188b06a008150c5eefa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28AD 		0
0
track_enc
track.venatusmedia.com/dual/ 		16 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.47.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-47-73.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:31 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28AD 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28AD 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28AD 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28AD 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28AD 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28AD 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28AD 		0
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 28AD 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?sz=640x480&iu=%2F154013155%2C121113066%2F1023088%2F71020%2Fpublisher%3A1023088-website%3A71020-video&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fhematologistsxoc.com%2F&description_url=https%3A%2F%2Fhematologistsxoc.com%2F&correlator=2094219633076351&vad_type=linear&cust_params=lld_id%3D7b8cbb8a2e474b808354dfa938ff751c86950918%26price_floor%3D1.72%26adunit%3Dtrendi_video%26owning_pub_id%3D1023088%26pub_id%3D1023088%26instream%3Dfalse%26player_height%3D480%26player_width%3D640%26synd%3Dtrue%26vid_long_form%3Dfalse%26window_width%3D1600%26window_height%3D1200%26sitecont_cat%3D%26custom_path%3DHP%26salad%3Dkale%26dd%3Draspberry%26di%3Dpineapple%26vd%3Draspberry%26vi%3Dpineapple%26ad_clicker%3Dfalse%26ab_test%3Dna_A%26pagecount%3D1%26k1%3D17%26k2%3D62%26k3%3D30%26k4%3D2%26k5%3D1%26k6%3D0%26k7%3D8%26user_id%3D1681994010.1703386948%26session_id%3D1703386948%26pageview_id%3D1703386947708%26vid_location%3Dcorner%26product%3Dads_only%26sticky%3Dtrue%26trendi%3Dfalse%26refresh_count%3D0%26abs_dist_top%3D1100%26abs_dist_left%3D1450%26rel_dist_bottom%3D0%26rel_dist_left%3D90%26browser%3DChrome%20120%26hour%3D17%26day%3DSaturday&vpa=auto&vpmute=1&sdkv=h.3.609.1&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=3063660970&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.609.1&sid=03C06B59-A299-412A-8B96-B28F684172FB&nel=0&eid=44752711%2C44772139%2C44777649%2C44781409%2C44804291&ref=https%3A%2F%2Fhematologistsxoc.com%2F&top=https%3A%2F%2Fhematologistsxoc.com%2F&loc=https%3A%2F%2Fcdn.playwire.com%2Fbolt4%2Fjs%2Fzeus%2Freleases%2F4.6.43%2Fframe%2Fframe.html%23id%3Dtyche_trendi_video___pv%3D1___eu%3Dfalse___eis%3D1703386949556&dt=1703386951188&scor=3309703270549670&ged=ve4_td1_er0.0.154.300_vi0.0.169.300_vp100_eb24424
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.609.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 28AD 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 28AD 		0
0
csi
csi.gstatic.com/ Frame 28AD 		0
0
track_enc
track.venatusmedia.com/dual/ 		16 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.47.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-47-73.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:31 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 985F 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82544ae162bda479021090084c79eee97c9b91277fbcb9d42beb85b0348479ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137916
x-xss-protection
0
server
cafe
etag
1305020384322512277
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 03:02:31 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 14F1 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
24921
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 20:07:10 GMT
etag
5585625838579639069
expires
Sat, 06 Jan 2024 20:07:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 19DE 		603 B
116 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4379891692491416&output=html&h=90&slotname=8254753489&adk=1066506388&adf=3279755401&pi=t.ma~as.8254753489&w=728&lmt=1703386951&format=728x90&url=https%3A%2F%2Fhematologistsxoc.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703386951445&bpp=5&bdt=514&idt=160&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&cookie=ID%3D1a254c9e649bf350%3AT%3D1703386949%3ART%3D1703386949%3AS%3DALNI_Mbc35GkgNZEzLV0buttwB5FxCL-zg&gpic=UID%3D00000a048a46ede6%3AT%3D1703386949%3ART%3D1703386949%3AS%3DALNI_MZrd3UoYS-ZO4U3dU1IUPysDe6hTQ&correlator=310160980786&frm=21&ife=1&pv=2&ga_vid=1681994010.1703386948&ga_sid=1703386952&ga_hid=12896758&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1515&ady=59&biw=1600&bih=1200&isw=970&ish=250&ifk=3580895807&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320885&oid=2&pvsid=1809756970991620&tmod=1646918576&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1028&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u5adp1fnuyqd&fsb=1&dtd=175
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 03:02:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 985F 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc365ef99adcfed6bdf7b13e94ce9caea521dc5057f2570b2c4db6499ac8548
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12238
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 985F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 03:02:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA77 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
24859
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 20:08:12 GMT
expires
Sun, 22 Dec 2024 20:08:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A5E2 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: hematologistsxoc.com
URL: https://hematologistsxoc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
139e214fa63379abfdbc03602bd7c99d3be1d6479a683a819cee1707944f9587
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VIKSk65rHWsYTYjsU7bhxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-VIKSk65rHWsYTYjsU7bhxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 03:02:31 GMT
expires
Sun, 24 Dec 2023 03:02:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame FA77 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 20:08:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
24858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Dec 2024 20:08:13 GMT
cookieTest.html
hb.vntsm.com/ab/live/3pcookie/ Frame 2C26 		967 B
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.42 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-Geo,Content-Type,x-bl,x-geo-subdivision
age
1718
cache-control
max-age=600
content-encoding
gzip
content-length
420
content-type
text/html
date
Sun, 24 Dec 2023 03:02:31 GMT
etag
"d80b9831e6e7896aa97e84d70f49e545"
last-modified
Sun, 10 Sep 2023 14:04:21 GMT
strict-transport-security
max-age=300
vary
Accept-Encoding
venatus-cdn-hb-rule-version
1.1
via
1.1 varnish, 1.1 varnish
x-amz-id-2
UzdQ8Db+pSb/ItWRMrVGafCpXdjwO2rb8DDEz8m46S4eNR2NSXYfo3V7pKJr2byeHMyj7McqbH0=
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-cache-hits
59, 1
x-geo
US
x-ip
96.9.249.36
x-served-by
cache-dub4331-DUB, cache-yyz4560-YYZ
x-timer
S1703386952.954216,VS0,VE10
/
mydmp.exelator.com/on-site-tag-load/
Redirect Chain
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d
  • https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
Protocol
H2
Server
52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-156-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
13ff8f0ff51349909ba3d8ed5065220fe403eca19708444d09de3617536920f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
server
nginx
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Sun, 24 Dec 2023 03:02:32 GMT
server
nginx
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://mydmp.exelator.com/on-site-tag-load/?p=1041&g=1&j=d&xl8blockcheck=1
access-control-allow-origin
https://hematologistsxoc.com
content-type
image/gif;charset=utf-8
cache-control
no-cache
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
192129b64e6d4a6577e7e75a4d016cca850575978bc74b13f7654640c81ddbee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12303
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A5E2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1809756970991620&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame FA77 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8NdpGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 03:02:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 507C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
24860
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 20:08:12 GMT
expires
Sun, 22 Dec 2024 20:08:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2F56 		829 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d2fdbc41a0960dc49b537060118e80e4c802a95544e5e939aa496bf2c9440a60
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NxJvvbSMxa8gWgGIPxMMiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NxJvvbSMxa8gWgGIPxMMiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 03:02:32 GMT
expires
Sun, 24 Dec 2023 03:02:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 985F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1809756970991620&bg=!ISKlIm3NAAY3kmNgF5I7ADQBe5WfOOiFX8zORpqJPS1nUYZNroEHua8zRcLxYIOwT20dz7PC2nrFyS-fgwb1vxkwGB14AgAAAG9SAAAAAmgBBwoASuA6NG34Rio3pjoWz_UbsfM8r_2BUDBpD_Si0M5e6fDMoyvg9vUopBqHJlEs1z6hp0bhaXhgJl1p40ox2_mSnLMu5H8YRR5raAt2mQMV-qdoPZ2qri1g84DxHmCyAXTX8E18QGiTbX5SQJFS6Z2fYcAWR8BJMq9oWKDHEmP0I-uhTyyVROhWnRyBeNhBAaWB8sa0DCQxMqjECmeZc7eDLATQ_IerxQ-Qg6CWUl6lYCb7qQo11hhcPRVqDlHmxoVAVYsxvh-OsckVYqRYp9uQc0eQUKlGs563q22e1yGzGhgoGihMv-rckjTsaIRkAsw9I1VRXs-ctSSttOcGBfu3RUnW2OE2gu2HaAKS1DgtT2l4OAlr3xgsRg9MBFX6wOPh89pnf_n3ADs0Dx_sYK-V0doPgPTRAXim51e1-gCFpwRHEcFs0nr1U-sY8QeoUbLXt_KIMf-ZtceN1zw2XOdGzVEmquIwDiFR9YZV9QRrcfNFD9UaiG2gYhHH48krZ4MqFP3ls55LVDtSEI7Wn846Ljg5wx1cY7lpArgxmz-3eKn265v0PKCxXwO0Hk82J95iJkHM1-CtM6PeE9AP5FawTsmiX2Fo1l4W8gVH1_iIPYX0DsxQma-TBeVcYNmN99RI7S-RxdknhNTZejS2l9N3HP-KbKC5JQQsjopnojB7F4EydduMHpuB6LP_HHFPOxA3k25MUjtFSre8psbMl4S6ju5jJt0wRZWBeX8nJobVDAq9T89o6H_Pw7ZAxz3JgAQ2q5r2TYGV-K2Fq0xjzWeGVFddwPCbs4mqbFeHeR3XXC3uqR12GRdSu-YiBmYjborIFmiLlYKp9UzSJRSXsFLusE_oNmQ3ChFj1_jVq82Ut95pFiq6iGIjD0LMvJEXcL0pdLNNwR98SKNSLgeorloUdC5U4A50D3ozc8sZYirPc40QnI6c9tK2Ys0tcnoICN2791jmo51wO3tKXQotc900_B0ihpxUbN8QbetD-31a5glf-4uGzl2rgbv1GEUvtJG9g2llmoqBVtFz1APP9T8dO9y4zd7x0nLCsYrmdzqA4h1z52hEa7AJ6z8Cj0pgxj0F5IP_4rgUS1b3TNkrjeUjPz7JyEZWSUap368te0O1u_fHd9fV68gfhk0R_0UpkSh6L0Ym
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 507C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 20:08:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
24859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Dec 2024 20:08:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2F56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1259344902462092&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
log
onsite-tag-logs.apps.nielsen.com/ 		0
264 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://onsite-tag-logs.apps.nielsen.com/log
Requested by
Host: cdn.exelator.com
URL: https://cdn.exelator.com/build/static.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.214.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-214-218.compute-1.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 24 Dec 2023 03:02:32 GMT
server
nginx/1.20.1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://idsync.rlcdn.com/397416.gif?partner_uid=ce7da9c73a774fc176b4844d03a97e26
  • https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008gZDVVAdDLuk6iaHmtbL-2YFZZmSdhGlksXaNYa0Uug8
44 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008gZDVVAdDLuk6iaHmtbL-2YFZZmSdhGlksXaNYa0Uug8
Protocol
H2
Server
2600:9000:211c:5a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:32 GMT
via
1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
IaFoa0kzFiK2phg4VYUTFG86yyAegZ-pweqdehPvCkNtK5Kd9gX8gA==
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

date
Sun, 24 Dec 2023 03:02:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=us-liveramp&cg=Xc3008gZDVVAdDLuk6iaHmtbL-2YFZZmSdhGlksXaNYa0Uug8
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dcm
s.amazon-adsystem.com/
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=7be11c9c-3fd1-4409-a016-f23294a75c34&id=ce7da9c73a774fc176b4844d03a97e26
  • https://s.amazon-adsystem.com/dcm?pid=7be11c9c-3fd1-4409-a016-f23294a75c34&id=ce7da9c73a774fc176b4844d03a97e26&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=7be11c9c-3fd1-4409-a016-f23294a75c34&id=ce7da9c73a774fc176b4844d03a97e26&dcc=t
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EC6AYRREC22T8V8NS1W8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q5HXTTKSC1R4776DMNVK
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=7be11c9c-3fd1-4409-a016-f23294a75c34&id=ce7da9c73a774fc176b4844d03a97e26&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
nmcsync.imrworldwide.com/ 		35 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmcsync.imrworldwide.com/?xuid=ce7da9c73a774fc176b4844d03a97e26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.139.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-139-132.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:32 GMT
strict-transport-security
max-age=31536000
max-age
0
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
content-type
image/gif
p3p
P3P policyref="http://nmcsync.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
35
expires
0
adsct
analytics.twitter.com/i/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=ce7da9c73a774fc176b4844d03a97e26&p_id=28539
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
6
date
Sun, 24 Dec 2023 03:02:32 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
f0f454566327a7d5
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
2dc252e3ed83a2586cb99b6fb6a506a4495c2811bb34b6cdc0ca1113d3802a28
content-length
43
generate_204
tpc.googlesyndication.com/ Frame 507C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zf9MVQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhematologistsxoc.com%2F&domain=hematologistsxoc.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://hematologistsxoc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://hematologistsxoc.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 24 Dec 2023 03:02:32 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
228298
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0
  • https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0&b=1&g=rQ7MDbbMtQCBp9Hg70BWfPq%2Fg8i0KMQKCOGHpeeF0rI%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0&b=1&g=rQ7MDbbMtQCBp9Hg70BWfPq%2Fg8i0KMQKCOGHpeeF0rI%3D
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:32 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://hematologistsxoc.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 24 Dec 2023 03:02:32 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://hematologistsxoc.com
location
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0&b=1&g=rQ7MDbbMtQCBp9Hg70BWfPq%2Fg8i0KMQKCOGHpeeF0rI%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhematologistsxoc.com%2F&domain=hematologistsxoc.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=n7PzvHxVS3IrMUNZWkZwMnRhWitXaWxDY3BCMGxnakVCY2FEaVlBajZJaVNzVFN4dzZ3TS9xWUhkRzRONnVEbGtJeW4rNFYrSDdiS2hxUmYvZDdub00zbkFCb1hjcVI0WjBjYS9oT1BCT29kYnl1TWFUaGczZC8vOTBRVU...
386 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=n7PzvHxVS3IrMUNZWkZwMnRhWitXaWxDY3BCMGxnakVCY2FEaVlBajZJaVNzVFN4dzZ3TS9xWUhkRzRONnVEbGtJeW4rNFYrSDdiS2hxUmYvZDdub00zbkFCb1hjcVI0WjBjYS9oT1BCT29kYnl1TWFUaGczZC8vOTBRVUNpVFZSanJyZzdQNFVGSjYzYUhrVXBSVCtXTVNiSm0ybGVXc3ZleDQzdWVJL3ZQWldaVUtDamlaRE42bFJoRkJkS0tCS0Q2ejl5a01IT1JsNDAwcVVZMDFFNkxsTlJiMmNhM2xES1MxSURTNjlpV1o0MzhsMEhuRFpxb01rdmQ1R3lrWHFwTjNCfA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f863c1b8d49efa3b6dcbbb14b32300b5d130ce0b0d4bf4c76ec6bfdffffe8e52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
787835
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:32 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://hematologistsxoc.com
location
https://mug.criteo.com/sid?cpp=n7PzvHxVS3IrMUNZWkZwMnRhWitXaWxDY3BCMGxnakVCY2FEaVlBajZJaVNzVFN4dzZ3TS9xWUhkRzRONnVEbGtJeW4rNFYrSDdiS2hxUmYvZDdub00zbkFCb1hjcVI0WjBjYS9oT1BCT29kYnl1TWFUaGczZC8vOTBRVUNpVFZSanJyZzdQNFVGSjYzYUhrVXBSVCtXTVNiSm0ybGVXc3ZleDQzdWVJL3ZQWldaVUtDamlaRE42bFJoRkJkS0tCS0Q2ejl5a01IT1JsNDAwcVVZMDFFNkxsTlJiMmNhM2xES1MxSURTNjlpV1o0MzhsMEhuRFpxb01rdmQ1R3lrWHFwTjNCfA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
562967
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		108 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
069a8cf7ef62a0cfe53356d85a2e4c637590043d8ea5af661cb23cc51a55be68

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hematologistsxoc.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 23 Jan 2024 03:02:33 GMT
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=288&_it=prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1acd4e1a4cc300fed8d41672bc2a36a285a34568bb6c1091bf6e2eef0e699514

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
83a59b295a354bcd-BUF
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
envelope
api.rlcdn.com/api/identity/ 		0
0
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame F6B0
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5168118996
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5168118996&rd=1
2 KB
1018 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5168118996&rd=1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.211.246 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
80c3e9eed58b949267fc61be1c0a5aba119cd91158c4f91bd0c9a7845321e736

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 03:02:22 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 03:02:22 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5168118996&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 7695
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4518969610
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4518969610&rd=1
2 KB
1003 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4518969610&rd=1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.211.246 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
1e3e10ba8bb2039d986d1d9c340a62d791c473994cbad4d87ee36bdba39c5ca4

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 03:02:22 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 03:02:22 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4518969610&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
sync
pre.ads.justpremium.com/v/1.0/t/ Frame DD21 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a9o7031703386950056
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.24.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-24-130.compute-1.amazonaws.com
Software
/
Resource Hash
a1b75468e11a9979078d7799f8776ddc818fd9143a16485a29daf500ef2f44c7

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 03:02:33 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6D73 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.249 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-249.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 24 Dec 2023 03:02:33 GMT
ETag
"623de86a-cf34"
Expires
Mon, 25 Dec 2023 03:02:35 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame B021 		784 B
791 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6ce4dbb258635f3a68ec50b8cbd187c0990e2e4fcf2aef91db9cfde32bbbaf57

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
487
content-type
text/html
date
Sun, 24 Dec 2023 03:02:33 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame A3F0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.249 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-249.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 24 Dec 2023 03:02:33 GMT
ETag
"623de86a-cf34"
Expires
Mon, 25 Dec 2023 03:02:35 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
load-cookie.html
elb.the-ozone-project.com/static/ Frame 55D9 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950674&bidder=ozone
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8a389b5b17d684ffceb433518602681283a96f4bec24fca5111e60f664b8766

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83a59b28dd0c39ef-YYZ
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 03:02:33 GMT
expires
0
last-modified
Tue, 19 Dec 2023 10:33:53 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
isyn
prebid.a-mo.net/ Frame 16CE 		2 KB
722 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=Cs8BShRoZW1hdG9sb2dpc3RzeG9jLmNvbVILYWFzLTllMWI4MzBaCHBiYTEuMy4yahRoZW1hdG9sb2dpc3RzeG9jLmNvbfoBBjcuMzUuMOgCAYgDxr6erAaoA1rqAyRmYzQ5YzRkYy05OWY0LTQxNDMtOGM2Zi0xNGQ3Y2U0ZTQ1MDOqBANEQ0iyBQNVU0TSBQkxMDUxOTkzNTjYBQDgBQDqBQdkZXNrdG9w-gUEZGMxM6oHA3dlYsoHFGhlbWF0b2xvZ2lzdHN4b2MuY29t4AcB
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
b68ebbcf2878ae7c6646c7b9585a199ab5f78605868382e65e0cbd97b5dd2f6d

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
633
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 03:02:32 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
usync.html
eus.rubiconproject.com/ Frame 8740 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.78.81 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-78-81.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Dec 2023 03:02:33 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 43B0 		2 KB
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=Cs8BShRoZW1hdG9sb2dpc3RzeG9jLmNvbVILYWFzLTllMWI4MzBaCHBiYTEuMy4yahRoZW1hdG9sb2dpc3RzeG9jLmNvbfoBBjcuMzUuMOgCAYgDxr6erAaoA1rqAyQ1ZWRjMzRhOS1kNDMwLTQwMmEtOTJjMC00Mjc1Y2MwNTgxNGWqBANEQ0iyBQNVU0TSBQkxMDUxOTkzNTjYBQDgBQDqBQdkZXNrdG9w-gUEZGMxM6oHA3dlYsoHFGhlbWF0b2xvZ2lzdHN4b2MuY29t4AcB
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
b68ebbcf2878ae7c6646c7b9585a199ab5f78605868382e65e0cbd97b5dd2f6d

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
633
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 03:02:33 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FA42 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=168387
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 24 Dec 2023 03:02:33 GMT
expires
Tue, 26 Dec 2023 01:49:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EDA5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=168387
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 24 Dec 2023 03:02:33 GMT
expires
Tue, 26 Dec 2023 01:49:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
load-cookie.html
elb.the-ozone-project.com/static/ Frame 2BE6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad11e0c0e278544cf9831ad673cf64518b4c5a72b2e3ad4e98bf8ee92b09e0d9

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83a59b28ed2b39ef-YYZ
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 03:02:33 GMT
expires
0
last-modified
Tue, 19 Dec 2023 10:33:53 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
sync
eb2.3lift.com/ Frame B2A7
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
c992927da546dc1e9870a5b94acc95bff95f724cb0a66a79d138db94ce5c236f

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1339
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 03:02:33 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 24 Dec 2023 03:02:33 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
us-u.openx.net/w/1.0/ Frame 9C52 		784 B
779 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6ce4dbb258635f3a68ec50b8cbd187c0990e2e4fcf2aef91db9cfde32bbbaf57

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
487
content-type
text/html
date
Sun, 24 Dec 2023 03:02:33 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477422425422998
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477422425422998
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-154
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=978477422425422998
Date
Sun, 24 Dec 2023 03:02:33 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=059f3da4-3b3c-4fba-83a2-f5b63c749cad&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=R3ItRnpMRnVuZzdpQWZ4cnNQeG14dw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESELQpZzNW81FjQV6IkSrV2CI&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=oF42wijvagBY
49 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=oF42wijvagBY
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-154
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=oF42wijvagBY
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-jtlhs
expires
-1
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=ZSfz20w6V599SbOcGzQRzmAJ-SQ
49 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=ZSfz20w6V599SbOcGzQRzmAJ-SQ
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-154
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=ZSfz20w6V599SbOcGzQRzmAJ-SQ
Date
Sun, 24 Dec 2023 03:02:33 GMT
Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=utf-8
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=1168756271806296904
49 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=1168756271806296904
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-154
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
an-x-request-uuid
0a1233b3-209d-4537-90b6-c74ad53125c3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=1168756271806296904
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c&google_hm=ODA2OTRhNjEtN2NlNS00MWVlLWI2NTEtZDAwYzVmMDRkZjlj
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECO4iizuybj-519XdAzOA4M&google_cver=1&ssp=sonobi&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&us_privacy=
49 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-154
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 24 Dec 2023 03:02:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=TevWFDYtx8ksdtnrnpanHSnJOdaVMA3At6SqisoFIOE&pi=sonobi&tc=1
49 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=TevWFDYtx8ksdtnrnpanHSnJOdaVMA3At6SqisoFIOE&pi=sonobi&tc=1
Protocol
H2
Server
2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-154
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=TevWFDYtx8ksdtnrnpanHSnJOdaVMA3At6SqisoFIOE&pi=sonobi&tc=1
pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT, Sun, 24 Dec 2023 03:02:33 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=059f3da4-3b3c-4fba-83a2-f5b63c749cad
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=059f3da4-3b3c-4fba-83a2-f5b63c749cad
42 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=059f3da4-3b3c-4fba-83a2-f5b63c749cad
Protocol
H2
Server
18.210.32.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-32-32.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v053-073822bf1.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
14i0U5LBQi4=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-1-v053-0fcf68780.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
Up+pb9XURFo=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=059f3da4-3b3c-4fba-83a2-f5b63c749cad
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
ProfilesEngineServlet
api.intentiq.com/profiles_engine/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=116da9d98c&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=60b38027-9256-4e4c-9c17-a4e547150eb1&pubid=116da9d98c
  • https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=32c247a8-fb6c-4888-bea3-65495c6a7f20
0
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=32c247a8-fb6c-4888-bea3-65495c6a7f20
Protocol
H2
Server
13.226.34.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-99.ewr53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 b759e26bde22770788987f2078515d9a.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST, GET
access-control-allow-origin
https://hematologistsxoc.com/
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
content-length
0
x-amz-cf-id
7ULxhLxQg_cO2y3fawRE9OmHsJ57kPfZze5_1trtMkRiNMJMEDNMfQ==
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-154
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=32c247a8-fb6c-4888-bea3-65495c6a7f20
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cframe.js
assets.a-mo.net/js/ Frame 16CE 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=Cs8BShRoZW1hdG9sb2dpc3RzeG9jLmNvbVILYWFzLTllMWI4MzBaCHBiYTEuMy4yahRoZW1hdG9sb2dpc3RzeG9jLmNvbfoBBjcuMzUuMOgCAYgDxr6erAaoA1rqAyRmYzQ5YzRkYy05OWY0LTQxNDMtOGM2Zi0xNGQ3Y2U0ZTQ1MDOqBANEQ0iyBQNVU0TSBQkxMDUxOTkzNTjYBQDgBQDqBQdkZXNrdG9w-gUEZGMxM6oHA3dlYsoHFGhlbWF0b2xvZ2lzdHN4b2MuY29t4AcB
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 e01570337e8962613adb227d515f9a6e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
BOS50-P4
age
112
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
83a59b29be834bd8-BUF
x-amz-cf-id
UN-M4PQd-8-WZo1VfBxZhuCdcynhXHtt-fN5xyVxJX4NX4URf_-FPQ==
expires
Sun, 24 Dec 2023 04:02:33 GMT
cframe.js
assets.a-mo.net/js/ Frame 43B0 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=Cs8BShRoZW1hdG9sb2dpc3RzeG9jLmNvbVILYWFzLTllMWI4MzBaCHBiYTEuMy4yahRoZW1hdG9sb2dpc3RzeG9jLmNvbfoBBjcuMzUuMOgCAYgDxr6erAaoA1rqAyQ1ZWRjMzRhOS1kNDMwLTQwMmEtOTJjMC00Mjc1Y2MwNTgxNGWqBANEQ0iyBQNVU0TSBQkxMDUxOTkzNTjYBQDgBQDqBQdkZXNrdG9w-gUEZGMxM6oHA3dlYsoHFGhlbWF0b2xvZ2lzdHN4b2MuY29t4AcB
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 e01570337e8962613adb227d515f9a6e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
BOS50-P4
age
112
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
83a59b29be824bd8-BUF
x-amz-cf-id
UN-M4PQd-8-WZo1VfBxZhuCdcynhXHtt-fN5xyVxJX4NX4URf_-FPQ==
expires
Sun, 24 Dec 2023 04:02:33 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame 55D9 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950674&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://elb.the-ozone-project.com/
Origin
https://elb.the-ozone-project.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83a59b2999634bd3-BUF
jp
rtb.gumgum.com/usync/ Frame 217C 		2 KB
991 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a9o7031703386950056
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.78.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-78-89.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a841d030d439d620dbcab2aa60c5c4e9f4ede705ad2851d0e04640718aaa2a69

Request headers

Referer
https://pre.ads.justpremium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 24 Dec 2023 03:02:33 GMT
etag
W/"0687b535b9fe693b9132f34ecd9637800"
server
nginx
timing-allow-origin
*
gg
match.justpremium.com/match/ Frame DD21
Redirect Chain
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&us_privacy=
  • https://match.justpremium.com/match/gg?jp_uid=r-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407&ex_uid=u_811c0878-b6df-4b3b-8127-4905eac05e44
43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/gg?jp_uid=r-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407&ex_uid=u_811c0878-b6df-4b3b-8127-4905eac05e44
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a9o7031703386950056
Protocol
H2
Server
34.204.24.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-24-130.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pre.ads.justpremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://match.justpremium.com/match/gg?jp_uid=r-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407&ex_uid=u_811c0878-b6df-4b3b-8127-4905eac05e44
date
Sun, 24 Dec 2023 03:02:33 GMT
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
cookie_sync
elb.the-ozone-project.com/ Frame 55D9 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950674&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cb98a16c3230bd052fc1b12868bd89e1ef68d13691087ef7a893b339c440c4a

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950674&bidder=ozone
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83a59b295dc139ef-YYZ
expires
0
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame 2BE6 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://elb.the-ozone-project.com/
Origin
https://elb.the-ozone-project.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83a59b2999644bd3-BUF
cookie_sync
elb.the-ozone-project.com/ Frame 2BE6 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30efee01525dfbd0eb7b9abbd13b0b39fbb343066831891df6d29728ced3b21

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83a59b297deb39ef-YYZ
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
ff6745039b57997690ae4c88a43a1d0650a1cff8e9214f152245b587fdf7f689
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1259344902462092&bg=!-vml-bbNAAY3kmNgF5I7ADQBe5WfOIgI69NXKr3qBdbLLMpqPrDcii6rR81-KWwX-V1wtVa0_UEG1m44NRY_8vtFPU7fAgAAAGVSAAAABWgBB5kC9wbbJ1vph7zTQ_yGGie2hSaYHgro-BYoXtAUuL-ul2avyUY8X8DU-19ELoCA8Yan3NV9yGCZOK0coSaI5pXGXuwaqgup7k1fTD9dJH5cPBbbFXfk7w2_CcVpK2u1bHQ_UH1wGa-2xu2XZUNjU9mcn1X8OrwPWfx0Jh4JzMKDQqYKgQBk_h6KXJWJ27RTIj7PQElEccq8uA_FaEU7FUcHuElDPn1pu38oxo3iqQz6DrBXxS6Kcxn2gp_9HC7BVApxZfGx0KJd6ly1HXTK74V6WbLmej8LSncFnjRfxraDNGfScsObR1wb8jTDwNqQf-eyiAoSvndHEHNs1STxY4bxgZGeMqKcNPqgCBultdwAc_Fvrf0tB_9gO4GRGb1FTmF4L6eWR08SAgAoA2g3b0FVnjR4x2TZXzXMYXZBGFYDNykA_w6-hTAc20Asl0v-GuTVDwL-JL5iYErAUH4PkxYedOzmNS9o9sVWiDiBLjMxbON01WmvMfw3LTXo015ZNIOlgbKPT9HbxlS8ahkjKpuXbWfsxYOkTearlGdy8aNryo2NQ1CWJTOwIJZfrNCzi1q2rSIXcjeNIXxKa99hlDV6mVouizExR9XhmoZxySLPsK_Mm5KQD-5s7WLviGnlK0brXGRLbLaZUlVNGCwgd8kPw6xBHMqHrA2qB2nU8VURuDrFm87MG_WKxrirRoe-1hnJcRaAngEVsv7msXtaU4xSq8vgAkxscqUD95OvkKx5Oc-6KdgV-WnOTu58EU82UXH3NYBxv9VL8Ob30JUeq48zmZ0BpE4NnFCl2oH6tZcYzfAYtm4j3efEUgHULC8szAvsaPWmBxZnGQ8SKZmIqutQchaaCFPTCQ6mFFjMUuPAFVkk2KMS3pxYE9bXRlYbK8cRiS0kRktNfTebcM8wevfNP3dSPX5ge8q3PRp5lhGDqL7PkhBVDOcd6sFx5raM6fqcIXcoO9WOORia5oFuU-XU67h1s_nWLhpDYkinoYEE-5M-yROxaEpQvQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 8740 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.78.81 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-78-81.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
be83801fd53ef45d38bfb1e55dde6f0a0b95a833e57320d2b9b0bdc338d6a349

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 03:02:33 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Dec 2023 12:00:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32261
Connection
keep-alive
Content-Length
13200
Expires
Sun, 24 Dec 2023 12:00:14 GMT
setuid
elb.the-ozone-project.com/ Frame 55D9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A&gdpr=0
0
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950674&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a59b2a1eac39ef-YYZ
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A&gdpr=0
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame 6D73 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
an-x-request-uuid
c7b5666e-4caa-42a4-ac34-e0181afaba49
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FA42 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4803864&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9b2950f5c9ea56705c30d4597cdbe0bab9d36428dd5827cbf42bcd25dfdb8aa6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 03:02:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=n7PzvHxVS3IrMUNZWkZwMnRhWitXaWxDY3BCMGxnakVCY2FEaVlBajZJaVNzVFN4dzZ3TS9xWUhkRzRONnVEbGtJeW4rNFYrSDdiS2hxUmYvZDdub00zbkFCb1hjcVI0WjBjYS9oT1BCT29kYnl1TWFUaGczZC8vOTBRVUNpVFZSanJyZzdQNFVGSjYzYUhrVXBSVCtXTVNiSm0ybGVXc3ZleDQzdWVJL3ZQWldaVUtDamlaRE42bFJoRkJkS0tCS0Q2ejl5a01IT1JsNDAwcVVZMDFFNkxsTlJiMmNhM2xES1MxSURTNjlpV1o0MzhsMEhuRFpxb01rdmQ1R3lrWHFwTjNCfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 24 Dec 2023 03:02:32 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
251933
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 8740 		7 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
8bab65602db075726861004da5629947
Expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 00B9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=168387
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 24 Dec 2023 03:02:33 GMT
expires
Tue, 26 Dec 2023 01:49:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sd
us-u.openx.net/w/1.0/ Frame B021
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=YpSRNW3HnTd5w59hYJeEOmfDymF5xZlhNcKOpuNX
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=YpSRNW3HnTd5w59hYJeEOmfDymF5xZlhNcKOpuNX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=YpSRNW3HnTd5w59hYJeEOmfDymF5xZlhNcKOpuNX
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B021
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3495483585301946031
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3495483585301946031
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3495483585301946031
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame B021 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=05c75df0-60f3-cfb3-3363-10ea808c2046
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N56CBCT6NJXT0KAM9YYY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B021
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=5d11218d-7c59-7449-f36d-927de8bfeba6&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=5d11218d-7c59-7449-f36d-927de8bfeba6&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=5d11218d-7c59-7449-f36d-927de8bfeba6&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=5d11218d-7c59-7449-f36d-927de8bfeba6&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 03:02:33 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame B021 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzE3ZWYyNDctYjUyZS0yYWVkLWU2OGQtYzhjNDIyNWQyNWM2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B021
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLiAcMbLOuxFadd6PdY_WI&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLiAcMbLOuxFadd6PdY_WI&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLiAcMbLOuxFadd6PdY_WI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B2A7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=60b38027-9256-4e4c-9c17-a4e547150eb1&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=60b38027-9256-4e4c-9c17-a4e547150eb1&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=60b38027-9256-4e4c-9c17-a4e547150eb1&dongle=0cfd&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 03:02:33 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame B2A7
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NzE5OTU2NTE3MTY2NTcyOTUyMTEx
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B2A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIazyVxRyJLC8IHDCz-_Vfk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIazyVxRyJLC8IHDCz-_Vfk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIazyVxRyJLC8IHDCz-_Vfk&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B2A7
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NzE5OTU2NTE3MTY2NTcyOTUyMTEx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NzE5OTU2NTE3MTY2NTcyOTUyMTEx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NzE5OTU2NTE3MTY2NTcyOTUyMTEx
date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame B2A7 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=719956517166572952111&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F0D732A09C7E48858A327D0D26999914 Ref B: EWR311000101021 Ref C: 2023-12-24T03:02:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNOK5G2WRRb3S5soCGkQ==
xuid
eb2.3lift.com/ Frame B2A7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/719956517166572952111?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-AfWCAzVE2oQzXGHZZIN5G61qeoZF6rqwu1Zr2oHflA--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-AfWCAzVE2oQzXGHZZIN5G61qeoZF6rqwu1Zr2oHflA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-AfWCAzVE2oQzXGHZZIN5G61qeoZF6rqwu1Zr2oHflA--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame B2A7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=719956517166572952111&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=triplelift&bsw_custom_parameter=80694a61-7ce5-41ee-b651-d00c5f04df9c
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=a340ea5d-5402-4eab-bedb-772822b89e8c&ssp=triplelift&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c
  • https://eb2.3lift.com/xuid?mid=2409&xuid=80694a61-7ce5-41ee-b651-d00c5f04df9c&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=80694a61-7ce5-41ee-b651-d00c5f04df9c&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=80694a61-7ce5-41ee-b651-d00c5f04df9c&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 24 Dec 2023 03:02:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame B2A7 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:32 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
171302
expires
Sun, 24 Dec 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame B2A7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1168756271806296904&dongle=4d58&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=1168756271806296904&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
an-x-request-uuid
2e5cd56f-eae5-430b-b2f5-0b18dc370e6c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=1168756271806296904&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame B2A7 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=719956517166572952111
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
an-x-request-uuid
b90afd15-0d16-42e4-91a7-6788dac318fc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A3F0 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
an-x-request-uuid
2b261e90-1e17-4c75-9291-a9038e3953ce
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9C52
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=YpSRNW3HnTd5w59hYJeEOmfDymF5xZlhNcKOpuNX
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=YpSRNW3HnTd5w59hYJeEOmfDymF5xZlhNcKOpuNX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=YpSRNW3HnTd5w59hYJeEOmfDymF5xZlhNcKOpuNX
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 9C52
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5535339530113223752
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5535339530113223752
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5535339530113223752
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9C52 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=05c75df0-60f3-cfb3-3363-10ea808c2046
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ESRK13CZHZ3ME2MR5QN8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9C52
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=5d11218d-7c59-7449-f36d-927de8bfeba6&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=5d11218d-7c59-7449-f36d-927de8bfeba6&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=5d11218d-7c59-7449-f36d-927de8bfeba6&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=5d11218d-7c59-7449-f36d-927de8bfeba6&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 03:02:33 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 9C52 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzE3ZWYyNDctYjUyZS0yYWVkLWU2OGQtYzhjNDIyNWQyNWM2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9C52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLiAcMbLOuxFadd6PdY_WI&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLiAcMbLOuxFadd6PdY_WI&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=e28d7acf-93a0-46c9-a8ec-e3ef1912fa28&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFLiAcMbLOuxFadd6PdY_WI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 217C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1168756271806296904
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1168756271806296904
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
an-x-request-uuid
eb9ef724-49a1-43e9-b9cd-2da1d7ef2dcb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=1168756271806296904
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 217C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_4ff7abeb-fa34-449c-829d-7b6a6149b18d&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=83bc2694-b8ec-454a-9ca1-f36621b68b35&expires=1&user_group=5&ssp=gumgum2&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=
Date
Sun, 24 Dec 2023 03:02:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 217C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=aa2c85fd-544c-4c1f-9416-829020efeae0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=aa2c85fd-544c-4c1f-9416-829020efeae0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 24 Dec 2023 03:02:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=aa2c85fd-544c-4c1f-9416-829020efeae0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 217C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36
Date
Sun, 24 Dec 2023 03:02:33 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 217C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-VA2LgTpE2pf4y5eB1T2uKlVCNsSPtTKgcdc1~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-VA2LgTpE2pf4y5eB1T2uKlVCNsSPtTKgcdc1~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-VA2LgTpE2pf4y5eB1T2uKlVCNsSPtTKgcdc1~A
content-length
0
usersync
usersync.gumgum.com/ Frame 217C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=3bfe154f-c2ab-4098-9374-4fce5cae1094
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=3bfe154f-c2ab-4098-9374-4fce5cae1094
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=3bfe154f-c2ab-4098-9374-4fce5cae1094
Date
Sun, 24 Dec 2023 03:02:33 GMT
Connection
keep-alive
X-CI-RTID
afc81a43-ffab-4015-b97e-aaed56dc2497
Content-Length
108
Content-Type
text/html; charset=utf-8
258.json
id5-sync.com/g/v2/ 		624 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
b162724bde31d6315b7f4ce1e98eca03d12b7ac222626130f863df4c930cd250
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hematologistsxoc.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hematologistsxoc.com
date
Sun, 24 Dec 2023 03:02:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usersync
usersync.gumgum.com/ Frame F380
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=6834136095838192859&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=6834136095838192859&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sun, 24 Dec 2023 03:02:33 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=6834136095838192859&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame D1DE 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV80ZmY3YWJlYi1mYTM0LTQ0OWMtODI5ZC03YjZhNjE0OWIxOGQ=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 03:02:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7B6C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=168387
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 24 Dec 2023 03:02:33 GMT
expires
Tue, 26 Dec 2023 01:49:00 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame D223
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=60b38027-9256-4e4c-9c17-a4e547150eb1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=60b38027-9256-4e4c-9c17-a4e547150eb1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Sun, 24 Dec 2023 03:02:33 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=60b38027-9256-4e4c-9c17-a4e547150eb1
server
Kestrel
usersync
usersync.gumgum.com/ Frame 766F
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZYefScCo8YMAAAVjPmYAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZYefScCo8YMAAAVjPmYAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:34 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 03:02:33 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZYefScCo8YMAAAVjPmYAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
m-ad1010.dc4p.scaleout.jp
X-SO-IP
96.9.249.36
X-SO-Key
ZYefScCo8YMAAAVjPmYAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.36","key":"ZYefScCo8YMAAAVjPmYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1010"}
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad1010
setuid
elb.the-ozone-project.com/ Frame 55D9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=60b38027-9256-4e4c-9c17-a4e547150eb1
0
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=60b38027-9256-4e4c-9c17-a4e547150eb1
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950674&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a59b2ba8ca39ef-YYZ
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=60b38027-9256-4e4c-9c17-a4e547150eb1
date
Sun, 24 Dec 2023 03:02:33 GMT
server
Kestrel
content-length
215
idl.js
assets.a-mo.net/js/ Frame 43B0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=hematologistsxoc.com&e=27&uid=34d9000b-9205-4125-a9cc-fdcb37030b38
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 be85287d15abd3cfecdfa319493ba256.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
JFK52-P2
age
436
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 02 Nov 2023 21:08:31 GMT
server
cloudflare
etag
W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
83a59b2b8f414bd8-BUF
x-amz-cf-id
mBgkEkEConb3KmbGjZdbcA9yzUZUSAuY4CHkGbeqmyb-kwFU49iszg==
expires
Sun, 24 Dec 2023 04:02:33 GMT
usync.html
eus.rubiconproject.com/ Frame 1A6B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.78.81 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-78-81.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://prebid.a-mo.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Dec 2023 03:02:33 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 24 Dec 2023 03:02:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
server
AkamaiGHost
setuid
prebid.a-mo.net/ Frame 43B0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=34d9000b-9205-4125-a9cc-fdcb37030b38&gdpr=0&us_privacy=1---
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=80694a61-7ce5-41ee-b651-d00c5f04df9c
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=80694a61-7ce5-41ee-b651-d00c5f04df9c&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=MzAxYmQ2MjcxM2Q5NWZjNw&gdpr=0&gdpr_consent=&us_privacy=1---&ssp=adaptmx&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=1---
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=1---
Date
Sun, 24 Dec 2023 03:02:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame 43B0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=34d9000b-9205-4125-a9cc-fdcb37030b38
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:32 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid.a-mo.net/ Frame 43B0
Redirect Chain
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Damx_com%26uid%3D
  • https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=amx_com&uid=34d9000b-9205-4125-a9cc-fdcb37030b38
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=amx_com&uid=34d9000b-9205-4125-a9cc-fdcb37030b38
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=amx_com&uid=34d9000b-9205-4125-a9cc-fdcb37030b38
date
Sun, 24 Dec 2023 03:02:33 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 43B0
Redirect Chain
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=openx&uid=64cfae42-c5c6-47a0-98e1-526869e4292b
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=openx&uid=64cfae42-c5c6-47a0-98e1-526869e4292b
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:32 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=openx&uid=64cfae42-c5c6-47a0-98e1-526869e4292b
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
cookie
cm.adform.net/ Frame 43B0 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dadform%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
prebid.a-mo.net/ Frame 43B0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5535339530113223752
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dpubmatic%26uid%3DDF95D64B-0F5A-4194-9...
  • https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=pubmatic&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=pubmatic&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=pubmatic&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame 43B0
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3Fus_privacy%3D1---%26A%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&s=191503&us...
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=index_rtb&uid=ZYefSehwxCOfO0YynO09kgAA%261378
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?us_privacy=1---&A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=index_rtb&uid=ZYefSehwxCOfO0YynO09kgAA%261378
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4Bo%2Bl3UjGr4jLnLBxDrs%2FyBtKnv5wUOSSOYdfRR01VhDrxwFYErAhZtJPxVlnqMB8wYlMR2Tk4b9RYNxzOI%2FD41Sle3UvLA5cqduMqMA4LHl6YqrK3ET3F70ri2RGbRDTnPAEwI"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?us_privacy=1---&A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=index_rtb&uid=ZYefSehwxCOfO0YynO09kgAA%261378
cache-control
no-cache
cf-ray
83a59b2c7cbc54d9-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame 43B0
Redirect Chain
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=sovrn&uid=H31WhBZHGoaNboL8TIe4PwDm
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=sovrn&uid=H31WhBZHGoaNboL8TIe4PwDm
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Sun, 24 Dec 2023 03:02:33 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=sovrn&uid=H31WhBZHGoaNboL8TIe4PwDm
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame 43B0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=appnexus&uid=1168756271806296904
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=appnexus&uid=1168756271806296904
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
an-x-request-uuid
1f11081d-8ea7-4dd5-8c7e-c0af4054d4b8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=appnexus&uid=1168756271806296904
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 43B0 		0
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=34d9000b-9205-4125-a9cc-fdcb37030b38&do=hematologistsxoc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.105 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
content-length
0
content-type
text/html
setuid
ib.adnxs.com/prebid/ Frame 43B0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=34d9000b-9205-4125-a9cc-fdcb37030b38&do=hematologistsxoc.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
an-x-request-uuid
3b41efb1-ba67-4d1e-866c-633ad6fcab16
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame 2BE6
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=64cfae42-c5c6-47a0-98e1-526869e4292b
0
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=64cfae42-c5c6-47a0-98e1-526869e4292b
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a59b2c79d639ef-YYZ
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=64cfae42-c5c6-47a0-98e1-526869e4292b
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
dcm
s.amazon-adsystem.com/ Frame 655A 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=DF95D64B-0F5A-4194-9DAD-94E25614560D&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
KVN9GVNE5P8H709M5XFR
ImgSync
image8.pubmatic.com/AdServer/ Frame 9E15
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCd0wwN0xEejhBQUJiRl9wVEt2UQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?uid=AAFBcU7LDz8AABLjZUYDPQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?ev=AAFBcU7LDz8AABLjZUYDPQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFBcU7LDz8AABLjZUYDPQ&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFBcU7LDz8AABLjZUYDPQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=8286368670581380728&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFBcU7LDz8AABLjZUYDPQ&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 24 Dec 2023 03:02:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 23 Dec 2023 16:58:55 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 25D6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1168756271806296904&gdpr=0&gdpr_consent=
42 B
315 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1168756271806296904&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 03:02:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
593b0612-bbd7-4e46-8791-6c90633886c3
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 03:02:33 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1168756271806296904&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
141
match.deepintent.com/usersync/ Frame 5E28 		0
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Sun, 24 Dec 2023 03:02:33 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 1904 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 24 Dec 2023 03:02:33 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4541-YYZ
x-timer
S1703386954.605014,VS0,VE21
Pug
simage2.pubmatic.com/AdServer/ Frame ED18
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=pubmatic&bidswitch_custom_parameter=80694a61-7ce5-41ee-b651-d00c5f04df9c
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=eec4f6cbab7d85460597b4e4ea93a9b7&expires=30&ssp=pubmatic&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
184 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 03:02:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 03:02:33 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
/
onetag-sys.com/match/ Frame 9EB0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nad7uZL0d7uG8HXtn6RutpjwIO2G9nPtyvGpy3D1
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8fd0bb6d-ba1b-4a12-af15-18ba8edaac46&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
157
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 03:02:33 GMT
location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame EA02
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e278fba4-a208-11ee-ae5d-8536e7367e78
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e278fba4-a208-11ee-ae5d-8536e7367e78
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 16:46:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sun, 24 Dec 2023 03:02:33 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=e278fba4-a208-11ee-ae5d-8536e7367e78
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-5
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FA42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=35XWSw9aQZSdrZTiVhRWDQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
23.56.163.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=168387
accept-ranges
bytes
content-length
5622
expires
Tue, 26 Dec 2023 01:49:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame FA42
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=DF95D64B-0F5A-4194-9DAD-94E25614560D
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=DF95D64B-0F5A-4194-9DAD-94E25614560D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=eb47532c-e479-4bde-8a8c-0a2391166c17%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=eb47532c-e479-4bde-8a8c-0a2391166c17%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=eb47532c-e479-4bde-8a8c-0a2391166c17%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=eb47532c-e479-4bde-8a8c-0a2391166c17%2C%2C
date
Sun, 24 Dec 2023 03:02:33 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame FA42 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20DF95D64B-0F5A-4194-9DAD-94E25614560D&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame FA42 		37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=DF95D64B-0F5A-4194-9DAD-94E25614560D&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame FA42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REY5NUQ2NEItMEY1QS00MTk0LTlEQUQtOTRFMjU2MTQ1NjBE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6bcf3bce-e561-4471-802a-4dd2b55aa055&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
date
Sun, 24 Dec 2023 03:02:31 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame FA42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHFuzquKDeIeTLLle0Rkujc&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:45c78ba2-30c1-4260-8e97-1ae1950b655c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
setuid
prebid.a-mo.net/ Frame FA42
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:BF02334EE8324B91A71A305D942A5094
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D34d9000b-9205-4125-a9cc-fdcb37030b38%26bidder%3Dpubmatic%26uid%3DDF95D64B-0F5A-4194-9...
  • https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=pubmatic&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=pubmatic&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=34d9000b-9205-4125-a9cc-fdcb37030b38&bidder=pubmatic&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame FA42
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
42 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 03:02:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 03:02:33 GMT
server
Kestrel
content-length
355
DF95D64B-0F5A-4194-9DAD-94E25614560D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FA42 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/DF95D64B-0F5A-4194-9DAD-94E25614560D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:d869:2cda:ed4:54bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame FA42
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-luf3QPdE2uV6S6IiQteTk3OsVsnE9qU-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-luf3QPdE2uV6S6IiQteTk3OsVsnE9qU-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-luf3QPdE2uV6S6IiQteTk3OsVsnE9qU-~A&gdpr=0
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame FA42
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=4f0cb74bcce005a7&is_secure=true&networkId=17100&version=1&nuid=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACR7ytneWC4wMQKDXrAAAAAAA&expiration=1703473354&nuid=DF95D64B-0F5A-4194-9DAD-94E25614560D&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
date
Sun, 24 Dec 2023 03:02:34 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
ImgSync
image8.pubmatic.com/AdServer/ Frame FA42
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=51f3fc79-6dbc-4c17-8d3e-c2df37f1f720&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f2734658-000b-4255-94b4-86713de7e47a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sn.ashx
pmp.mxptint.net/ Frame FA42
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10E2C7E3A_9602646D&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Server
38.68.201.140 Ashburn, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-386391753; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:33 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-386391753; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sat, 23 Dec 2023 17:00:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame FA42 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.109.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-109-62.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FA42
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4301131125610587739&gdpr=0&gdpr_consent=&us_privacy=
1 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4301131125610587739&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 16:56:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4301131125610587739&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame FA42
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4fcf7faa-f51c-4b8c-9a8f-57b9600041ed-65879f49-5553&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4fcf7faa-f51c-4b8c-9a8f-57b9600041ed-65879f49-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4fcf7faa-f51c-4b8c-9a8f-57b9600041ed-65879f49-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
elb.the-ozone-project.com/ Frame 55D9
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=H31WhBZHGoaNboL8TIe4PwDm
0
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=H31WhBZHGoaNboL8TIe4PwDm
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950674&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a59b2c79d739ef-YYZ
content-length
0
expires
0

Redirect headers

Date
Sun, 24 Dec 2023 03:02:33 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=H31WhBZHGoaNboL8TIe4PwDm
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
883ce9e2-e145-4071-a2fe-d542b5710eff
https://prebid.a-mo.net/ Frame 43B0 		181 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://prebid.a-mo.net/883ce9e2-e145-4071-a2fe-d542b5710eff
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
133406ba48f5c008aab6f263151a8cd6cba1cdccbbc0ba20bd277fb9d180597a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
181
Content-Type
publishertag.prebid.134.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 03:02:33 GMT
setuid
px.ads.linkedin.com/ Frame 8740
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQIWLYW6-H-DTN2
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQIWLYW6-H-DTN2
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B08CE9C7F34248BDA2AEA9922DB3F9FF Ref B: EWR311000101021 Ref C: 2023-12-24T03:02:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYNOK5MRlZZxBvGgV9EaQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQIWLYW6-H-DTN2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8740
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFJV0xZVzYtSC1EVE4y
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECMKp8ey_PV1sfivqpxxKBo&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFJV0xZVzYtSC1EVE4y&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFJV0xZVzYtSC1EVE4y&google_push=
Protocol
H3
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFJV0xZVzYtSC1EVE4y&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8740
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=&expires=30
42 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f84b118a3f01dd6ffa744f6af941f4e8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=&expires=30
date
Sun, 24 Dec 2023 03:02:33 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame 8740
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjFjNjE3OGY1Yjk3ZjVmNWIwMWNiYjExZmVkYTI1MDFjZWU5YTI3YQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjFjNjE3OGY1Yjk3ZjVmNWIwMWNiYjExZmVkYTI1MDFjZWU5YTI3YQ
Protocol
H3
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjFjNjE3OGY1Yjk3ZjVmNWIwMWNiYjExZmVkYTI1MDFjZWU5YTI3YQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8740 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CZ2524652VXACV12SR05
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 8740
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQIWLYW6-H-DTN2&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQIWLYW6-H-DTN2&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8AYNBRKZJ07KH36TPG6Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQIWLYW6-H-DTN2&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
82a6cabd8b3f0d2d2ae6e86e2699f0ba
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8740
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Bj4Af8fikmacxJL9VMWrpw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QsWKBoZE2oLKALp9QIzI6avxxAmq4wQjVn_7EA--~A
42 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QsWKBoZE2oLKALp9QIzI6avxxAmq4wQjVn_7EA--~A
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QsWKBoZE2oLKALp9QIzI6avxxAmq4wQjVn_7EA--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 8740
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7eIGJVXeSzGh8qIarhNPsw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7eIGJVXeSzGh8qIarhNPsw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7eIGJVXeSzGh8qIarhNPsw
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MV7ZDYRJ94BHQP8CYZQQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7eIGJVXeSzGh8qIarhNPsw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8740
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKLobj47TQUONk9mZ8Gjov4&google_cver=1
42 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKLobj47TQUONk9mZ8Gjov4&google_cver=1
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKLobj47TQUONk9mZ8Gjov4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8740
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFBcU7LDz8AABLjZUYDPQ&expires=30
42 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFBcU7LDz8AABLjZUYDPQ&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFBcU7LDz8AABLjZUYDPQ&expires=30
Date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame 8740
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQIWLYW6-H-DTN2&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQIWLYW6-H-DTN2&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1CSWNkT1NWRTJ1SGd1MlpobVhlSmFJU2FBV2VJWFJHa35B&ovsid=LQIWLYW6-H-DTN2&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1CSWNkT1NWRTJ1SGd1MlpobVhlSmFJU2FBV2VJWFJHa35B&ovsid=LQIWLYW6-H-DTN2&dpid=58160
Protocol
H2
Server
104.126.119.89 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-119-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 24 Dec 2023 03:02:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Sun, 24 Dec 2023 03:02:34 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1CSWNkT1NWRTJ1SGd1MlpobVhlSmFJU2FBV2VJWFJHa35B&ovsid=LQIWLYW6-H-DTN2&dpid=58160
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
receive
pixel.tapad.com/idsync/ex/ Frame 8740
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQIWLYW6-H-DTN2
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQIWLYW6-H-DTN2
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQIWLYW6-H-DTN2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ProfilesEngineServlet
syncv4.intentiq.com/profiles_engine/ Frame 8740
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQIWLYW6-H-DTN2
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIWLYW6-H-DTN2
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIWLYW6-H-DTN2&ripv6=2602:ffc8:2:104::12
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIWLYW6-H-DTN2&ripv6=2602:ffc8:2:104::12&ckls=true&ci=fsjNOJRpbg&nc=false&trid...
43 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIWLYW6-H-DTN2&ripv6=2602:ffc8:2:104::12&ckls=true&ci=fsjNOJRpbg&nc=false&trid=1166611941
Protocol
H2
Server
18.173.219.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-12.jfk52.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
via
1.1 c5ee0f95b71de262d79b7462d2bdda18.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Eu1w86QtxhrCHskuO-lPHM4NEZngkp_O1pPyoKGocnQ-kOkMJjnZ4g==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
via
1.1 c5ee0f95b71de262d79b7462d2bdda18.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQIWLYW6-H-DTN2&ripv6=2602:ffc8:2:104::12&ckls=true&ci=fsjNOJRpbg&nc=false&trid=1166611941
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
pSSQQclSg9cI4HJNReFvcaqsryedRdVxrCYrJJbMy_Uksy5zMRsU1Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 8740
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQIWLYW6-H-DTN2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQIWLYW6-H-DTN2
Protocol
H2
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
an-x-request-uuid
3ca0b41d-c708-453d-a037-712644b61510
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQIWLYW6-H-DTN2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8740
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=51f3fc79-6dbc-4c17-8d3e-c2df37f1f720&expires=30
42 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=51f3fc79-6dbc-4c17-8d3e-c2df37f1f720&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
574abe46412f7df61ec8713ff1a5b646
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=51f3fc79-6dbc-4c17-8d3e-c2df37f1f720&expires=30
Date
Sun, 24 Dec 2023 03:02:33 GMT
Connection
keep-alive
X-CI-RTID
d360407b-0e41-470c-9a30-e7cc8f75c505
Content-Length
144
Content-Type
text/html; charset=utf-8
merge
ce.lijit.com/ Frame 8740
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LQIWLYW6-H-DTN2
43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQIWLYW6-H-DTN2
Protocol
HTTP/1.1
Server
63.251.86.49 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:34 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LQIWLYW6-H-DTN2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Expires
0
usync.js
eus.rubiconproject.com/ Frame 1A6B 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.78.81 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-78-81.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
be83801fd53ef45d38bfb1e55dde6f0a0b95a833e57320d2b9b0bdc338d6a349

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 03:02:33 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Dec 2023 12:00:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32261
Connection
keep-alive
Content-Length
13200
Expires
Sun, 24 Dec 2023 12:00:14 GMT
fed
ups.analytics.yahoo.com/ups/58771/ Frame 43B0 		316 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=34d9000b-9205-4125-a9cc-fdcb37030b38
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=hematologistsxoc.com&e=27&uid=34d9000b-9205-4125-a9cc-fdcb37030b38
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
fbfbd2165b06d7d429ff83fec50c4358ba82526013092377e6cec2d89696cf62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://prebid.a-mo.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://prebid.a-mo.net
content-type
application/json
access-control-allow-credentials
true
getsync
ads.servenobid.com/ Frame 766D
Redirect Chain
  • https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dhttps%25...
  • https://ads.servenobid.com/sync?pid=312&uid=1168756271806296904&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%25...
  • https://ads.servenobid.com/getsync?jp=1&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253...
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsy...
  • https://ad.turn.com/r/cs?pid=45&rndcb=8715551654
  • https://sync.1rx.io/usersync/turn/4301131125610587739?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-00...
  • https://ads.servenobid.com/sync?pid=321&uid=RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-p...
  • https://ads.servenobid.com/getsync?jp=2&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redire...
  • https://ads.servenobid.com/sync?pid=317&uid=3789845405557970657&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D3%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid%25...
  • https://ads.servenobid.com/getsync?jp=3&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%...
  • https://ads.servenobid.com/sync?pid=353&uid=3463885546634072000V10&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D4%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetuid...
  • https://ads.servenobid.com/getsync?jp=4&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%25...
  • https://ads.servenobid.com/sync?pid=310&uid=H31WhBZHGoaNboL8TIe4PwDm&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dhttps%253A%252F%252Felb.the-ozone-project.com%252Fsetu...
  • https://ads.servenobid.com/getsync?jp=5&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
0
0
setuid
elb.the-ozone-project.com/ Frame 2BE6
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZYefSehwxCOfO0YynO09kgAA%261378
0
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZYefSehwxCOfO0YynO09kgAA%261378
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a59b2d8b2e39ef-YYZ
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skMeMtfADGF4Ceb4i8NHYyh%2BskbTR%2FE%2BY56UNVIUokIVOhw7soMA8fyINLCZmJyFWqUnLtzi%2FPPbWHWOMM8fNtJ1Z2l44NmeHmOLwB8It6uawK0ZiJ6FhcgXxzmy0aPcExT8glb8"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZYefSehwxCOfO0YynO09kgAA%261378
cache-control
no-cache
cf-ray
83a59b2d3d9a36a2-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
khaos.json
token.rubiconproject.com/ Frame 1A6B 		7 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQIWLYW6-H-DTN2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 1A6B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&khaos=LQIWLYW6-H-DTN2
  • https://prebid.a-mo.net/setuid/magnite?uid=LQIWLYW6-H-DTN2
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQIWLYW6-H-DTN2
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQIWLYW6-H-DTN2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
usync.html
eus.rubiconproject.com/ Frame 6532
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4518969610&rd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.78.81 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-78-81.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Dec 2023 03:02:33 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 24 Dec 2023 03:02:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame C461 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4518969610&rd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
c60b0583559b6e949440d4b8fdfd15f756b6ca7adb1e3f0b426307bfa4384ab1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1697
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame 7695
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=1168756271806296904&gdpr=0&gdpr_consent=
95 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=1168756271806296904&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4518969610&rd=1
Protocol
H2
Server
157.90.211.246 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/png
date
Sun, 24 Dec 2023 03:02:22 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
an-x-request-uuid
4ae7e132-807c-4c03-889e-8febabf9d032
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=1168756271806296904&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/ Frame 7695
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2048&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2F056f32ee5cf49404607e368bd8d3f2af%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BPUB_USER_I...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2048&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2F056f32ee5cf49404607e368bd8d3f2af%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BPUB_...
  • https://sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/?gdpr=0&euconsent=&uid=3b613cb4-75dd-4618-bbba-ff26a23f8deb
95 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/?gdpr=0&euconsent=&uid=3b613cb4-75dd-4618-bbba-ff26a23f8deb
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4518969610&rd=1
Protocol
H2
Server
157.90.211.246 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/png
date
Sun, 24 Dec 2023 03:02:22 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/?gdpr=0&euconsent=&uid=3b613cb4-75dd-4618-bbba-ff26a23f8deb
access-control-allow-origin
*
date
Sun, 24 Dec 2023 03:02:34 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/ Frame F6B0
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2048&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2F056f32ee5cf49404607e368bd8d3f2af%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BPUB_USER_I...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2048&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2F056f32ee5cf49404607e368bd8d3f2af%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BPUB_...
  • https://sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/?gdpr=0&euconsent=&uid=3b613cb4-75dd-4618-bbba-ff26a23f8deb
95 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/?gdpr=0&euconsent=&uid=3b613cb4-75dd-4618-bbba-ff26a23f8deb
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5168118996&rd=1
Protocol
H2
Server
157.90.211.246 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/png
date
Sun, 24 Dec 2023 03:02:22 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/?gdpr=0&euconsent=&uid=3b613cb4-75dd-4618-bbba-ff26a23f8deb
access-control-allow-origin
*
date
Sun, 24 Dec 2023 03:02:34 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
sync.richaudience.com/6ccbc109824ae3014a36fd8993cc151d/ Frame F6B0
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=mmnOOyXZ&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/6ccbc109824ae3014a36fd8993cc151d/?uid=059d375e-d427-4900-b250-76702de8c33b&gdpr=0
95 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/6ccbc109824ae3014a36fd8993cc151d/?uid=059d375e-d427-4900-b250-76702de8c33b&gdpr=0
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5168118996&rd=1
Protocol
H2
Server
157.90.211.246 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/png
date
Sun, 24 Dec 2023 03:02:22 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/6ccbc109824ae3014a36fd8993cc151d/?uid=059d375e-d427-4900-b250-76702de8c33b&gdpr=0
date
Sun, 24 Dec 2023 03:02:34 GMT
content-length
0
/
sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/ Frame F6B0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=0471c56c-752b-4a57-8d10-1zz1703386942
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=richaudience&user_id=PkHxDkULn_TZPyOIw0i20
  • https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&us_ps=
95 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&us_ps=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5168118996&rd=1
Protocol
H2
Server
157.90.211.246 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/png
date
Sun, 24 Dec 2023 03:02:22 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
//sync.richaudience.com/697a8452aebbe5875da0878cfaf3d0d0/?uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&us_ps=
Date
Sun, 24 Dec 2023 03:02:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/ Frame F6B0
Redirect Chain
  • https://id5-sync.com/s/286/9.gif?puid=0471c56c-752b-4a57-8d10-1zz1703386942&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fgdpr%3D0%26euco...
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F441%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/286/441/8/2.gif?puid=u_811c0878-b6df-4b3b-8127-4905eac05e44&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-eb169aptoi8Nucpox1hWh2u9NJK7Y9LynItIw30t0A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/286/124/7/3.gif?puid=3b613cb4-75dd-4618-bbba-ff26a23f8deb&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/286/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/286/2/6/4.gif?puid=1168756271806296904&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F434%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/286/434/5/5.gif?puid=32c247a8-fb6c-4888-bea3-65495c6a7f20&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F796%2F4%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/286/796/4/6.gif?puid=51f3fc79-6dbc-4c17-8d3e-c2df37f1f720&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=1168756271806296904&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1246%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/286/1246/3/7.gif?puid=H31WhBZHGoaNboL8TIe4PwDm&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F429%2F2%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/286/429/2/8.gif?puid=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F108%2F1%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/286/108/1/9.gif?puid=eb47532c-e479-4bde-8a8c-0a2391166c17&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AAFBcU7LDz8AABLjZUYDPQ&id5AccountNum=155&numCascadesAllowed=9
  • https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?gdpr=0&euconsent=&uid=ID5-eb169aptoi8Nucpox1hWh2u9NJK7Y9LynItIw30t0A
95 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?gdpr=0&euconsent=&uid=ID5-eb169aptoi8Nucpox1hWh2u9NJK7Y9LynItIw30t0A
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5168118996&rd=1
Protocol
H2
Server
157.90.211.246 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/png
date
Sun, 24 Dec 2023 03:02:24 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?gdpr=0&euconsent=&uid=ID5-eb169aptoi8Nucpox1hWh2u9NJK7Y9LynItIw30t0A
date
Sun, 24 Dec 2023 03:02:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
syncframe
gum.criteo.com/ Frame 78C1 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hematologistsxoc.com
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hematologistsxoc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 03:02:33 GMT
server
Kestrel
server-processing-duration-in-ticks
426469
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.134.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Dec 2023 03:02:33 GMT
setuid
elb.the-ozone-project.com/ Frame 2BE6
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a59b2e4c2b39ef-YYZ
content-length
0
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c
Date
Sun, 24 Dec 2023 03:02:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sid
mug.criteo.com/ Frame 78C1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=hematologistsxoc.com&sn=ChromeSyncframe&so=3&topUrl=hematologistsxoc.com&bundle=Ug83Ql9NbCUyQkJ3VEI0VWo4bkc5eTlxZ2RpejZXMXJ3NTlUTXFSQmFJSG...
  • https://mug.criteo.com/sid?cpp=Wx8303xJWXFib281L1lZa2U0QkpZSTFBdW90OCttL2pza1pqRXdDRzFyRWsyMEcrY1lNOWxoZW4wSTdyOVlBWkREeVR5R2I3VTRZREZqaENoVjJPbGFKejlwNVFnczFuODBPT1VSdHhBYTZ3TGRQcFlzajRqSnFITTR0ek...
478 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Wx8303xJWXFib281L1lZa2U0QkpZSTFBdW90OCttL2pza1pqRXdDRzFyRWsyMEcrY1lNOWxoZW4wSTdyOVlBWkREeVR5R2I3VTRZREZqaENoVjJPbGFKejlwNVFnczFuODBPT1VSdHhBYTZ3TGRQcFlzajRqSnFITTR0ekFuWlNsUkxQYWJBL1pQMit3WmV2YnRTemVzWUZSUzVOZ09FbU1sMzVhWDFjdjVJV0ZJSkx6NmtBbWh1eE9zU0lHVjRTQlB0M1JjZE5vb09kVUFwWjArVWs3T2thT0czY2VNajVQSU0xOXFJbkkvc21hTHh3YVJpalJDb0dUUmpWcnNzcVNEZW1ycTdkM0ZYT2hnNnhSWHFnUnVLTWJuRzBMZ3Jaa3lwKzFpWWV0RjR3THB3dz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8f010a2aa97a7826905dae4ebfb88adbd1c1792f164bb42b5867d8601f9156dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3404441
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Wx8303xJWXFib281L1lZa2U0QkpZSTFBdW90OCttL2pza1pqRXdDRzFyRWsyMEcrY1lNOWxoZW4wSTdyOVlBWkREeVR5R2I3VTRZREZqaENoVjJPbGFKejlwNVFnczFuODBPT1VSdHhBYTZ3TGRQcFlzajRqSnFITTR0ekFuWlNsUkxQYWJBL1pQMit3WmV2YnRTemVzWUZSUzVOZ09FbU1sMzVhWDFjdjVJV0ZJSkx6NmtBbWh1eE9zU0lHVjRTQlB0M1JjZE5vb09kVUFwWjArVWs3T2thT0czY2VNajVQSU0xOXFJbkkvc21hTHh3YVJpalJDb0dUUmpWcnNzcVNEZW1ycTdkM0ZYT2hnNnhSWHFnUnVLTWJuRzBMZ3Jaa3lwKzFpWWV0RjR3THB3dz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
364214
content-length
0
expires
0
usync.js
eus.rubiconproject.com/ Frame 6532 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.78.81 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-78-81.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
be83801fd53ef45d38bfb1e55dde6f0a0b95a833e57320d2b9b0bdc338d6a349

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 03:02:33 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Dec 2023 12:00:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32261
Connection
keep-alive
Content-Length
13200
Expires
Sun, 24 Dec 2023 12:00:14 GMT
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=2a116587-9f4a-4700-aed2-14e163937cf0&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=2a116587-9f4a-4700-aed2-14e163937cf0&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sun, 24 Dec 2023 03:02:34 GMT
Server
MT3 1237 600843f master ord ord-pixel-x49 config_version:"146"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=2a116587-9f4a-4700-aed2-14e163937cf0&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 24 Dec 2023 03:02:33 GMT
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LQIWLYW6-H-DTN2&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LQIWLYW6-H-DTN2&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LQIWLYW6-H-DTN2&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
deb9f124eecce7a554c70ca983265c95
Expires
0
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1168756271806296904
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1168756271806296904
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
an-x-request-uuid
20dcd32f-4834-4806-97f6-f6cd9debfb2f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1168756271806296904
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=d1f57e1b756ada72b8e9a692e2bd67af&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=d1f57e1b756ada72b8e9a692e2bd67af&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=d1f57e1b756ada72b8e9a692e2bd67af&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1703386954496099-54
tap.php
pixel.rubiconproject.com/ Frame C461 		42 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=SuNLcDLYgOKaXJ1Yv6UKuLnRnDpS5QyZzrHcMms3TwY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0c32439b-e436-47c4-908f-e5450afe98d4
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0c32439b-e436-47c4-908f-e5450afe98d4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:34 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0c32439b-e436-47c4-908f-e5450afe98d4
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440
  • https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUfc39824af1b143b68db7786ec1ef5df7
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUfc39824af1b143b68db7786ec1ef5df7
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUfc39824af1b143b68db7786ec1ef5df7
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
155
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C461
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJnGORxcKBDwOSWzZVqDMErMpiix6Bc6Zw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJnGORxcKBDwOSWzZVqDMErMpiix6Bc6Zw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJnGORxcKBDwOSWzZVqDMErMpiix6Bc6Zw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=3789845405557970657
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=3789845405557970657
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=3789845405557970657
date
Sun, 24 Dec 2023 03:02:33 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame C461
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SuNLcDLYgOKaXJ1Yv6UKuLnRnDpS5QyZzrHcMms3TwY
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SuNLcDLYgOKaXJ1Yv6UKuLnRnDpS5QyZzrHcMms3TwY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3446R2YG8XWYHT3R9A4G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=SuNLcDLYgOKaXJ1Yv6UKuLnRnDpS5QyZzrHcMms3TwY
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
date
Sun, 24 Dec 2023 03:02:34 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMzt8_LAVP-ew0zUTlmsIXU&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMzt8_LAVP-ew0zUTlmsIXU&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMzt8_LAVP-ew0zUTlmsIXU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=oF42wijvagBY&ev=1&us_privacy=&pid=562985
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=oF42wijvagBY&ev=1&us_privacy=&pid=562985
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=oF42wijvagBY&ev=1&us_privacy=&pid=562985
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-jtlhs
expires
-1
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=796602abc3a607c7&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAACAhqVBHbP9AMEyzLYAAAAAAA&expiration=1703473354
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAACAhqVBHbP9AMEyzLYAAAAAAA&expiration=1703473354
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAACAhqVBHbP9AMEyzLYAAAAAAA&expiration=1703473354
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A
date
Sun, 24 Dec 2023 03:02:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 03:02:34 GMT
server
Kestrel
content-length
233
/
onetag-sys.com/match/ Frame C461
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26us...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26us...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=9471ba49-594e-5366-929b-275bf71cb811&ssp=onetag&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=30&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=&us_privacy=
Date
Sun, 24 Dec 2023 03:02:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/b68d15d845168591d6416f7692d01261/ Frame C461 		95 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/b68d15d845168591d6416f7692d01261/?uid=SuNLcDLYgOKaXJ1Yv6UKuLnRnDpS5QyZzrHcMms3TwY&gdpr=0&euconsent=${GDPR_CONSENT}
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.90.211.246 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/png
date
Sun, 24 Dec 2023 03:02:22 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
khaos.json
token.rubiconproject.com/ Frame 6532 		7 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LQIWLYW6-H-DTN2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Expires
0
setuid
elb.the-ozone-project.com/ Frame 2BE6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dozone%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=ozone&user_id=k-9i3GmK57mI_Qh2LnBRm7bWjw-4e2DYab-xsBgw&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=bidswitch&gdpr=0&gdpr_consent=&us_privacy=&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=bidswitch&gdpr=0&gdpr_consent=&us_privacy=&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a59b2fae5d39ef-YYZ
content-length
0
expires
0

Redirect headers

Location
//elb.the-ozone-project.com/setuid?bidder=bidswitch&gdpr=0&gdpr_consent=&us_privacy=&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c
Date
Sun, 24 Dec 2023 03:02:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/ Frame 6532
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr=0&gdpr_consent=&gdpr=0&khaos=LQIWLYW6-H-DTN2
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LQIWLYW6-H-DTN2&gdpr=0
95 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LQIWLYW6-H-DTN2&gdpr=0
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4518969610&rd=1
Protocol
H2
Server
157.90.211.246 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/png
date
Sun, 24 Dec 2023 03:02:22 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LQIWLYW6-H-DTN2&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
Expires
0
pbs-iframe
pbs-cs.yellowblue.io/ Frame 746E 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
9af3a19a632d38ce4e1d9ad3e3db69f85a92161d798a2f200492c22e3d6e1f75

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://elb.the-ozone-project.com/
content-type
text/html
date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
x-envoy-upstream-service-time
5
async_usersync
ib.adnxs.com/ Frame 6D73 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
an-x-request-uuid
202129bb-0d6a-49b5-89e9-e3f19cae0100
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A3F0 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
an-x-request-uuid
23d5cf99-6b0b-41a6-bcdd-913d84eec18f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs.yellowblue.io/cs?aid=11576&id=DF95D64B-0F5A-4194-9DAD-94E25614560D
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11576&id=DF95D64B-0F5A-4194-9DAD-94E25614560D
date
Sun, 24 Dec 2023 03:02:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
104
content-type
text/html; charset=utf-8
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs.yellowblue.io/cs?aid=11592&uid=oF42wijvagBY&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11592&uid=oF42wijvagBY&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs.yellowblue.io/cs?aid=11592&uid=oF42wijvagBY&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-jtlhs
expires
-1
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11596&id=1168756271806296904&gdpr=0&gdpr_consent=
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11596&id=1168756271806296904&gdpr=0&gdpr_consent=
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
an-x-request-uuid
2c8a7a79-1058-43ef-98aa-232d2e5a9b30
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs.yellowblue.io/cs?aid=11596&id=1168756271806296904&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs.yellowblue.io/cs?aid=115667&uid=32c247a8-fb6c-4888-bea3-65495c6a7f20
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=115667&uid=32c247a8-fb6c-4888-bea3-65495c6a7f20
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-154
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs.yellowblue.io/cs?aid=115667&uid=32c247a8-fb6c-4888-bea3-65495c6a7f20
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs.yellowblue.io/cs?aid=11563&id=b5113d1b-abb6-490c-b82a-ceefc9163fe5
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11563&id=b5113d1b-abb6-490c-b82a-ceefc9163fe5
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Sun, 24 Dec 2023 03:02:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.yellowblue.io/cs?aid=11563&id=b5113d1b-abb6-490c-b82a-ceefc9163fe5
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
  • https://cs.yellowblue.io/cs?aid=11585&id=3463885546634072000V10
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11585&id=3463885546634072000V10
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 03:02:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cs.yellowblue.io/cs?aid=11585&id=3463885546634072000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sun, 24 Dec 2023 03:02:34 GMT
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs.yellowblue.io/cs?aid=11580&puid=212393167165331
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11580&puid=212393167165331
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
14
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs.yellowblue.io/cs?aid=11580&puid=212393167165331
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=059d375e-d427-4900-b250-76702de8c33b&gdpr=0
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=059d375e-d427-4900-b250-76702de8c33b&gdpr=0
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=059d375e-d427-4900-b250-76702de8c33b&gdpr=0
date
Sun, 24 Dec 2023 03:02:34 GMT
content-length
0
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=3789845405557970657&gdpr=0&gdpr_consent=
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=3789845405557970657&gdpr=0&gdpr_consent=
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:35 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=3789845405557970657&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 03:02:35 GMT
content-length
0
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs.yellowblue.io/cs?aid=11571&id=36a7f0f4-caef-4256-9c65-efbae82ce7a6&gdpr_consent=null&gdpr=0
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11571&id=36a7f0f4-caef-4256-9c65-efbae82ce7a6&gdpr_consent=null&gdpr=0
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11571&id=36a7f0f4-caef-4256-9c65-efbae82ce7a6&gdpr_consent=null&gdpr=0
date
Sun, 24 Dec 2023 03:02:34 GMT
server
_
content-length
0
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6662495113
  • https://sync.1rx.io/usersync/tradedesk/60b38027-9256-4e4c-9c17-a4e547150eb1
  • https://sync.targeting.unrulymedia.com/csync/RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11599&id=RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005
date
Sun, 24 Dec 2023 03:02:34 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe0d5c5bf192b4ad4a84a8a9835314fed005
content-type
text/html
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=1e26a1572a169e52a2703326f6a29f37&gdpr_consent=&gdpr=0
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=1e26a1572a169e52a2703326f6a29f37&gdpr_consent=&gdpr=0
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=1e26a1572a169e52a2703326f6a29f37&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1703386954495093-273
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c
Date
Sun, 24 Dec 2023 03:02:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.yellowblue.io/ Frame 746E
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs.yellowblue.io/cs?aid=11584&uid=3zV1cwwll1wlB5EWvjcY&gdpr=0&gdpr_consent=&us_privacy=
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11584&uid=3zV1cwwll1wlB5EWvjcY&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.yellowblue.io/cs?aid=11584&uid=3zV1cwwll1wlB5EWvjcY&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
setuid
elb.the-ozone-project.com/ Frame 746E 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=rise&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=HqeuqOZ-k
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a59b31187d39ef-YYZ
content-length
0
expires
0
/
onetag-sys.com/usync/ Frame E201 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
c3f45399393645e9e776071bd6efc09c05831a6648aa83c365d51c834b3e31eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pbs-cs.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1660
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame CAFE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.78.81 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-78-81.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pbs-cs.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Dec 2023 03:02:34 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 24 Dec 2023 03:02:34 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LQIWLYW6-H-DTN2&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LQIWLYW6-H-DTN2&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LQIWLYW6-H-DTN2&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
deb9f124eecce7a554c70ca983265c95
Expires
0
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=191d98afa9c8b70e9edb0757965e136&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=191d98afa9c8b70e9edb0757965e136&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=191d98afa9c8b70e9edb0757965e136&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1703386954554020-245
tap.php
pixel.rubiconproject.com/ Frame E201 		42 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=SuNLcDLYgOKaXJ1Yv6UKuLnRnDpS5QyZzrHcMms3TwY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame E201
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJnGOuTz-nP1UBUOmpYLDXFV0Zelt961aQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJnGOuTz-nP1UBUOmpYLDXFV0Zelt961aQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjJnGOuTz-nP1UBUOmpYLDXFV0Zelt961aQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame E201
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=TJzH23PleSyZwIHghBt2hY3oVukuxJuIuiLhCNU8oZ0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=TJzH23PleSyZwIHghBt2hY3oVukuxJuIuiLhCNU8oZ0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9XK46MVV6Q918ANBZESX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=TJzH23PleSyZwIHghBt2hY3oVukuxJuIuiLhCNU8oZ0
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=2a116587-9f4a-4700-aed2-14e163937cf0&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=2a116587-9f4a-4700-aed2-14e163937cf0&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Sun, 24 Dec 2023 03:02:34 GMT
Server
MT3 1237 600843f master ord ord-pixel-x35 config_version:"146"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=2a116587-9f4a-4700-aed2-14e163937cf0&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 24 Dec 2023 03:02:33 GMT
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1168756271806296904
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1168756271806296904
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
an-x-request-uuid
f6985035-0658-42c8-b126-b44112976aa6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=1168756271806296904
x-proxy-origin
96.9.249.36; 96.9.249.36; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0c32439b-e436-47c4-908f-e5450afe98d4
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0c32439b-e436-47c4-908f-e5450afe98d4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Sun, 24 Dec 2023 03:02:34 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0c32439b-e436-47c4-908f-e5450afe98d4
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10101531197440
  • https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUfc39824af1b143b68db7786ec1ef5df7
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUfc39824af1b143b68db7786ec1ef5df7
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUfc39824af1b143b68db7786ec1ef5df7
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
155
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=3789845405557970657
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=3789845405557970657
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=3789845405557970657
date
Sun, 24 Dec 2023 03:02:33 GMT
content-length
0
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
date
Sun, 24 Dec 2023 03:02:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMzt8_LAVP-ew0zUTlmsIXU&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMzt8_LAVP-ew0zUTlmsIXU&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEMzt8_LAVP-ew0zUTlmsIXU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=oF42wijvagBY&ev=1&us_privacy=&pid=562985
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=oF42wijvagBY&ev=1&us_privacy=&pid=562985
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=oF42wijvagBY&ev=1&us_privacy=&pid=562985
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-db744d8c7-jtlhs
expires
-1
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=7e2a1a56304507c7&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAACAhqVBHbP-ANBn5CEAAAAAAA&expiration=1703473354
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAACAhqVBHbP-ANBn5CEAAAAAAA&expiration=1703473354
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAACAhqVBHbP-ANBn5CEAAAAAAA&expiration=1703473354
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-PFDuQwlE2uGvdJGb4IMJgv6Buxhhg0B.o9aQUCw-~A
date
Sun, 24 Dec 2023 03:02:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
date
Sun, 24 Dec 2023 03:02:34 GMT
server
Kestrel
content-length
233
/
onetag-sys.com/match/ Frame E201
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=onetag&bsw_custom_parameter=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=onetag&bsw_custom_parameter=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=92c3f4b2-9779-4b1b-b7f8-c8e2a9ef279a&ssp=onetag&expires=30&user_group=5&bsw_param=80694a61-7ce5-41ee-b651-d00c5f04df9c
  • https://onetag-sys.com/match/?int_id=30&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=80694a61-7ce5-41ee-b651-d00c5f04df9c&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 24 Dec 2023 03:02:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.yellowblue.io/ Frame E201 		0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11581&id=SuNLcDLYgOKaXJ1Yv6UKuLnRnDpS5QyZzrHcMms3TwY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://onetag-sys.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
pixel
ps.eyeota.net/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?e_rc=1&pid=m51mh00&t=ajs&uid=user_2d474c46-c25c-412c-8ae0-f257d6a857cf_1703386948883
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
dcf2f500ddb6fd060f99ca8702adfd0062aa7e3b27bd40a327da801e752b3002

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
application/javascript
Date
Sun, 24 Dec 2023 03:02:34 GMT
Content-Length
1159
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
usync.js
eus.rubiconproject.com/ Frame CAFE 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.78.81 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-78-81.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
be83801fd53ef45d38bfb1e55dde6f0a0b95a833e57320d2b9b0bdc338d6a349

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 03:02:34 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Dec 2023 12:00:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32260
Connection
keep-alive
Content-Length
13200
Expires
Sun, 24 Dec 2023 12:00:14 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-254.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://hematologistsxoc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sun, 24 Dec 2023 03:02:34 GMT
x-amzn-RequestId
ff62fc1a-6b9b-b899-a163-5d902c322eec
/
kinesis.us-east-1.amazonaws.com/ 		368 B
804 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.250.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-250-254.compute-1.amazonaws.com
Software
/
Resource Hash
0fc8e6c87cf18e0d73be8e864712f27d562cd7043e74d6e93bbfb480c691d533

Request headers

accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIA44GIABD5R4HPHNN2/20231224/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=554e1377657cb2cd1dcd996852239b3935cc1f101adeef40a53f58c229c85bff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
9145209e41ddb8e7d7ed94533b06cf8d1de0f7584e5fd505a75dceaffb801719
Referer
https://hematologistsxoc.com/
X-Amz-Target
Kinesis_20131202.PutRecords
X-Amz-User-Agent
aws-sdk-js/2.387.0 callback
X-Amz-Date
20231224T030234Z

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sun, 24 Dec 2023 03:02:34 GMT
x-amzn-RequestId
c302403c-01f0-6ee4-9d03-e1b64659f891
Content-Length
368
x-amz-id-2
pyuJCwbdqmML14rgJnM/lD7IpdEs/84RtzabZNDJk67aUJsP69o2kB1vpTITEGSB5TwsktUO5XYPtKyH7/3z0JryPD/CkwcM
Content-Type
application/x-amz-json-1.1
khaos.json
token.rubiconproject.com/ Frame CAFE 		7 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQIWLYW6-H-DTN2
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5e07703167439847c6c49a939083c0fd
Expires
0
29539
tags.bluekai.com/site/ 		62 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29539?limit=1&id=2B5JUxhdV3ceUbaviytlQ3-j-64BBU72d3zbQjlM5otA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 24 Dec 2023 03:02:35 GMT
content-length
62
content-type
image/gif
qmap
sync.crwdcntrl.net/ 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6387&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.234.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-234-246.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.1.150
content-length
49
expires
0
match
ps.eyeota.net/
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=978477422425422998&bid=omt9pi0
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=978477422425422998&bid=omt9pi0
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:34 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=978477422425422998&bid=omt9pi0
Date
Sun, 24 Dec 2023 03:02:34 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
396846.gif
idsync.rlcdn.com/
Redirect Chain
  • https://idsync.rlcdn.com/423476.gif?partner_uid=2R9EcIdUapuKrAooi9bGCcfOFZboXb2jW5vGgVd_0Dbo
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=08d75eeb-b11e-4229-ac14-128ed1248a7e
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=08d75eeb-b11e-4229-ac14-128ed1248a7e
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 24 Dec 2023 03:02:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=08d75eeb-b11e-4229-ac14-128ed1248a7e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
match
ps.eyeota.net/
Redirect Chain
  • https://ws.rqtrk.eu/pushpull?pid=6b6d3924-92d3-4998-bf20-3f75688546c0&dmp=6b6d3924-92d3-4998-bf20-3f75688546c0&uid=2KQ3TJ3jnucuzEH0LiJRzpMC1san_sDAmLdOpxesuTO8&cb=1703386954&src=www&type=100&return...
  • https://ps.eyeota.net/match?bid=m5ri0ru&uid=a7d849ba-207e-49d4-8e6c-a45229312952
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=m5ri0ru&uid=a7d849ba-207e-49d4-8e6c-a45229312952
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:34 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location
https://ps.eyeota.net/match?bid=m5ri0ru&uid=a7d849ba-207e-49d4-8e6c-a45229312952
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
0
expires
Sun, 24 Dec 2023 03:02:33 GMT
cs
cs.yellowblue.io/ Frame CAFE
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LQIWLYW6-H-DTN2
  • https://cs.yellowblue.io/cs?aid=11590&id=LQIWLYW6-H-DTN2
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LQIWLYW6-H-DTN2
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D[PBS_UID]
Protocol
H2
Server
44.206.144.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-144-68.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LQIWLYW6-H-DTN2
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
86c92d2fca135435ceca5cadd19355a6
Expires
0
setuid
elb.the-ozone-project.com/ Frame 55D9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LQIWLYW6-H-DTN2&gdpr=0
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LQIWLYW6-H-DTN2&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950674&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a59b3819c239ef-YYZ
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LQIWLYW6-H-DTN2&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame FA42 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159234&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
elb.the-ozone-project.com/ Frame 55D9
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_pri...
  • https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=0471c56c-752b-4a57-8d10-1zz1703386942
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=0471c56c-752b-4a57-8d10-1zz1703386942
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950674&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a59b393b0d39ef-YYZ
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=richaudience&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=0471c56c-752b-4a57-8d10-1zz1703386942
date
Sun, 24 Dec 2023 03:02:24 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pbs-user-sync
ads.stickyadstv.com/ Frame 6753 		353 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950674&bidder=ozone
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.134 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
9d6d98d33ec496cbd4b60713a2647fb1d6902c63601ba789b38e10284b6b1d74

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Date
Sun, 24 Dec 2023 03:02:35 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
x-sticky-vk
1703386955766068-252
pixie
jelly.mdhv.io/v4/ Frame 9955
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=191d98afa9c8b70e9edb0757965e136&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo0447_7315991477537956800&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAFBcU7LDz8AABLjZUYDPQ&dataProviderId=817&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MTkxZDk4YWZhOWM4YjcwZTllZGIwNzU3OTY1ZTEzNg==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEB2JN6QtivaBiI7zdDvUdus&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=Wviw1oMp1RheLa5&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=1168756271806296904&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5191779&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=51f3fc79-6dbc-4c17-8d3e-c2df37f1f720
  • https://jelly.mdhv.io/v4/pixie?
0
0
setuid
elb.the-ozone-project.com/ Frame 9A37 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=191d98afa9c8b70e9edb0757965e136
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83a59b39ebd439ef-YYZ
content-length
0
date
Sun, 24 Dec 2023 03:02:35 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
setuid
elb.the-ozone-project.com/ Frame 69D0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0010b00002QLYzgAAH&ru=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212393167165331
0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212393167165331
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83a59b3a8c9a39ef-YYZ
content-length
0
date
Sun, 24 Dec 2023 03:02:35 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sun, 24 Dec 2023 03:02:35 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://elb.the-ozone-project.com/setuid?bidder=33across&uid=212393167165331
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000A
setuid
elb.the-ozone-project.com/ Frame 2BE6
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D0%26gdpr_consent%3D%26us_p...
  • https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=3zV1cwwll1wlB5EWvjcY&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=3zV1cwwll1wlB5EWvjcY&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a59b3b4daa39ef-YYZ
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://elb.the-ozone-project.com/setuid?bidder=yieldmo&uid=3zV1cwwll1wlB5EWvjcY&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
setuid
elb.the-ozone-project.com/ Frame 2BE6
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=1UfPRnxS&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%...
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=059d375e-d427-4900-b250-76702de8c33b&gdpr=0
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=059d375e-d427-4900-b250-76702de8c33b&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
83a59b3bdf6e39ef-YYZ
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&uid=059d375e-d427-4900-b250-76702de8c33b&gdpr=0
date
Sun, 24 Dec 2023 03:02:36 GMT
content-length
0
pbs-user-sync
ads.stickyadstv.com/ Frame A8E0 		353 B
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b&publisherId=OZONEVEN0005&siteId=4204204279&cb=1703386950670&bidder=ozone
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.134 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
9d6d98d33ec496cbd4b60713a2647fb1d6902c63601ba789b38e10284b6b1d74

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Date
Sun, 24 Dec 2023 03:02:36 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
x-sticky-vk
1703386956210010-1199
pixie
jelly.mdhv.io/v4/ Frame 5C33
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/191d98afa9c8b70e9edb0757965e136?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-s2jtZUVE2oMaj.DJRcA3F3A.kfR8BHnFM9Y96TyO~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=60b38027-9256-4e4c-9c17-a4e547150eb1&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=1168756271806296904&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=229984&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdp...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=51f3fc79-6dbc-4c17-8d3e-c2df37f1f720
  • https://jelly.mdhv.io/v4/pixie?
0
0
setuid
elb.the-ozone-project.com/ Frame FE54 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=freewheelssp&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=191d98afa9c8b70e9edb0757965e136
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dfreewheelssp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D{viewerid}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83a59b3c892039ef-YYZ
content-length
0
date
Sun, 24 Dec 2023 03:02:36 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame EDA5 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31785596&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d3c460d58168d4a6be497aa958239fcf9a1e27dc1a08b79f50f909399158148b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 03:02:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i.match
s.tribalfusion.com/z/ Frame 042F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
83a59b3e68ec4bc3-BUF
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 03:02:36 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
83a59b3d98b94bc3-BUF
content-type
text/html
date
Sun, 24 Dec 2023 03:02:36 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
342
Pug
image2.pubmatic.com/AdServer/ Frame 583B
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477422425422998
42 B
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477422425422998
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 03:02:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 24 Dec 2023 03:02:36 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477422425422998
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame FACF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 16:58:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sun, 24 Dec 2023 03:02:36 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 20F2
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=a340ea5d-5402-4eab-bedb-772822b89e8c&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DF95D64B-0F5A-4194-9DAD-94E25614560D
42 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.68.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-68-127.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:36 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Sat, 23 Dec 2023 16:28:59 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DF95D64B-0F5A-4194-9DAD-94E25614560D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 000B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pK69pCwk1RheLa5&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pK69pCwk1RheLa5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 16:59:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Dec 2023 03:02:36 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pK69pCwk1RheLa5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0d54aeb92cd13989b@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame C7A3
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 16:58:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 03:02:35 GMT
expires
Sun, 24 Dec 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1251594
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
pubmatic
ad.mrtnsvr.com/sync/ Frame 65F0 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame A89D
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUfc39824af1b143b68db7786ec1ef5df7
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUfc39824af1b143b68db7786ec1ef5df7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 03:02:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 03:02:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUfc39824af1b143b68db7786ec1ef5df7
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame C019
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=868629311101
42 B
207 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=868629311101
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 03:02:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=868629311101
Pug
simage2.pubmatic.com/AdServer/ Frame 4E0C
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
98 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 16:58:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 24 Dec 2023 03:02:36 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 5A65
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a116587-9f4a-4700-aed2-14e163937cf0&gdpr=0&gdpr_consent=
42 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a116587-9f4a-4700-aed2-14e163937cf0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 16:56:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:36 GMT
Expires
Sun, 24 Dec 2023 03:02:35 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master ord ord-pixel-x57 config_version:"146"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2a116587-9f4a-4700-aed2-14e163937cf0&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 55A2
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=N_QqIGVzBdq97zLcTJ-HZQ
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=N_QqIGVzBdq97zLcTJ-HZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 03:02:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sun, 24 Dec 2023 03:02:36 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=N_QqIGVzBdq97zLcTJ-HZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame CCA4
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=383102425
  • https://sync.1rx.io/usersync3/mediamathtest/1508/2a116587-9f4a-4700-aed2-14e163937cf0?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005
42 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 24 Dec 2023 03:02:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Sun, 24 Dec 2023 03:02:36 GMT
etag
RXe0d5c5bf192b4ad4a84a8a9835314fed005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cm
ipac.ctnsnet.com/int/ Frame 7B8F 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 24 Dec 2023 03:02:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame FA6B 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:36 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-30ed839ff0ab@version_1.579
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame E128 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 24 Dec 2023 03:02:36 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame E768
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BF02334EE8324B91A71A305D942A5094&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BF02334EE8324B91A71A305D942A5094&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 23 Dec 2023 16:58:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sun, 24 Dec 2023 03:02:36 GMT
expires
Sat, 23 Dec 2023 03:02:36 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BF02334EE8324B91A71A305D942A5094&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 2643
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7566733561853016117&uid=Q756673356185301...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7566733561853016117
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7566733561853016117
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 23 Dec 2023 16:58:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=84881
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Sun, 24 Dec 2023 03:02:36 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7566733561853016117
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
insync
thrtle.com/ Frame EDA5
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=DF95D64B-0F5A-4194-9DAD-94E25614560D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=992ed80c-653e-41c3-b214-c0e12aadbea6
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=DF95D64B-0F5A-4194-9DAD-94E25614560D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=992ed80c-653e-41c3-b214-c0e12aadbea6
Protocol
H2
Server
50.19.110.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-110-14.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sun, 24 Dec 2023 03:02:36 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=DF95D64B-0F5A-4194-9DAD-94E25614560D&vxii_pid=12&vxii_pid1=10067&vxii_rcid=992ed80c-653e-41c3-b214-c0e12aadbea6
date
Sun, 24 Dec 2023 03:02:36 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame EDA5 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame EDA5 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.240.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-240-135.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:36 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame EDA5 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.146.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-146-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 24 Dec 2023 03:02:36 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FA42 		692 B
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68397514&p=159234&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3041011590f4551637b4ffcb57039a03dbcf1f4bf5867422da99128562cacbd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 24 Dec 2023 03:02:36 GMT
content-length
692
content-type
text/html; charset=UTF-8
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame FA42 		0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-58.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:36 GMT
via
1.1 81f6e2ac3fa39dd60cef7bf9b26cb306.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P4
content-length
0
x-amz-cf-id
0VtTxPD77ytA73xfONZYuLkG_ZXg6zJnrrWoXtbVg0UJC40IwNZRCg==
x-cache
Error from cloudfront
362358.gif
idsync.rlcdn.com/ Frame FA42
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESENZA6eFZGfW-3kj1NDWzWzk&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESENZA6eFZGfW-3kj1NDWzWzk&google_cver=1
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:36 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESENZA6eFZGfW-3kj1NDWzWzk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=DF95D64B-0F5A-4194-9DAD-94E25614560D/gdpr=0/ Frame FA42 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=DF95D64B-0F5A-4194-9DAD-94E25614560D/gdpr=0/gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.234.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-234-246.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:36 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.57.255
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame FA42 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=DF95D64B-0F5A-4194-9DAD-94E25614560D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
setuid
elb.the-ozone-project.com/ Frame 4A2B 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83a59b3e3da739ef-YYZ
content-length
0
date
Sun, 24 Dec 2023 03:02:36 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
usersync
usersync.gumgum.com/ Frame F92F 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:36 GMT
Expires
0
Pragma
no-cache
setuid
elb.the-ozone-project.com/ Frame 9402 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83a59b3ef80339ef-YYZ
content-length
0
date
Sun, 24 Dec 2023 03:02:36 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
usersync
usersync.gumgum.com/ Frame 04E0 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=DF95D64B-0F5A-4194-9DAD-94E25614560D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:36 GMT
Expires
0
Pragma
no-cache
SPug
simage4.pubmatic.com/AdServer/ Frame EDA5 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159234&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
ps.eyeota.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?e_rc=2&pid=m51mh00&t=ajs&uid=user_2d474c46-c25c-412c-8ae0-f257d6a857cf_1703386948883
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
00d178ec82cd2224a3cffabcd14c98a6ad0b630ea69570d133fa862bc991eac6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
application/javascript
Date
Sun, 24 Dec 2023 03:02:39 GMT
Content-Length
1090
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
match
ps.eyeota.net/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=eyeota
  • https://ps.eyeota.net/match?bid=tpm4omv&uid=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=&gdpr_consent=
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=tpm4omv&uid=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:39 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?bid=tpm4omv&uid=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=&gdpr_consent=
Date
Sun, 24 Dec 2023 03:02:39 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
match
ps.eyeota.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=18c99c6265b-45260000010a500f&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3Dm51mh00
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=76692478080830854102662236212404619659&referrer_pid=m51mh00
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=6j5b2cv&uid=76692478080830854102662236212404619659&referrer_pid=m51mh00
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:39 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

dcs
dcs-prod-va6-2-v053-0f80eae11.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Sun, 24 Dec 2023 03:02:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
tnHHpjt9Sek=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://ps.eyeota.net/match?bid=6j5b2cv&uid=76692478080830854102662236212404619659&referrer_pid=m51mh00
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=2PGWBgxbMvo6Ha6WHZxdzRBsqK9W3vWsF3hYdsXIIlf8
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=eb47532c-e479-4bde-8a8c-0a2391166c17%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=eb47532c-e479-4bde-8a8c-0a2391166c17%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=eb47532c-e479-4bde-8a8c-0a2391166c17%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 03:02:39 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=60b38027-9256-4e4c-9c17-a4e547150eb1&ttd_puid=eb47532c-e479-4bde-8a8c-0a2391166c17%2C%2C
date
Sun, 24 Dec 2023 03:02:39 GMT
server
Kestrel
content-length
359
match
ps.eyeota.net/
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1009
  • https://ps.eyeota.net/match?uid=5535339530113223752&bid=9gdtmu1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5535339530113223752&bid=9gdtmu1
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 24 Dec 2023 03:02:39 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 03:02:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://ps.eyeota.net/match?uid=5535339530113223752&bid=9gdtmu1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
59742
i6.liadm.com/s/
Redirect Chain
  • https://i.liadm.com/s/59742?bidder_id=220889&bidder_uuid=2woid7n5OErtfNBtKOfGlsX0lUduA2JK5AGMXrMnt3lY
  • https://i.liadm.com/s/59742?bidder_id=220889&bidder_uuid=2woid7n5OErtfNBtKOfGlsX0lUduA2JK5AGMXrMnt3lY&_li_chk=true&previous_uuid=cf9ca983164b42128a8a47508784042d
  • https://i6.liadm.com/s/59742?bidder_id=220889&bidder_uuid=2woid7n5OErtfNBtKOfGlsX0lUduA2JK5AGMXrMnt3lY
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/59742?bidder_id=220889&bidder_uuid=2woid7n5OErtfNBtKOfGlsX0lUduA2JK5AGMXrMnt3lY
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:d95e:cc8b:3e6d:5498 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hematologistsxoc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 24 Dec 2023 03:02:40 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/59742?bidder_id=220889&bidder_uuid=2woid7n5OErtfNBtKOfGlsX0lUduA2JK5AGMXrMnt3lY
Date
Sun, 24 Dec 2023 03:02:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
error
api.edkt.io/analytics/ 		0
137 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.edkt.io/analytics/error
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Edkt-Load-Id
81243f32-e237-4ebc-9ca2-1d2ee17a7950
Referer
https://hematologistsxoc.com/
X-Edkt-Api-Key
64592fcd-3944-4c12-b4a7-252328e431a7
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Dec 2023 03:02:40 GMT
via
1.1 google
server
Google Frontend
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
cache-status
uncacheable
vary
Origin
access-control-max-age
86400
content-type
text/html
access-control-allow-origin
https://hematologistsxoc.com
x-cloud-trace-context
6fdaa9c8512e5cc590148b2ab3a5e37c
access-control-allow-credentials
true
cache-id
LGA-991dec68
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
error
api.edkt.io/analytics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.edkt.io/analytics/error
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-edkt-api-key,x-edkt-load-id
Access-Control-Request-Method
POST
Origin
https://hematologistsxoc.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-edkt-api-key,x-edkt-load-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://hematologistsxoc.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-id
LGA-991dec68
cache-status
uncacheable
content-length
0
content-type
text/html
date
Sun, 24 Dec 2023 03:02:39 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
b12a6ea9d3bdb14a17435dd668500b31

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s0.2mdn.net
URL
https://s0.2mdn.net/instream/video/client.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?attrep=f&attua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&atthead=t&attinj=t&attexp=none&lid=169&sdkv=h.3.609.1&id=ima_html5&c=3116342588206470&domain=cdn.playwire.com
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?mode=2&lid=41&sdkv=h.3.609.1&id=ima_html5&c=3116342588206470&domain=cdn.playwire.com
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?native=f&gdpr=f&tcStrValid=f&lid=165&sdkv=h.3.609.1&e=44752711%2C44772139%2C44777649%2C44781409%2C44804291&id=ima_html5&c=3116342588206470&domain=cdn.playwire.com
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.609.1&e=44752711%2C44772139%2C44777649%2C44781409%2C44804291&id=ima_html5&c=3116342588206470&domain=cdn.playwire.com
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.2781963568256296&time=1703386951171&lid=43&sdkv=h.3.609.1&e=44752711%2C44772139%2C44777649%2C44781409%2C44804291&id=ima_html5&c=3116342588206470&domain=cdn.playwire.com
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1703386951183&timeout=f&logid=0.2781963568256296&timediff=12&lid=43&sdkv=h.3.609.1&e=44752711%2C44772139%2C44777649%2C44781409%2C44804291&id=ima_html5&c=3116342588206470&domain=cdn.playwire.com
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.609.1&e=44752711%2C44772139%2C44777649%2C44781409%2C44804291&id=ima_html5&c=3116342588206470&domain=cdn.playwire.com
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?contentLocation=top&lid=160&sdkv=h.3.609.1&e=44752711%2C44772139%2C44777649%2C44781409%2C44804291&id=ima_html5&c=3116342588206470&domain=cdn.playwire.com
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lqiwlz9h&c=7769102941617&slotId=3884551470808.5&eee=missing-element&bi=missing-id&faa=1&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=0&eic=1&lst=none&lec=303&lid=176&sdkv=h.3.609.1&e=44752711%2C44772139%2C44777649%2C44781409%2C44804291&id=ima_html5&c=3116342588206470&domain=cdn.playwire.com
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lqiwlze8&c=7769102941617&slotId=3884551470808.5&uet=2&ghmsh_eids=44752711%2C44772139%2C44777649%2C44781409%2C44804291
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=2173
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/getsync?jp=5&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID
Domain
jelly.mdhv.io
URL
https://jelly.mdhv.io/v4/pixie?
Domain
jelly.mdhv.io
URL
https://jelly.mdhv.io/v4/pixie?
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

472 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| documentPictureInPicture undefined| $ function| jQuery object| PDFObject string| stickyAnythingBreakpoint object| a2a_config function| gtag object| dataLayer object| ramp string| _pwUserContentEncoding boolean| rampMinimal object| PageOS string| _pwGA4PageviewId object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath number| _pageViewSR boolean| _pageViewSampling boolean| _adImpressionSampling number| _adImpressionSR object| _pwLogger boolean| excludeMoat string| _pwKassandraVer boolean| _pwUserInCA number| _pwFpSampling string| _pwUserCC object| pwEdgeFlags object| pwEdgeYieldOptions object| tyche object| countVars object| a2a function| a2a_init string| disqus_shortname object| sticky_anything_engage object| google_tag_manager object| google_tag_data object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO string| nobidVersion object| nobid object| mnet object| __pwpbjs__ object| webpackChunkpageos object| ggeac object| google_js_reporting_queue object| whatInput object| Foundation object| jQuery1124008209009365809616 function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery object| ai_front function| b64e function| b64d number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_run_970585888005 boolean| ai_js_code object| DISQUSWIDGETS undefined| disqus_domain object| pageos object| core object| regeneratorRuntime object| apstag object| lotame_sync_17138 object| o object| orgAssignedStyles string| orgInlineStyles number| checkElement function| ai_document_write string| selector_string object| __VM object| $listenerElement number| orgElementTop number| pushElementTop number| viewport number| adminBarHeight undefined| google_measure_js_timing function| lotameIsCompatible function| sync17138_aa function| sync17138_c undefined| sync17138_d undefined| sync17138_ba undefined| sync17138_e function| sync17138_f object| sync17138_h function| sync17138_ca function| sync17138_j function| sync17138_da object| sync17138_ object| sync17138_ga object| sync17138_v object| sync17138_oa object| sync17138_xa object| sync17138_ya function| sync17138_a function| sync17138_b function| sync17138_g function| sync17138_i function| sync17138_k function| sync17138_l function| sync17138_m function| sync17138_n function| sync17138_o function| sync17138_p function| sync17138_q function| sync17138_r function| sync17138_fa function| sync17138_ea function| sync17138_s function| sync17138_t function| sync17138_u function| sync17138_w function| sync17138_ha function| sync17138_ia function| sync17138_y function| sync17138_ja function| sync17138_z function| sync17138_A function| sync17138_x function| sync17138_B function| sync17138_ka function| sync17138_C function| sync17138_D function| sync17138_E function| sync17138_F function| sync17138_G function| sync17138_H function| sync17138_I function| sync17138_J function| sync17138_K function| sync17138_L function| sync17138_la function| sync17138_ma function| sync17138_na function| sync17138_M function| sync17138_N function| sync17138_pa function| sync17138_O function| sync17138_qa function| sync17138_ra function| sync17138_sa function| sync17138_P function| sync17138_ta function| sync17138_ua function| sync17138_va function| sync17138_wa function| sync17138_Q function| sync17138_R function| sync17138_za function| sync17138_S function| sync17138_T function| sync17138_U function| sync17138_V function| sync17138_Aa function| sync17138_W function| sync17138_X function| sync17138_Y function| sync17138_Z function| sync17138__ function| sync17138_0 function| sync17138_Ea function| sync17138_Ba function| sync17138_1 function| sync17138_Da function| sync17138_Ca function| sync17138_2 function| sync17138_3 function| sync17138_4 function| sync17138_5 function| sync17138_Ga function| sync17138_Ha function| sync17138_Ja function| sync17138_Fa function| sync17138_7 function| sync17138_Ia function| sync17138_La function| sync17138_Ka function| sync17138_8 function| sync17138_6 function| sync17138_9 function| sync17138_Ma function| sync17138_Na function| sync17138_Oa function| sync17138_Pa function| sync17138_$ function| sync17138_Qa function| sync17138_Ra function| sync17138_Sa function| sync17138_Ta object| _aps boolean| apstagLOADED object| apscustom undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_56349438 boolean| Moat#EVA object| moatPrebidApi object| lotame_sync_16576 object| cnvr_launcher_options function| clearImmediate function| setImmediate object| ats function| _xamzrequire object| AWS string| CustomerConnectAnalytics function| cca function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| webpackChunkTyche object| ID5 object| __id5_instances object| xl8_config object| _qevents object| conversant object| PublisherCommonId object| Tyche object| consoleHandler object| kinesis object| pbjs object| __pwhbjs object| _ccScriptSettings object| _ccLauncherSettings object| ContextualEngine boolean| eventOk function| ccao object| _ccReady object| _ccApiReady object| carbonApi object| carbon object| _pwBoltAB boolean| boltSampling number| boltSamplingRate boolean| __pwSpotxServerSampleRate string| BoltBaseURL string| __pwPageOSVersion string| __spotxVastVersion number| _pwBoltAdTimeout object| webpackJsonpBolt4 boolean| BoltDebugMode object| pageOSScript object| pageOSLoaded object| Bolt4 object| pogoClassification function| eyeota_callback function| nmc function| sendToNielsen function| quantserve function| __qc object| ezt object| _qoptions object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| BoltAdBlockDetector boolean| BoltGlobalIsLoading object| ZeusGA object| Bolt object| Zeus number| google_unique_id string| _carbonUID object| carbonUIDCache object| carbonReady object| edktInitializor object| _ccSettings object| ccRefresh function| callback object| publink_options object| coreid object| uponit object| Criteo object| sas object| apntag object| _ADAGIO object| _gat object| _gaq object| google_reactive_ads_global_state object| google_ad_modifications object| google_prev_clients object| GoogleGcLKhOms object| xl8img object| google_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_134 object| Criteo_prebid_134 function| arrive function| unbindArrive function| leave function| unbindLeave

327 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQo-yYzskxCgoIkQIQo-yYzskxCgoItAIQo-yYzskxCgoI5gEQo-yYzskxCgoIhwIQo-yYzskxCgoItwIQo-yYzskxCgkIOhCj7JjOyTEKCgiMAhCj7JjOyTEKCQhfEKPsmM7JMQoJCB8Qo-yYzskx
.hematologistsxoc.com/ Name: _ga_QEJGXRZ2J3
Value: GS1.1.1703386947.1.0.1703386947.0.0.0
.hematologistsxoc.com/ Name: _ga
Value: GA1.1.1681994010.1703386948
.hematologistsxoc.com/ Name: _ga_8F83798HVT
Value: GS1.1.1703386948.1.0.1703386948.0.0.0
hematologistsxoc.com/ Name: usprivacy
Value: 1---
hematologistsxoc.com/ Name: ad_clicker
Value: false
hematologistsxoc.com/ Name: _pw_fingerprint
Value: %22c95e9ef2dabaab51a916d4b4a18c6b69%22
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: d7a707b890c3e4ab6a28285f1ef6bfcb
hematologistsxoc.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.eyeota.net/ Name: mako_uid
Value: 18c99c6265b-45260000010a500f
.eyeota.net/ Name: SERVERID
Value: 20495~DM
.hematologistsxoc.com/ Name: _sharedid
Value: 8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b
.hematologistsxoc.com/ Name: _cc_id
Value: d7a707b890c3e4ab6a28285f1ef6bfcb
hematologistsxoc.com/ Name: _lr_geo_location
Value: US
hematologistsxoc.com/ Name: _lr_geo_location_state
Value: NY
hematologistsxoc.com/ Name: GLAM-JID
Value: e68011a275dc4f9faf664a6143deefd2
hematologistsxoc.com/ Name: GLAM-AID
Value: f90092d27ffd4bdbbdbd3fd779bbe59f
hematologistsxoc.com/ Name: GLAM-SID
Value: 0b405c49e8c44096a3dbf254ecc191db
hematologistsxoc.com/ Name: __j_state
Value: %7B%22landing_url%22%3A%22https%3A%2F%2Fhematologistsxoc.com%2F%22%2C%22pageViews%22%3A1%2C%22prevPvid%22%3A%22274ef77f2a034549a11560d884af46e2%22%2C%22extreferer%22%3A%22https%3A%2F%2Fhematologistsxoc.com%2F%22%2C%22user_worth%22%3A0%7D
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDFPNDcwT7KwNEg2TjVJTDJLNLIwsjBNM0xNM0tKS05iAILU9vmuIBoKAGPuC0U%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIbZ%2FvCqSgAAAW3gHR"
.pippio.com/ Name: did
Value: HCy6f5Db20EfmyXg
.pippio.com/ Name: didts
Value: 1703386949
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CMW+nqwGEgYIgr0rEAA=
.agkn.com/ Name: ab
Value: 0001%3Av1p2eaAfyL9vogIkE6UHdomY%2FlqtHsRj
.hematologistsxoc.com/ Name: panoramaId_expiry
Value: 1703473349270
.hematologistsxoc.com/ Name: panoramaId
Value: fac01178818c102bd4a11c68d541a9fb927a3f79756eb2bcf56f99da16eb89a2
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZYefRQAJNFXoKgBd
.adsrvr.org/ Name: TDID
Value: 60b38027-9256-4e4c-9c17-a4e547150eb1
.yahoo.com/ Name: A3
Value: d=AQABBEWfh2UCEEBfnlepC-iXXCq-vbVO4G4FEgEBAQHwiGWRZdxH0iMA_eMAAA&S=AQAAAiT2Pn-F3MwnqYxOzJZWIpE
.adnxs.com/ Name: uuid2
Value: 1168756271806296904
hematologistsxoc.com/ Name: playwirePageViews
Value: 1
.linkedin.com/ Name: li_sugr
Value: c63f001b-2e4b-4eae-8f56-6d1327dacc7d
.linkedin.com/ Name: bcookie
Value: "v=2&2e17e6dd-2790-4f62-8b0e-3162c35bbed4"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3133:u=1:x=1:i=1703386949:t=1703473349:v=2:sig=AQGkZECF3qmnjL0M93WPgPqwKHUitv9U"
.doubleclick.net/ Name: IDE
Value: AHWqTUmieSlqrBkS8gRgiayKtzFk5emsuB2MUpQSHDCjNz5R-TjbqedXrPho8A_MPco
.hematologistsxoc.com/ Name: __gads
Value: ID=1a254c9e649bf350:T=1703386949:RT=1703386949:S=ALNI_Mbc35GkgNZEzLV0buttwB5FxCL-zg
.hematologistsxoc.com/ Name: __gpi
Value: UID=00000a048a46ede6:T=1703386949:RT=1703386949:S=ALNI_MZrd3UoYS-ZO4U3dU1IUPysDe6hTQ
.quantserve.com/ Name: mc
Value: 65879f45-b6c46-83bcc-d0cac
.hematologistsxoc.com/ Name: __qca
Value: P0-1412044388-1703386949503
.ccgateway.net/ Name: ccuid
Value: 99a49291-143b-48b9-8305-0899021c365d
.ccgateway.net/ Name: ccsid
Value: 656b1859-7611-44a4-b23e-70f53d788f32
.justpremium.com/ Name: jpxumaster
Value: r-81b245c8-b240-474f-be94-eba145f25e4a-2067900-850775407
.justpremium.com/ Name: jpxsession
Value: r-c5b1ffd6-155b-4aa8-b2d4-501447a64ac8-2067900-850866874
.justpremium.com/ Name: jpxuuid
Value: r-712cecab-b6da-425e-bd07-0c56a76178d8-2067900-850898268
.justpremium.com/ Name: 82354_311983
Value: 0_0_0
.justpremium.com/ Name: 82354_311984
Value: 0_0_0
.justpremium.com/ Name: 82354_311985
Value: 0_0_0
.justpremium.com/ Name: 82354_311986
Value: 0_0_0
.justpremium.com/ Name: 82354_311987
Value: 0_0_0
.justpremium.com/ Name: 82354_311993
Value: 0_0_0
.cpx.to/ Name: cpSess
Value: 7b7e72feb9f76a5c
.cpx.to/ Name: dsp_app_nexus
Value: 1168756271806296904#1703386950202
.cpx.to/ Name: dsp_pub_common
Value: 8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b#1703386950202
.cpx.to/ Name: dsp_TTD
Value: abed8f56-b7f0-4ae7-b17f-4fa974ca40c7#1703386950202
.cpx.to/ Name: dsp_dbm
Value: CAESENdsrc8ODozBlthI4SWR5uU#1703386950210
.lijit.com/ Name: ljt_reader
Value: H31WhBZHGoaNboL8TIe4PwDm
.the-ozone-project.com/ Name: __cf_bm
Value: rqVh37aFeseUjXGr1X7mRWJ5af5xFciVJQj56H7PHSM-1703386950-1-AUUUnm0UZg6ETlPvhyaDh8FLPky7tPCvHiXsArXJuZ627Ejp+bJ7OJTSnPhS4mPT+3/sfOImAaVhZfJEgzPCVFs=
.rubiconproject.com/ Name: khaos
Value: LQIWLYW6-H-DTN2
.pubmatic.com/ Name: KADUSERCOOKIE
Value: DF95D64B-0F5A-4194-9DAD-94E25614560D
.go.sonobi.com/ Name: _usd_hematologistsxoc.com
Value: ccacdb6f-9c1f-4156-89d3-f0cedb24e95f
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uis
Value: 32c247a8-fb6c-4888-bea3-65495c6a7f20
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 30852150
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 30852150
.cpx.to/ Name: dsp_pubmatic
Value: DF95D64B-0F5A-4194-9DAD-94E25614560D#1703386950714
.prebid.a-mo.net/ Name: __amc
Value: 1_1703386950_1703386950
.openx.net/ Name: i
Value: 8ebd1ed4-d5de-4bbe-a9bb-5a958c98d85b|1703386950
.cpx.to/ Name: dsp_OPENX
Value: 7d982723-beab-4c4a-aa36-8af41c0e1948#1703386950849
.a-mo.net/ Name: amuid2
Value: 34d9000b-9205-4125-a9cc-fdcb37030b38
.prebid.a-mo.net/ Name: sd_amuid2
Value: 34d9000b-9205-4125-a9cc-fdcb37030b38
.exelator.com/ Name: EE
Value: "ce7da9c73a774fc176b4844d03a97e26"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSE51Twl0TLZ3DjR3NwkLdnQ3CzJxMLEJMXAONHSPNXIbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR%252FzeQwAr%252FMqsw%253D%253D"
.amazon-adsystem.com/ Name: ad-id
Value: A7ODBT_9iUPgp_iZk72o8fY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.twitter.com/ Name: personalization_id
Value: "v1_HWk1Xi6JDnD0l27QtDZA+g=="
.imrworldwide.com/ Name: IMRID
Value: e1e0aca1-a208-11ee-b3ee-5be734639376
hematologistsxoc.com/ Name: _lr_retry_request
Value: true
hematologistsxoc.com/ Name: _lr_env_src_ats
Value: false
.33across.com/ Name: check
Value: true
.openx.net/ Name: pd
Value: v2|1703386953|gen0vNvQiygu
.contextweb.com/ Name: V
Value: oF42wijvagBY
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 51a1ef51e580da66
.3lift.com/ Name: tluid
Value: 719956517166572952111
.go.sonobi.com/ Name: __uir_td
Value: 132508983882073144
.go.sonobi.com/ Name: __uin_td
Value: 60b38027-9256-4e4c-9c17-a4e547150eb1
.go.sonobi.com/ Name: HAPLB8G
Value: s86154|ZYefT
.go.sonobi.com/ Name: __uir_an
Value: 132508983882073144
.go.sonobi.com/ Name: __uin_an
Value: 1168756271806296904
.bidswitch.net/ Name: tuuid
Value: 80694a61-7ce5-41ee-b651-d00c5f04df9c
.bidswitch.net/ Name: c
Value: 1703386953
.bidswitch.net/ Name: tuuid_lu
Value: 1703386953
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzEyMjEyBZKWlhZCfIa6xrmGaRXOeRFFzuWGAIxn4WUkAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzEyMjEyBZKWlhZCfIa6xrmGaRXOeRFFzuWGAIxn4WUkAAAA
.the-ozone-project.com/ Name: ozone_uid
Value: 2ZyGYafXq86ugjHCElD8YFI1K3v
.demdex.net/ Name: demdex
Value: 76692478080830854102662236212404619659
.gumgum.com/ Name: vst
Value: u_811c0878-b6df-4b3b-8127-4905eac05e44
.go.sonobi.com/ Name: __uir_zt
Value: 132508983882073144
.go.sonobi.com/ Name: __uin_zt
Value: 978477422425422998
.dpm.demdex.net/ Name: dpm
Value: 76692478080830854102662236212404619659
.go.sonobi.com/ Name: __uir_pp
Value: 132508983882073144
.go.sonobi.com/ Name: __uin_pp
Value: oF42wijvagBY
.justpremium.com/ Name: jpxumatched
Value: gg
.intentiq.com/ Name: intentIQCDate
Value: 1703386953464
.intentiq.com/ Name: IQver
Value: 1.9
.creativecdn.com/ Name: u
Value: e1dfkHSo4lrR2ko4nAD8
.creativecdn.com/ Name: g
Value: e1dfkHSo4lrR2ko4nAD8_1703386953466
.creativecdn.com/ Name: ts
Value: 1703386953
.adform.net/ Name: C
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6527f3db-4c3a-579f-7d49-b39c1b3411ce.T0FkHuJtQ3qDhOj0oGiLDGfVaxpjgHkDVx08%2FRi0TUE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6527f3db-4c3a-579f-7d49-b39c1b3411ce.T0FkHuJtQ3qDhOj0oGiLDGfVaxpjgHkDVx08%2FRi0TUE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZSfz20w6V599SbOcGzQRzmAJ-SQ.aY710%2FsN2gW93pdY1YL%2Faq%2B55fawOaTb2NGFykBYw1k
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZSfz20w6V599SbOcGzQRzmAJ-SQ.aY710%2FsN2gW93pdY1YL%2Faq%2B55fawOaTb2NGFykBYw1k
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIA6aZ4vuCx2nBAKR05hNlGSINleMY6S2JA3HlkyY6e_XEHwYBCDJvp6sBjABOgQ8w7t9QgTH2LDl.XGP6G1lWId8EVC2%2FmEukBquQHt4GauD98IVpccKJIt0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIA6aZ4vuCx2nBAKR05hNlGSINleMY6S2JA3HlkyY6e_XEHwYBCDJvp6sBjABOgQ8w7t9QgTH2LDl.XGP6G1lWId8EVC2%2FmEukBquQHt4GauD98IVpccKJIt0
.go.sonobi.com/ Name: __uir_bw
Value: 132508988177040441
.go.sonobi.com/ Name: __uin_bw
Value: 80694a61-7ce5-41ee-b651-d00c5f04df9c
.adform.net/ Name: uid
Value: 5535339530113223752
.openx.net/ Name: univ_id
Value: 537072971|60b38027-9256-4e4c-9c17-a4e547150eb1|1703386953522976
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.quantserve.com/ Name: d
Value: EK0BEQHeKvijCJiTAA
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.go.sonobi.com/ Name: __uir_st
Value: 132508988177040441
.go.sonobi.com/ Name: __uin_st
Value: ZSfz20w6V599SbOcGzQRzmAJ-SQ
.ipredictive.com/ Name: cu
Value: 51f3fc79-6dbc-4c17-8d3e-c2df37f1f720|1703386953624
.hematologistsxoc.com/ Name: cto_bidid
Value: awRb1V9vTmR0c09SOXo3V2RzMDJ6QTRnNDhmVjJYYiUyQktYMWhSZ0hWYmw5MlE0ekpkREl0eUo2QWlFUCUyRjZwTmE3blhzcHVuQzBuMnZCM3V1ekh2YmlHaE9mcFFkeG5MVXVSVmx6eTFFcjZORHhKNTQlM0Q
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiMzRkOTAwMGItOTIwNS00MTI1LWE5Y2MtZmRjYjM3MDMwYjM4IiwiZXhwaXJlcyI6IjIwMjQtMDEtMDdUMDM6MDI6MzMuNjM5NTI4NjIyWiJ9fX0=
.casalemedia.com/ Name: CMID
Value: ZYefSehwxCOfO0YynO09kgAA
.casalemedia.com/ Name: CMPS
Value: 1378
.casalemedia.com/ Name: CMPRO
Value: 1378
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1168756271806296904&KRTB&23339-1168756271806296904
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-60b38027-9256-4e4c-9c17-a4e547150eb1&KRTB&22918-60b38027-9256-4e4c-9c17-a4e547150eb1&KRTB&22926-60b38027-9256-4e4c-9c17-a4e547150eb1&KRTB&23031-60b38027-9256-4e4c-9c17-a4e547150eb1
.richaudience.com/ Name: pdid
Value: 0471c56c-752b-4a57-8d10-1zz1703386942
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-nad7uZL0d7uG8HXtn6RutpjwIO2G9nPtyvGpy3D1&KRTB&19420-nad7uZL0d7uG8HXtn6RutpjwIO2G9nPtyvGpy3D1&KRTB&22979-nad7uZL0d7uG8HXtn6RutpjwIO2G9nPtyvGpy3D1&KRTB&23462-nad7uZL0d7uG8HXtn6RutpjwIO2G9nPtyvGpy3D1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHFuzquKDeIeTLLle0Rkujc&KRTB&23025-CAESEHFuzquKDeIeTLLle0Rkujc&KRTB&23386-CAESEHFuzquKDeIeTLLle0Rkujc
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-51f3fc79-6dbc-4c17-8d3e-c2df37f1f720&KRTB&23011-51f3fc79-6dbc-4c17-8d3e-c2df37f1f720&KRTB&23355-51f3fc79-6dbc-4c17-8d3e-c2df37f1f720
.go.sonobi.com/ Name: __uir_rh
Value: 132508988177040441
.go.sonobi.com/ Name: __uin_rh
Value: TevWFDYtx8ksdtnrnpanHSnJOdaVMA3At6SqisoFIOE
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.simpli.fi/ Name: suid
Value: BF02334EE8324B91A71A305D942A5094
.tapad.com/ Name: TapAd_TS
Value: 1703386953692
.tapad.com/ Name: TapAd_DID
Value: eb47532c-e479-4bde-8a8c-0a2391166c17
beacon.lynx.cognitivlabs.com/ Name: UID
Value: a340ea5d-5402-4eab-bedb-772822b89e8c
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.a-mx.com/ Name: amdt_t
Value: p::1703386953738
.a-mx.com/ Name: amuid2
Value: 34d9000b-9205-4125-a9cc-fdcb37030b38
.mxptint.net/ Name: mxpim
Value: R35CA5_10E2C7E3A_9602646D.1.000000000000000065879F49
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:BF02334EE8324B91A71A305D942A5094&KRTB&23486-uid:BF02334EE8324B91A71A305D942A5094&KRTB&23489-uid:BF02334EE8324B91A71A305D942A5094&KRTB&23539-uid:BF02334EE8324B91A71A305D942A5094
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5535339530113223752&KRTB&23263-5535339530113223752&KRTB&23481-5535339530113223752
.sitescout.com/ Name: ssi
Value: 4fcf7faa-f51c-4b8c-9a8f-57b9600041ed#1703386953745
.deepintent.com/ Name: CDIUSER
Value: di_25e24aad98744e9eb733c
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231224%22%7D
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
sync-dmp.mobtrakk.com/ Name: pid
Value: MzAxYmQ2MjcxM2Q5NWZjNw
.adstanding.com/ Name: _adstanding_id
Value: eec4f6cbab7d85460597b4e4ea93a9b7
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMzM4Njk1Mzc5Nn0
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CA5_10E2C7E3A_9602646D&KRTB&23092-R35CA5_10E2C7E3A_9602646D
.adgrx.com/ Name: ADGRX_UID
Value: e278fba4-a208-11ee-ae5d-8536e7367e78
.bidr.io/ Name: bitoIsSecure
Value: ok
.nrich.ai/ Name: _nauid
Value: 83bc2694-b8ec-454a-9ca1-f36621b68b35
.richaudience.com/ Name: raibs
Value: 1
.bidr.io/ Name: bito
Value: AAFBcU7LDz8AABLjZUYDPQ
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-4fcf7faa-f51c-4b8c-9a8f-57b9600041ed-65879f49-5553&KRTB&23418-4fcf7faa-f51c-4b8c-9a8f-57b9600041ed-65879f49-5553
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-80694a61-7ce5-41ee-b651-d00c5f04df9c
.turn.com/ Name: uid
Value: 4301131125610587739
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-e278fba4-a208-11ee-ae5d-8536e7367e78&KRTB&23275-e278fba4-a208-11ee-ae5d-8536e7367e78
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4301131125610587739&KRTB&23150-4301131125610587739&KRTB&23527-4301131125610587739
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: d0b968ed-ba22-41de-85f6-4f872e304264
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.socdm.com/ Name: SOC
Value: ZYefScCo8YMAAAVjPmYAAAAA
.id5-sync.com/ Name: id5
Value: 324d0a5e-2cfb-7198-b621-20487e1fdff6#1703386950310#4
.servenobid.com/ Name: pid_312
Value: 1168756271806296904
.adnxs.com/ Name: anj
Value: dTM7k!M40*fm^c0ghqdmU(3$!me[tG#?nI#J=#_59bx5u`_IZ@[7EYzZ8bqcXy0pgVEre_Z8bXRXvX=HMMq%t<QHH0J1CgXih77`5K*243NL(K`8=[rjQX)@4Ab..=Q]28=4dq95I-@N<5D[*GUiiY*V!pAuFlM$uTF??j.Q*4%4Xl)<Nf-a3I?.HXiY=O
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI3MTk5NTY1MTcxNjY1NzI5NTIxMTEiLCJleHBpcmVzIjoiMjAyNC0wMy0yM1QwMzowMjozM1oifSwiYW14Ijp7InVpZCI6IjM0ZDkwMDBiLTkyMDUtNDEyNS1hOWNjLWZkY2IzNzAzMGIzOCIsImV4cGlyZXMiOiIyMDI0LTAzLTIzVDAzOjAyOjMzWiJ9LCJydWJpY29uIjp7InVpZCI6IkxRSVdMWVc2LUgtRFROMiIsImV4cGlyZXMiOiIyMDI0LTAzLTIzVDAzOjAyOjMzWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEyLTI0VDAzOjAyOjMzWiJ9
.criteo.com/ Name: partitioned_bundle
Value: lYhx8l9NbCUyQkJ3VEI0VWo4bkc5eTlxZ2Rpejd3VXM0QSUyRjRiNExQWU9iZmE1M2VlaVUlMkI3eHlkaGUlMkZsbSUyQk1GaWxWbEFoNHQlMkJVbGl4aiUyRkJKSSUyRkN4dG13SlZBRFpmbnRadGlrTXhQSW1hQ04xenBYS0gzV3BrTDNJalclMkJHdUpDTzlFcG5JY2RMZ3NITzZ2S2ZURHdYbHdwMFRGRyUyRndndFFobCUyQm5uWkVFc3RHd2xvYkhlS1laNlBqMkdOdUZQQkdCdXpGY00w
.technoratimedia.com/ Name: tads_uidp_16
Value: 1543803565212
.technoratimedia.com/ Name: tads_uidp_37
Value: d1a5caff-0e4d-3709-96b2-bf59fd39a77f
.technoratimedia.com/ Name: tads_uidp_44
Value: LQIW91EX-Y-1QI9
.technoratimedia.com/ Name: tads_uidp_45
Value: 33EAD8FF-CDBC-4FB2-8DA7-00F4584842DA
.technoratimedia.com/ Name: tads_uidp_46
Value: 4923048449178627419
.technoratimedia.com/ Name: tads_uidp_48
Value: 4e29f957-8bcf-4dd8-bc1b-49b147223133
.technoratimedia.com/ Name: tads_uidp_49
Value: AAACq-xtwUmc5gMAiKuMAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: ecb76dde-0f2f-4ac7-a159-da32e3bae102
.technoratimedia.com/ Name: tads_uidp_61
Value: 212267103217228
.technoratimedia.com/ Name: tads_uidp_62
Value: 3463879476634214000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: uH1_XJ-docYem8sIjBjfqZVlM0RGXT_2
.technoratimedia.com/ Name: tads_uidp_7
Value: f5b51567-b3ef-49c6-8690-259d83abc554
.technoratimedia.com/ Name: tads_uidp_70
Value: 1622253365053-949194170222-008367-009-004841
.technoratimedia.com/ Name: tads_uidp_73
Value: AAFBcU7LDz8AABLjZUYDPQ
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-b62bb6d1-30aa-4319-9a57-5e181576ad32-005
.technoratimedia.com/ Name: tads_uidp_77
Value: 1s-Y-ljfmqU0YPZKXDfqkcr6rR0gOYCIc5GD9Jl4bKg
.technoratimedia.com/ Name: tads_uidp_79
Value: ebfe7a8a-6ab6-43cc-910d-ba9ed9965b9e
.technoratimedia.com/ Name: tads_uidp_80
Value: y-h5eXrehE2uFtMwt6w5NHYgWp10IPQq0Y~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZYeXcWLQdiQRGDzVu2KqbQAA&3524
.technoratimedia.com/ Name: tads_uidp_83
Value: XDRyPC3y39Ya
.technoratimedia.com/ Name: tads_uidp_88
Value: 1245476891038631275627
.technoratimedia.com/ Name: tads_uidp_90
Value: dd6efeea-2c59-4a87-b0ac-dbac85afd4f7
.technoratimedia.com/ Name: tads_uidp_91
Value: 2048915037081700588brt56841675014149615267a0
.technoratimedia.com/ Name: tads_uid
Value: A86D4DA215FB40F8BBC0EC13D800DDA9
.technoratimedia.com/ Name: tads_uid_cd
Value: 20231007011547+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1693142250488
.hematologistsxoc.com/ Name: cto_bundle
Value: JA45Sl9NbCUyQkJ3VEI0VWo4bkc5eTlxZ2Rpejd3VXM0QSUyRjRiNExQWU9iZmE1M2VlaVUlMkI3eHlkaGUlMkZsbSUyQk1GaWxWbEFoNHQlMkJVbGl4aiUyRkJKSSUyRkN4dG13SlZBRFpmbnRadGlrTXhQSW1hQ04xenBYS0gzV3BrTDNJalclMkJHdUpDTzlFcG5JY2RMZ3NITzZ2S2ZURHdYbHdwMFRGR3lUSGNBJTJCRUlJRjM4NzZHZDRsJTJCdTZzJTNE
.360yield.com/ Name: tuuid_lu
Value: 1703386954
.360yield.com/ Name: tuuid
Value: 3b613cb4-75dd-4618-bbba-ff26a23f8deb
.richaudience.com/ Name: avcid-apn-uid
Value: 1168756271806296904
.sharethrough.com/ Name: stx_user_id
Value: 059d375e-d427-4900-b250-76702de8c33b
.analytics.yahoo.com/ Name: IDSYNC
Value: "19cl~2fs3:19bl~2fs3:196y~2fs3:18z8~2fs3:18vk~2fs3:19e0~2fs3:194o~2fs3"
.primis.tech/ Name: csuuid
Value: 65879f4a0a6d9
.lijit.com/ Name: _ljtrtb_80
Value: LQIWLYW6-H-DTN2
.server.cpmstar.com/ Name: USER_ID
Value: %3eA%f1%0eE%0b%9f%f4%d9%3f%23%88%c3H%b6
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAACR7ytneWC4wMQKDXrAAAAAAA&KRTB&22713-AAACR7ytneWC4wMQKDXrAAAAAAA&KRTB&22715-AAACR7ytneWC4wMQKDXrAAAAAAA&KRTB&23519-AAACR7ytneWC4wMQKDXrAAAAAAA
.adsby.bidtheatre.com/ Name: __kuid
Value: f2734658-000b-4255-94b4-86713de7e47a.472600954
.richaudience.com/ Name: avcid-ont-uid
Value: SuNLcDLYgOKaXJ1Yv6UKuLnRnDpS5QyZzrHcMms3TwY
.mathtag.com/ Name: uuid
Value: 2a116587-9f4a-4700-aed2-14e163937cf0
.hb.yahoo.net/ Name: visitor-id
Value: 3463885546634069000V10
.hb.yahoo.net/ Name: data-mag
Value: LQIWLYW6-H-DTN2~~63
.admanmedia.com/ Name: admtr
Value: 0c32439b-e436-47c4-908f-e5450afe98d4
.admanmedia.com/ Name: ac_r
Value: CS253
.richaudience.com/ Name: avcid-sht-uid
Value: 059d375e-d427-4900-b250-76702de8c33b
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 9471ba49-594e-5366-929b-275bf71cb811
.betweendigital.com/ Name: ss
Value: 1
.richaudience.com/ Name: avcid-rub-uid
Value: LQIWLYW6-H-DTN2
.richaudience.com/ Name: avcid-imd-uid
Value: 3b613cb4-75dd-4618-bbba-ff26a23f8deb
.betweendigital.com/ Name: ut
Value: ZYefSgAC3mAr_4H_6JY3EVE3I7qhmxs18_8Otw==
.360yield.com/ Name: um
Value: !79,GajxccrDtft-EgGP8ihjnrqtQ4jOboD.SNmnZQQlo.lteGA.mq5q8gddNClYpPNduOmDDZegbj7ynhdB,1711162954
.360yield.com/ Name: umeh
Value: !79,0,1765594954,-1
.richaudience.com/ Name: avcid-bsw-uid
Value: 80694a61-7ce5-41ee-b651-d00c5f04df9c
.intentiq.com/ Name: intentIQ
Value: fsjNOJRpbg
.adx.opera.com/ Name: UID
Value: OPUfc39824af1b143b68db7786ec1ef5df7
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAFBcU7LDz8AABLjZUYDPQ
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 1611266340#1703386954331#0#1703386954331
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUeksyNEVR
.yellowblue.io/ Name: wrvUserID
Value: HqeuqOZ-k
.smartadserver.com/ Name: pid
Value: 3789845405557970657
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFBcU7LDz8AABLjZUYDPQ
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1opy|4is.0.CAESELQpZzNW81FjQV6IkSrV2CI|7LJ.0.059f3da4-3b3c-4fba-83a2-f5b63c749cad|7dN.0.AAFBcU7LDz8AABLjZUYDPQ|8i8.0.1
.onetag-sys.com/ Name: OTP
Value: TJzH23PleSyZwIHghBt2hY3oVukuxJuIuiLhCNU8oZ0
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005%22%7D
.servenobid.com/ Name: pid_321
Value: RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005
.dotomi.com/ Name: DotomiTest
Value: 7e2a1a56304507c7
.media.net/ Name: visitor-id
Value: 3463885546634072000V10
.media.net/ Name: data-ris
Value: {{APID}}~~25
.ads.stickyadstv.com/ Name: UID
Value: 191d98afa9c8b70e9edb0757965e136
.yieldmo.com/ Name: yieldmo_id
Value: 3zV1cwwll1wlB5EWvjcY%7C1703376000000%7C0
.rqtrk.eu/ Name: browser_id
Value: 1:a7d849ba-207e-49d4-8e6c-a45229312952
.creative-serving.com/ Name: tuuid
Value: 92c3f4b2-9779-4b1b-b7f8-c8e2a9ef279a
.creative-serving.com/ Name: c
Value: 1703386954
.creative-serving.com/ Name: tuuid_lu
Value: 1703386954
.csync.loopme.me/ Name: viewer_token
Value: 36a7f0f4-caef-4256-9c65-efbae82ce7a6
.33across.com/ Name: 33x_ps
Value: u%3D212393167165331%3As1%3D1703386954728%3Ats%3D1703386954728
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: _ljtrtb_92
Value: 1168756271806296904
.servenobid.com/ Name: pid_317
Value: 3789845405557970657
.bluekai.com/ Name: bku
Value: Rl199W34CtUwPOXZ
.bluekai.com/ Name: bkpa
Value: KJy9xyYXd02pSUHknp/8BE18wthoqVk6wEWZSVx21A/NukPTSsHV1tBkPVJC5Zk85shH10N3nER6xAJPBpJA1loiDVoLEEPF5WWe9BcdaU6=
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.servenobid.com/ Name: pid_353
Value: 3463885546634072000V10
.lijit.com/ Name: ljtrtb
Value: eJyrVrIwULJS8gn0DPeJDDfT9dB1CfEzUtJRsjQCChsamlmYm5oZmRtaGJgZWZpZGpgo1QIANv4LjQ%3D%3D
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_310
Value: H31WhBZHGoaNboL8TIe4PwDm
.id5-sync.com/ Name: 3pi
Value: 2#1703386954431#1680591734#1168756271806296904|434#1703386954600#-1159324168|441#1703386954103#-1688358390#u_811c0878-b6df-4b3b-8127-4905eac05e44|155#1703386955419#1785710120#AAFBcU7LDz8AABLjZUYDPQ|124#1703386954267#-204021335|796#1703386954785#1667580031|108#1703386955264#417373595|429#1703386955102#129945287#DF95D64B-0F5A-4194-9DAD-94E25614560D|286#1703386953944#-798161907|1246#1703386954935#-1308245701
.rubiconproject.com/ Name: audit
Value: 1|bsP/6rZKOJpqQEYnURfvrs7GXbnsVidETdpKwLbgp/B+xL8LlrcUaNx+dFeUdUYZnK+aLML3gZDyUhTWCqUS/Easv6MpIV38rNMcRMwX7vZPFMrdked536ZsIlP80lOrknORSVj+yM2yqVI1k5poNA==
.richaudience.com/ Name: avcid-id5-uid
Value: ID5-eb169aptoi8Nucpox1hWh2u9NJK7Y9LynItIw30t0A
.fwmrm.net/ Name: _uid
Value: umo0447_7315991477537956800
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umo0447_7315991477537956800
.ads.stickyadstv.com/ Name: MRM_UID
Value: umo0447_7315991477537956800
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAFBcU7LDz8AABLjZUYDPQ
.pubmatic.com/ Name: SyncRTB3
Value: 1703980800%3A15_38_2_223%7C1705968000%3A224%7C1704672000%3A35%7C1704585600%3A243_81_71_5_234_238_165_54_46_104_233_250_3_21_240_7_214_220_48_22_13_264_56_231_99_96_166_178_176_55_8_249%7C1708560000%3A69%7C1704240000%3A63
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEB2JN6QtivaBiI7zdDvUdus
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-s2jtZUVE2oMaj.DJRcA3F3A.kfR8BHnFM9Y96TyO~A
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBsbGFmaWpmbGx8iwXBNzE1N18liuAbG5mYAgANVwnZMAAAAA
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiaxNDt2Y3CPBAFEhYKB3J1Ymljb24SCwisiu7u2Y3CPBAFEhQKBXRhcGFkEgsIhpOx79mNwjwQBRgBIAEoAjILCLyV57TwjcI8EAU4AVoJc3RpY2t5YWRzYAI.
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-978477422425422998
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-ZSfz20w6V599SbOcGzQRzmAJ-SQ&KRTB&23334-ZSfz20w6V599SbOcGzQRzmAJ-SQ&KRTB&23417-ZSfz20w6V599SbOcGzQRzmAJ-SQ&KRTB&23426-ZSfz20w6V599SbOcGzQRzmAJ-SQ
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-a340ea5d-5402-4eab-bedb-772822b89e8c&KRTB&23340-a340ea5d-5402-4eab-bedb-772822b89e8c&KRTB&23498-a340ea5d-5402-4eab-bedb-772822b89e8c
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:2a116587-9f4a-4700-aed2-14e163937cf0
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 60b38027-9256-4e4c-9c17-a4e547150eb1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 11
.pubmatic.com/ Name: DPSync3
Value: 1703462400%3A255_248%7C1704585600%3A261_201_263_258_256_262_260_259%7C1703980800%3A265%7C1704412800%3A257
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1703408556416
beacon.lynx.cognitivlabs.com/ Name: ss
Value: lPiiq6Bc8Eh6Uny4awBKQYMaHWmubq5lrccXtsWojaFeNrnBYsrphUff13O6JLcL1%2BqmdcuXCZodmio5q9WUvVBtdngZKtFuhbemCyTvskk%3D
.acuityplatform.com/ Name: auid
Value: 868629311101
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRiY4ZBSYmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYmOGQUmI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005%22%2C%22nxtrdr%22%3Afalse%7D
.ctnsnet.com/ Name: cid_7d21cf748fdc4c93aa9c8e6fb2d29882
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUfc39824af1b143b68db7786ec1ef5df7&KRTB&23485-OPUfc39824af1b143b68db7786ec1ef5df7&KRTB&23524-OPUfc39824af1b143b68db7786ec1ef5df7
.thrtle.com/ Name: mc
Value: eyJpZCI6Ijk5MmVkODBjLTY1M2UtNDFjMy1iMjE0LWMwZTEyYWFkYmVhNiIsImwiOjE3MDMzODY5NTY0NTksInQiOjF9
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-868629311101&KRTB&23428-868629311101
.kargo.com/ Name: ktcid
Value: 5378f67f-2da8-070b-564c-3b5de7804297
.rlcdn.com/ Name: rlas3
Value: J8flZ6ZKYoQNiDaDuFRaTdICQc2MYTLfvHHNXaQblhI=
.rlcdn.com/ Name: pxrc
Value: CMW+nqwGEgUI6AcQABIFCOhHEAASBgi66gEQBxIGCLjrARAFEgYIlqwrEAM=
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7566733561853016117P
.owneriq.net/ Name: pmc
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005&KRTB&17107-RX-e0d5c5bf-192b-4ad4-a84a-8a9835314fed-005
.bfmio.com/ Name: __187_cid
Value: DF95D64B-0F5A-4194-9DAD-94E25614560D
.bfmio.com/ Name: __io_cid
Value: a0b0dbcee911b879ee840e797e23a613c688c11e
.w55c.net/ Name: matchpubmatic
Value: 5
.w55c.net/ Name: wfivefivec
Value: Wviw1oMp1RheLa5
.w55c.net/ Name: matchfreewheel
Value: 5
.tribalfusion.com/ Name: ANON_ID
Value: axntuJsKBRhFmDqU69u8RqAJ9UZdZaAZb8YdGF43C07UWSbj0ZcYUBJaSg0aegy5h3CqbUMgBv7wYK5bZdTwGrTZcLZcv7Zc
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:pK69pCwk1RheLa5&KRTB&23421-uid:pK69pCwk1RheLa5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: Wviw1oMp1RheLa5
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyIzM2Fjcm9zcyI6eyJ1aWQiOiIyMTIzOTMxNjcxNjUzMzEiLCJleHBpcmVzIjoiMjAyNC0wMS0wN1QwMzowMjozNS45NTcxOTI5MjVaIn0sImJpZHN3aXRjaCI6eyJ1aWQiOiI4MDY5NGE2MS03Y2U1LTQxZWUtYjY1MS1kMDBjNWYwNGRmOWMiLCJleHBpcmVzIjoiMjAyNC0wMS0wN1QwMzowMjozNC4yMDMyMDQwNDJaIn0sImZyZWV3aGVlbHNzcCI6eyJ1aWQiOiIxOTFkOThhZmE5YzhiNzBlOWVkYjA3NTc5NjVlMTM2IiwiZXhwaXJlcyI6IjIwMjQtMDEtMDdUMDM6MDI6MzYuMjY4MDU1OTE1WiJ9LCJncmlkIjp7InVpZCI6IjgwNjk0YTYxLTdjZTUtNDFlZS1iNjUxLWQwMGM1ZjA0ZGY5YyIsImV4cGlyZXMiOiIyMDI0LTAxLTA3VDAzOjAyOjM0LjAwOTE1MDgwN1oifSwiaXgiOnsidWlkIjoiWlllZlNlaHd4Q09mTzBZeW5PMDlrZ0FBXHUwMDI2MTM3OCIsImV4cGlyZXMiOiIyMDI0LTAxLTA3VDAzOjAyOjMzLjg3MTcxMzJaIn0sIm9wZW54Ijp7InVpZCI6IjY0Y2ZhZTQyLWM1YzYtNDdhMC05OGUxLTUyNjg2OWU0MjkyYiIsImV4cGlyZXMiOiIyMDI0LTAxLTA3VDAzOjAyOjMzLjY5NDg2MzgzNVoifSwicHVibWF0aWMiOnsidWlkIjoiREY5NUQ2NEItMEY1QS00MTk0LTlEQUQtOTRFMjU2MTQ1NjBEIiwiZXhwaXJlcyI6IjIwMjQtMDEtMDdUMDM6MDI6MzYuNjU5NzgwMzU5WiJ9LCJyaWNoYXVkaWVuY2UiOnsidWlkIjoiMDQ3MWM1NmMtNzUyYi00YTU3LThkMTAtMXp6MTcwMzM4Njk0MiIsImV4cGlyZXMiOiIyMDI0LTAxLTA3VDAzOjAyOjM1LjczNTM5NTMzNloifSwicmlzZSI6eyJ1aWQiOiJIcWV1cU9aLWsiLCJleHBpcmVzIjoiMjAyNC0wMS0wN1QwMzowMjozNC40MzM5MjE0MjhaIn0sInJ1Ymljb24iOnsidWlkIjoiTFFJV0xZVzYtSC1EVE4yIiwiZXhwaXJlcyI6IjIwMjQtMDEtMDdUMDM6MDI6MzUuNTU5NjgwNTE5WiJ9LCJzaGFyZXRocm91Z2giOnsidWlkIjoiMDU5ZDM3NWUtZDQyNy00OTAwLWIyNTAtNzY3MDJkZThjMzNiIiwiZXhwaXJlcyI6IjIwMjQtMDEtMDdUMDM6MDI6MzYuMTcwMDIxOTI3WiJ9LCJ0dGQiOnsidWlkIjoiNjBiMzgwMjctOTI1Ni00ZTRjLTljMTctYTRlNTQ3MTUwZWIxIiwiZXhwaXJlcyI6IjIwMjQtMDEtMDdUMDM6MDI6MzMuNTc0MDI3NjQ1WiJ9LCJ5YWhvb3NzcCI6eyJ1aWQiOiJ5LVBGRHVRd2xFMnVHdmRKR2I0SU1KZ3Y2QnV4aGhnMEIubzlhUVVDdy1-QSIsImV4cGlyZXMiOiIyMDI0LTAxLTA3VDAzOjAyOjMzLjMxMjI1OTUyMVoifSwieWllbGRtbyI6eyJ1aWQiOiIzelYxY3d3bGwxd2xCNUVXdmpjWSIsImV4cGlyZXMiOiIyMDI0LTAxLTA3VDAzOjAyOjM2LjA2NjA5NzY2N1oifX0sImJkYXkiOiIyMDIzLTEyLTI0VDAzOjAyOjMzLjMxMjI1Njg4MVoifQ==
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 1168756271806296904
.ads.stickyadstv.com/ Name: uid-bp-25746
Value: 51f3fc79-6dbc-4c17-8d3e-c2df37f1f720
.c.appier.net/ Name: _auid
Value: N_QqIGVzBdq97zLcTJ-HZQ
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-N_QqIGVzBdq97zLcTJ-HZQ
.pubmatic.com/ Name: PugT
Value: 1703386956
.pubmatic.com/ Name: SPugT
Value: 1703386958

45 Console Messages

Source Level URL
Text
other warning URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4379891692491416&output=html&h=90&slotname=8254753489&adk=1066506388&adf=3279755401&pi=t.ma~as.8254753489&w=728&lmt=1703386951&format=728x90&url=https%3A%2F%2Fhematologistsxoc.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703386951445&bpp=5&bdt=514&idt=160&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&cookie=ID%3D1a254c9e649bf350%3AT%3D1703386949%3ART%3D1703386949%3AS%3DALNI_Mbc35GkgNZEzLV0buttwB5FxCL-zg&gpic=UID%3D00000a048a46ede6%3AT%3D1703386949%3ART%3D1703386949%3AS%3DALNI_MZrd3UoYS-ZO4U3dU1IUPysDe6hTQ&correlator=310160980786&frm=21&ife=1&pv=2&ga_vid=1681994010.1703386948&ga_sid=1703386952&ga_hid=12896758&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1515&ady=59&biw=1600&bih=1200&isw=970&ish=250&ifk=3580895807&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320885&oid=2&pvsid=1809756970991620&tmod=1646918576&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1028&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.u5adp1fnuyqd&fsb=1&dtd=175
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://hematologistsxoc.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://hematologistsxoc.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=2173
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://static.addtoany.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://hematologistsxoc.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn.intergient.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://4a62df8e5e0b2c9e3e33684ec34aacad.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://hematologistsxoc.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://hematologistsxoc.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://hematologistsxoc.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pre.ads.justpremium.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://us-u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://elb.the-ozone-project.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://elb.the-ozone-project.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://us-u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://static.addtoany.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://hematologistsxoc.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn.intergient.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://4a62df8e5e0b2c9e3e33684ec34aacad.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://hematologistsxoc.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://hematologistsxoc.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://hematologistsxoc.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pre.ads.justpremium.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://us-u.openx.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://elb.the-ozone-project.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://elb.the-ozone-project.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://us-u.openx.net').
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20DF95D64B-0F5A-4194-9DAD-94E25614560D&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=hematologistsxoc.com&e=27&uid=34d9000b-9205-4125-a9cc-fdcb37030b38(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://hematologistsxoc.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://hematologistsxoc.com').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4a62df8e5e0b2c9e3e33684ec34aacad.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yieldmo.com
adx2.adform.net
analytics.twitter.com
ap.lijit.com
apex.go.sonobi.com
api.edkt.io
api.intentiq.com
api.rlcdn.com
assets.a-mo.net
ats.rlcdn.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
carbon-cdn.ccgateway.net
cdn.edkt.io
cdn.exelator.com
cdn.id5-sync.com
cdn.intergi.com
cdn.intergient.com
cdn.playwire.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
code.jquery.com
config.aps.amazon-adsystem.com
config.playwire.com
contextual.media.net
core.iprom.net
crb.kargo.com
creativecdn.com
cs.admanmedia.com
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.nrich.ai
eb2.3lift.com
elb.the-ozone-project.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
fingerprinter-production.herokuapp.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.vntsm.com
hb.vntsm.io
hb.yahoo.net
hbopenbid.pubmatic.com
hematologistsxoc.com
i.clean.gg
i.liadm.com
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
impression-inferences-edge-prod.playwire.com
ipac.ctnsnet.com
jelly.mdhv.io
kinesis.us-east-1.amazonaws.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mb.moatads.com
mp.4dex.io
mug.criteo.com
mydmp.exelator.com
nmcsync.imrworldwide.com
onetag-sys.com
onsite-tag-logs.apps.nielsen.com
ow.pubmatic.com
p.cpx.to
p.rfihub.com
pagead2.googlesyndication.com
pbs-cs.yellowblue.io
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pogo.ccgateway.net
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid-match.dotomi.com
prebid.a-mo.net
privacy-location-edge.ccgateway.net
proc.ad.cpe.dotomi.com
ps.eyeota.net
psudisqus.disqus.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.adstanding.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
s.tribalfusion.com
s0.2mdn.net
script-api.ccgateway.net
script.4dex.io
secure-assets.rubiconproject.com
secure-gl.imrworldwide.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
server.cpmstar.com
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl.google-analytics.com
ssum.casalemedia.com
static.addtoany.com
static.cloudflareinsights.com
static.criteo.net
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
syncv4.intentiq.com
t.adx.opera.com
tag-api-2-1.ccgateway.net
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.venatusmedia.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usersync.gumgum.com
venatusmedia-d.openx.net
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
z.moatads.com
ad.mrtnsvr.com
ads.servenobid.com
api.rlcdn.com
csi.gstatic.com
jelly.mdhv.io
pagead2.googlesyndication.com
s0.2mdn.net
104.126.112.185
104.126.119.89
104.18.36.155
104.18.43.178
104.244.42.67
104.36.115.111
107.178.254.65
108.138.107.138
108.138.128.46
124.146.153.167
129.80.52.16
13.225.214.107
13.226.34.99
13.35.93.125
131.153.172.93
131.153.242.59
141.95.33.120
142.250.80.98
147.28.129.140
15.235.42.104
151.101.130.49
151.101.3.42
157.245.73.198
157.90.211.246
162.19.138.82
162.248.18.34
172.105.235.90
172.240.127.129
173.231.178.85
18.173.132.67
18.173.219.12
18.210.32.32
18.238.47.29
18.238.49.125
18.238.55.58
185.167.164.39
185.184.8.90
188.166.17.21
195.5.165.20
198.148.27.131
199.232.192.134
199.38.167.130
207.198.113.93
208.115.232.150
213.19.162.80
216.200.232.253
23.1.200.83
23.105.12.173
23.192.50.109
23.20.118.237
23.205.76.21
23.205.78.81
23.21.78.89
23.56.162.249
23.56.163.14
23.56.210.25
23.73.245.216
23.83.76.100
23.83.76.84
23.88.86.2
2600:1f18:4e9:5a05:d869:2cda:ed4:54bd
2600:1f18:ed:550f:d95e:cc8b:3e6d:5498
2600:9000:210b:9000:13:7c50:cec0:93a1
2600:9000:211c:5a00:1e:a43d:b640:93a1
2600:9000:211c:b600:12:4abd:d340:93a1
2600:9000:211c:fa00:14:2602:6e80:93a1
2600:9000:21dd:e400:6:44e3:f8c0:93a1
2600:9000:24f0:bc00:1a:1459:5cc0:93a1
2600:9000:2512:7200:1a:5235:f980:93a1
2600:9000:26fa:3e00:1b:6b7d:2300:93a1
2602:803:c002:200::113
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:10::6816:445
2606:4700:10::ac43:2483
2606:4700:10::ac43:266a
2606:4700:10::ac43:2794
2606:4700:20::681a:246
2606:4700:20::681a:8a9
2606:4700:4400::ac40:994e
2606:4700::6810:3865
2606:4700::6812:1791
2606:4700::6812:18ad
2606:4700::6813:9e13
2606:ae80:1471:17::1140
2606:ae80:1471:1b::1690
2607:f350:3:2569:0:10:0:200a
2607:f350:3:2569:0:10:0:200c
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2008
2607:f8b0:4006:823::2001
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::200a
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2a04:4e42:400::649
3.211.60.35
3.213.214.218
3.227.250.254
3.237.175.195
3.33.220.150
34.111.113.62
34.120.111.33
34.200.65.202
34.204.24.130
34.206.181.88
34.225.234.246
34.230.189.193
34.231.251.31
34.243.27.157
34.254.47.73
34.95.69.49
35.170.109.62
35.186.193.173
35.194.66.159
35.211.178.172
35.214.242.163
35.227.252.103
35.244.154.8
35.244.159.8
35.244.193.51
35.71.139.29
37.157.5.84
38.68.201.140
38.91.45.7
40.76.134.238
44.206.144.68
44.214.131.156
5.161.181.189
50.19.110.14
51.222.239.230
51.255.68.171
52.0.156.250
52.1.240.135
52.200.139.132
52.202.93.78
52.207.45.55
52.3.160.15
52.4.146.202
52.45.50.84
52.46.143.56
52.54.58.184
52.55.204.172
52.85.61.12
52.86.3.95
52.91.215.149
54.157.67.219
54.165.58.209
54.235.170.236
54.81.68.127
63.251.28.134
63.251.86.49
63.35.139.80
67.202.105.23
67.220.228.202
68.67.160.114
69.173.151.100
69.194.240.13
69.90.254.78
74.119.119.139
74.119.119.150
8.28.7.105
8.28.7.81
8.28.7.82
8.28.7.83
8.43.72.97
80.77.87.162
82.145.213.8
00d178ec82cd2224a3cffabcd14c98a6ad0b630ea69570d133fa862bc991eac6
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04ced9017f0f5a24b2059c92b277a25cebd8319caa3f3390f300af7d6b371de6
04da066bd84e8958d82cd664633b30f17470b9c087c7557f220ebd55a26b8fae
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a93df0a6058a1a9be10ee21e486500b337da813855c2ef40dba89808b76d6b
063a952901506e6cbcc2abdd1995ea387e4ae9138993f5517834a75faee165d0
069a8cf7ef62a0cfe53356d85a2e4c637590043d8ea5af661cb23cc51a55be68
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
093f21006a9e838ba72cbdb602ae00b7b705b261af4cca2bf51bbf2b2ad6b146
096032ee859f5e6a55404f402a3ab0bbccf727246b2e41290e6eb6ebccfab672
0a0d7a645e0bc972905e0edd908c126fc144a7bb800a18633225b72d95160e4f
0a2624ab101e2b13bc7aaac9d1ec38dddddb90e3387a3ef15355cd36181e80b8
0a811e6f9e1db11519b738874e1dc1326686bd17058a5d78479c5dce61f478d8
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b945764f409a5cfd72296efcc62d2eb4af033d2a67c1842a16eed73a42f9a69
0bd0d458b6232554bbf560c1faf1215de00eff3b07d32af68b40ec202464f914
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c64b4231b22e466a3938f937fa9ba0a0a747adafcea4f07a0814a81a4e5b1d8
0d427dd92c2955e9855d8216bbcd5e73e93e2829e072a7f4cc0d181736e40974
0d4fa518c70ea18943468b4f5093e6df5cbcc2307cd4efb0dcae6dded5963ec8
0d907657f7138e28542d27bd08c28d794d4d82fbbf13f34ab3ccaea61f84fe4f
0e88658b8f36bddc0a8b1f24a0016ca32bb15c1cd5bd6932057e2018baa52ebe
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fc8e6c87cf18e0d73be8e864712f27d562cd7043e74d6e93bbfb480c691d533
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
133406ba48f5c008aab6f263151a8cd6cba1cdccbbc0ba20bd277fb9d180597a
139e214fa63379abfdbc03602bd7c99d3be1d6479a683a819cee1707944f9587
13ff8f0ff51349909ba3d8ed5065220fe403eca19708444d09de3617536920f8
152e18945ad4d2f0bbfe50c9a826606ae00d620643662a2ebdb47837276bbedd
157515f54951254d757376e5447d5ca9ef4f71f861689656d4fe2bb7ef441e40
164e1b351e3edc3d8c9027e739ea318e5081e2412a71c5319c00ffe848d1a465
166d086c02174369f57d0746efc7fd73ae99309b0d6bf93e0c8be8e5efc188ae
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c05864f8cbb41e87c87b3e065e1415a99a12bbc6df46329876a0471273495e
192129b64e6d4a6577e7e75a4d016cca850575978bc74b13f7654640c81ddbee
1921f67a7480eb686ec7bdf4edc8565bba06952de077aa024c4608ce09ce203d
1acd4e1a4cc300fed8d41672bc2a36a285a34568bb6c1091bf6e2eef0e699514
1c55d9b826e8dfa994370e306ae8dc2e849f3e003381dc848a0b95f782c0c0e3
1ca0c1365f17447e34b7d0baf8684ac2b3fab17ba4cb728aab5f7ca66970ad37
1e3e10ba8bb2039d986d1d9c340a62d791c473994cbad4d87ee36bdba39c5ca4
1e44bb0945f31eba7a6d9b3bfceddf8601f0f590278bf4fbb5c6b5968648c4b5
1e74f4f45676a969d84394cfbe89c4190810f699dd67c8395c6e5df49a052d4f
1e8a0c997df4bf02b46955537093e3151316fb3a5bfa88fdc26e04005b9079b5
1fc365ef99adcfed6bdf7b13e94ce9caea521dc5057f2570b2c4db6499ac8548
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
200bce5c50e1b652b5a7ac12df35adebb03500109277ce16c7c1c2e5dd5dbad8
21849f75dce1c267ca1106443d5aac619e2128aac89eaaf47f81e18ca07f71d0
235441426daec2904eb81a867cd9ed52dcc5ed728f8f4933fc67499e0bc3da83
24b1e9c85f895f6b64e29d323e862d6a471663669b3789a7f8ea4d2bffd10203
2585a5956c53405fab851d3d9d3ab6040ebdce6d06fc28d9bdda06d721506267
25ea9a9c30d137cd492002b4bdc7d5814b347f22310ce87790af80cce2dbf0a9
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
27b32fda4be862baafd06dc963c15107a2a22d756a849972f8656e226e31d255
29c990d697d0426e92a58ba8e6e9f0a05238ce82ffb1d35bf59377e476e0f59a
29fdc047e398171945256416771e822cc537e2d126a80eb87222b02ebea35055
2a9376a6abc6df47008a26894a201098d1c20d3b01cd0eab8a2160ee2efe666f
2c6c13edd0dfc6cdf09ce79b8f1c85a13eb04a01f73b7f1a57e123518186dd7b
2c6cacf2809a866ed89a752f5491024b15e5b5543bc36ecabce2ad2c04f78ea7
2d51a0d59102580d344430382426c071607c31f319b4753d4c0730761cd28c8e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e554726cf1b447ed389f6823a77e95c17c286b5519fa891821f068a15f2dab4
2e5f9d1e4098f2aa81e777d1a16879c32ee944a039fb1f09c8b4bac6327ce5bb
2ec766ac6273cc95e1764ae0ae6889f310849d1d31f159526dcdd7a6cad9c4db
2f0a70d9cb2e3f2780156d39a9c64fc7895e20e5bb7c9f91dc0fd1a49c1773fc
2f487700bb09461f6532287109774bb28f53f8c42eb0115a9ca686c657f4b997
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5c94be77dc56e5d73d4e9dc492c871cc904680aeb2887c10e1d69444ccd97b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
349eec9055aad9a944335a9f25678aff9e0e76ae941e0ef3538b6930d8cb13a8
3608a96494e626165a7fa990c57cba272267d5a972328b87550fcdec465c602e
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36cc4465bcbc56aceb2626aff04eb172e2d04afb1db254a6c1415fb8b3fee09e
37d54ce9d8fdcf4ed78ed03153d57e8e80d5b5841c1b76c74f8a6a3534e140ad
38e1971b954a0a070e84771d8b4dcaf47bbee838b3e75cd0c71ab87c3f16c8d5
395149d128d5d361aaf2cd3df1cfd23dee746145bdef0105d99aba97fbcf712f
3b1f82babc0c606e3d91e6112dc502b58f69ceb553b1a6d567788d27c9720ac1
3b79dedf1433d1519001844b35c8a2b5a52dc452f144dbc33008b2aa11a5be57
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e5246255c91683b8bf94e40d2131bc9a920de20b8297806bcb3a86d9ac8f8f3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f4f9f99f390d55a9f45b6253d359a253c19b89b72ddccee1e1e73133cc5db92
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ad38b6d19c818c4a403f3d7285fbafcec73c22e3064082e88feb78b4f15d33
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4419248bade3a81f5bd3ac9518c012b9d66a6a72ac3e9b3b32150b029afa7b36
45673ee28d0594c05670f5bca70994e8bcbeb71e36d268c3e26001986dad84ce
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
465c01d1b74eb5590b78d23db57ed99ffdfa47851b4fffd3b8d42bb8119270e9
4686ff80d831d395db83f226f31635c11552abe4dfaafbc3cfc6aafa894e4917
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46c99639a315e170f68f3debe5558a17ec639f3921c12fb1623b5e6aba5e6647
46d150a2f5a244e0ae65f42f6d7d9f60c8ba403524b0f398fcae2984e0c606d8
473e0fa466bd2e7cb05557e7b4e2c587de843759b21183af59fcbef533c0ce62
480f5e86198e1ac52312cc345faf38720bb2e301eb626e8a6f637f546e131c32
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4aa07cf20cf99b42eee9c152ba983a4c205b58f5a9dfb7454b68e666008c66db
4afbf2acf0f7c04bd35576ff5318205980107f927ee3c4ad7725784a98f7f3d4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c3215011bc54f21cd9d6b8c96759c5b177efdd5d111c1d395099700d7106860
4c539feb89b124bb756d1bda6c27dc28abb04130d766b5645b1ca3234f4d327f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51bd07464cde0b30954b998443bb68af086dd66462f59560c82bb95026ef1158
527fb7cab7e18398c2019ef8dddf417c9b9a481d3074260f1bf69c2b51fc3e92
52edb8a053b824a4bf919e8489aadd1420d86f20b6d622d7188ee5aa5e955d91
54a41a067d6b8c3c9d9161cbcd63ef437b70029f56e12ad443d247c199d3054b
55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d28b3e5a6dac1af7769096cc8b42b6776a0eef7660dbf2e7c0cba16777385e
5683732113378107c02329419da2176b5b3e681d2be4b1c5a269e9dbe71fa1d2
58111e9341b58618f475848342ae62c313b3d729952a373778d940fdc97f9c0e
58688e3b6c0e8285a9e9a2252bc1ea25a49a3510fbf198519caa315f61d5187d
5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5d1738caefd1a5ef3690792319b4ca5bf81ec164763e0f9c79e1c502b114f694
5d6ba9f0ef4650d36ec24679ff25d4e8b5a198b726e35a544192305eb9b6f6ee
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f04cab34a429ef6786fbe0407e3ff66f65609b94f3905e62cdd489a161fde7f
5f825b6412127a791a0c94fc9c1607def12326ed8422ab48b95c5ced4d11aae5
60edb1e5ad3cc3b414eb68e5a433dec852b1a830489b182c484e4ce2a36261d3
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61791124e32c348e2d914fdc3d400225de1f0f9d2a741bb53ec7c065468dcfe8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62559016ebda1c53dba450764062fa6a5e716dd217d121a90821cc473fb97243
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
678884f5dc34dd9d9f69c78fd08d6e95ba39a309195b4687e5c5971f2d55899f
67942c522b8f0e187f291d3dde230596fa526a323a9f50a0d667b6956839d98e
67b7b5e6d2386205e2170cd9f9c76022d7b20f695a3a0b1d846da89be48ea5ca
6802e8a7ef65daf42c9cbaedb523345b796d33754e13f336d5e8e26ef75069e8
69fe9c663db3dda68f05c8ce3e599bf60677bf990ee8e6714368bece02d730c7
6a653a32bd85f519b5e2c23df805f1e75ffc3e38b25258ab2c0e6c368f515bfb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b74aa17ffc4cd7da2000803adb835e527c4cfbac35bcad232066a9c5e20b036
6bde823fd23d9b0171f67c1516cb37ea54b162cafaf0bc31414c360f8cd51f18
6c51d463706b61b30554907747d95ff62188a36783b1a3bf949c7fbc193e79e2
6cb98a16c3230bd052fc1b12868bd89e1ef68d13691087ef7a893b339c440c4a
6ce4dbb258635f3a68ec50b8cbd187c0990e2e4fcf2aef91db9cfde32bbbaf57
6f2ce7fd73bbf192e194c18a1733e5dabfcca1cf0e0ee57e2aac80509ff80589
6fe763c8e384a73103bc6be8939fdff3a8bf7209ec6fa78986f0882549631632
71d3782ab2efa9cedb7454694f592e42df01e1ef8734a5c624847fdc191719f5
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
73399003c6b107f80480ce214391e054479d171061134e7e36d44ce27d66c463
742ce3de3eec5b30fb01ae3626593218238efe5e9eee64248def9d71f1824c6f
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
751a33be0206481f3170813268d08e7f505ef29911cbf068c8f2f3c0374df256
75691728a1c9acf8b840fd1fd028809b9d08cd068c43f75221dd6651e2e39090
76215c3c3fe0770878a151c93ef20252a413b6b69d29573c992708bdc31549cb
76a9dac2cd4f474abcbc8cf5b09851add3cc839545bf015e718ebb3a7e74266a
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
795ebc9cf0b003e22e91d51254f919a29adedd40cc49973ef4090bbd1ca4b8dc
7a03867618fb91e9f788e31fcf7fbd784ac1a9f1a6ae562a0836ddd40e6228ee
7a9f4ccfb8268a24be863b763efe2b8a7cd275ea6db951aa64881277533832c7
7ae7050527c8098114ecfea1054745909fc497277838b3a743823607b72dbb9b
7c5caf11ff3d9dc047ce7560887eed9dbf7c2185d15d84f9b95bf7a8c9ddeeb6
7edfa82045b6497418c19e6552465bf3fb24408d287f5d09a9408ac996ab04ea
7f4b36034f6579da123046b67d4d27d0037ae9bf220aa9a1c68a853ffc62d624
801bb99d513023d8ba15da886ae92f9dafa9337a376252e6844adbfb1f0ad349
804eba2d87e0f54467ba39b62d79252b853e91fd430ca8f142834784bf8a8154
80adb26bc20bcac160ed3e58f52f6318e363040decadf29b3ac5df1ce8bf8010
80c3e9eed58b949267fc61be1c0a5aba119cd91158c4f91bd0c9a7845321e736
82544ae162bda479021090084c79eee97c9b91277fbcb9d42beb85b0348479ea
82e906c703e2ab0f8d933cfed5d207940502d14d1b88b1a268ceddb3f6df5c03
845a3eda0fe11d3d7059b604603d7be7c8932d4495da9287a79f52520f61fab5
84dfaddbf8131076cd650990f063bb5c915dd5f32bbc92b36d3acc99c0333fdf
863a2908ba3a521f1a8ddbf98941b6ccec7e7d630e6fe32ec4d5610f36f068c2
86521cf39eb21a3fbb45a89ecb3d1457a06d2bb7c1a952c320ff6d30b1040a3b
8717e05e0ba09338a30278e8f68211f64eef901a26d12ffbf3c113b3d18ae0d5
871e5df4bd808c109becaa5507692c3b0ad83bb82b67ecf7fec088cc147c8b23
8887de327c1e56dc51ac18f0fe9e38aaafb2723f81c7936bed988d5c1c8665f0
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a1cf4718ff9f5e581deb93f417fd9e5a1ca136b0c5ea2f5e750509030085fad
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
8f010a2aa97a7826905dae4ebfb88adbd1c1792f164bb42b5867d8601f9156dc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57
8f969e7700dad628cf43d38db108feba5b89995345bd478e6e4c2a8e3e6363d8
900c75a72f78f7e52dffe729e6a810a592de1ba5be985a39582de2417da20e7f
902b9468500abc448d2b33bf4aa7c87baaa7f6bdee47d35d3cb026a9965cf2eb
91a68487c7e27c5b087c45dba6ebac09a35d19c919ea99d56d91d2222c0f6f28
9309517723e71014b801033ca1a77479fc3517aca1e2aaf729490b81b556ed9a
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
961813c2cc407cc2f799d1d4b17e1bb11730d890608625f8b74513143614f9b2
96732415a8b4bad9e057e060d72452df0f0c31a97fe2c66521447660ad2daef7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9906607ad275b2d8e8d5d041890f95d003684821700bbcce9cace7ac6d9bc3c1
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9af3a19a632d38ce4e1d9ad3e3db69f85a92161d798a2f200492c22e3d6e1f75
9b2950f5c9ea56705c30d4597cdbe0bab9d36428dd5827cbf42bcd25dfdb8aa6
9c35177c068c145f522b6efebff3ea9bfe10ecf4a9f6bd18a7debfd4bef91cdb
9d6a462baa17c99763c1187b483d8a6357b3d8df4df370048f526c27c7cd0e64
9d6d98d33ec496cbd4b60713a2647fb1d6902c63601ba789b38e10284b6b1d74
9d7b696c5bf435061ff7d6511cbba282c19fb74f18fd594630a6cf0db3b68080
9e9de8b805470300611d61c364a8f35e2bbca2068ee2e210f93f7ea7ad83bfcc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11756d12f15ee66f5bba8b0e3eda45c0b75128d3686ed63183fe4b747ac1cc6
a11d3b4b6f2902037c365146ff80b5bf95923f3176f1a827355e45177314d423
a1b75468e11a9979078d7799f8776ddc818fd9143a16485a29daf500ef2f44c7
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a1dfe81ce318584fcd27802f24eba4ced954064a815fd918c742087cbdd667a4
a2a8f88640dd1dce9cb9c5e3b62047f63639115b21c07d9ad4d6c3251cbd0068
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a3c424db76a2a07575c0bb0360f02eec621db1707f368e4744b0fa54c8c24290
a5097b61069f5fb0c72f5c358ddcedde99d1aa1166c89f461357a7c349e25cf7
a56d3b59c47f2456396d102e65e114f1b55310b7a88d7c8714078d5529ec2c68
a83b69c4d61363d1a637b939e0f5b9ce4a6146959ae3a4bdf39f535f4c936128
a841d030d439d620dbcab2aa60c5c4e9f4ede705ad2851d0e04640718aaa2a69
a84968788428f98d340f10ada89ecab924a68eea26aaafc0c424edc981a7697e
a897aa772be6fd024baa995acead8df3e5de4cba9e4aef00307c1a60edaeac94
a94558535ca72995a47883885d6fdfdee113dcbb8e937e88196f25cb181c72b2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa79ae929111a2fad6a54befa4e9158d8be3df0ff5d998cb4dde42d4b26d4da8
aaa3c84c6f205c067be1974436d8525c4336896d3c6ad38f78ce80f1a33042ad
ab498b0fd03bb8d8d965de3ea0b0b891cc6ed8014a6c1559088a8978fbe87b4e
abc881cd1633cb8782ad1100a7dcced9cf129f28df9a3e04d1f073f113a7d1fe
abe6195081819b19e4f5b508eacaa8cb2ef7105b6c53092178d97be5b510eed2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad11e0c0e278544cf9831ad673cf64518b4c5a72b2e3ad4e98bf8ee92b09e0d9
ae0ff766b8551377598aad2576650716630488cca5582b73442d0616e6cc3cc8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b162724bde31d6315b7f4ce1e98eca03d12b7ac222626130f863df4c930cd250
b162f6c68f346ecf5a7b1316b910b704205b456b4df07f78a5bec72a8a038b5b
b1bcb6b8216705e7126d9637f51be025195a37b4119355328d86e1ff0b35519c
b24b986f8a5332274f4088dfcc3b5c309f78a0e104d908ca425e7bba73fecc38
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b3c63cc618de0f54dfc0a0af374aba9dc4e4e4d67d43a02162ea4e5fab90a3c3
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
b67bfadb26cf6f201e98db8836ce1faa76668a04284b65e03e72eefcf8c50c91
b68ebbcf2878ae7c6646c7b9585a199ab5f78605868382e65e0cbd97b5dd2f6d
b7bc0028dbeb31889f31090300f1ad29f50071d24eadaf7518bf1a2ccc54c0c2
b7feb2ccb750c6afdae8a8baea473cd146c12aa3d943276680cde314005d2cd5
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408
b8c69eade84d852ca05c160dd196bf2f8ce92082e81eb4182f6ee76fbcd12cae
b962adab27cd2047136e9554e9ff792035da6abb79c4dffadbc90beb8751cd79
ba73cb6dde74a5644f44cbc6f3ce86b06390ae061c058c01a27fdc6aa436f8af
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6be47e0aa1e85333d196449e2eef7dc536b8718363e3aa3872a8477a3ebb35
bbec0abb011cb079a1888271855ba672f6a546f14d4ce795f81ce110beb9704a
bd4fe2dc43b282c793d8d6416a3a2ae77d993b24863eb7cea3ed1ad15b46735c
be83801fd53ef45d38bfb1e55dde6f0a0b95a833e57320d2b9b0bdc338d6a349
c0056b9e206cc0e68ceb7560a8b32f0edbbb01df097125b75f85866be361be3b
c03fc7c2991c6ff541ec79af79825f54c15ab7bbea66f5a0c6635300de5e2ffd
c1a08a2cc980f7487e08ee5de63d1f9534f4304da803d795a14f034a0522af48
c1a86d7c11a5c83b82c7e6f814aff6286a9fe3483b8e0e2c16089370bad4676d
c21323436e4296de2e6bd11c50151a5ce9ecf227b70e51b1eacdf29b0910cae3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c7fe48398efc2d8c72928bd74ff0a9d9dcb05d4d0a4b4fe439cda65c4e609b
c33e4d05fd3b17ac31f7de6443baa04c86645acad3c3205cb76dc88d4adb8da9
c37817d11dd4ef72466eaf2ed36f98f0c2edc8eb97d7b0a843d350e2b7281021
c3a9370e1f499de402991f4ab8a0154e48c135a127827b780d3a21e3f41241a9
c3f45399393645e9e776071bd6efc09c05831a6648aa83c365d51c834b3e31eb
c4348dfa21425e191c95d6fed4102c2ccd4966e7f8729df5a3235f21c5486951
c60b0583559b6e949440d4b8fdfd15f756b6ca7adb1e3f0b426307bfa4384ab1
c64439087e84a219ed78b73ce094f38bc91d28f10f94af0608ed7c7ae60eab41
c71f83b7106a5c625bedf1fb10174c308fcdb9424619a566212cf7f4271bf993
c78670d74dd4276ebea41acf32ea50bef3e18c35c9f0f85afc929baa14d5e690
c894b361bd611c760e0fd7fc99923e77145a91b345d294d0c2b764e8bb29b02a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c992927da546dc1e9870a5b94acc95bff95f724cb0a66a79d138db94ce5c236f
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbd8b71765c8b3a70e9fcbb62767a74142955d751dc63b9420e953e237245a98
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02702b2bb851c27f83ea7e0e1c42d09b932de881a93fa72bb4f18362c13af42
d0e53b6325da9fb22a6fd3e8c9e26e489f5a3946ae21a85e98a60bc408ad80a5
d1c9bc09688595392a08974bdce6a8c8a693fd8b8a21d1978e7ec8e853b09ddd
d2fdbc41a0960dc49b537060118e80e4c802a95544e5e939aa496bf2c9440a60
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d3c460d58168d4a6be497aa958239fcf9a1e27dc1a08b79f50f909399158148b
d3fea3084320dc8251d6fe5f351e961f749b69d5e3492f189391811e7fdf4159
d4fff359736f60b70833f614d85cc605aa9ca6e2794572179f41078e34fe5260
d614edeac6f54e693b67dbace5e6c59e582a74982c882cbbd0693b760d5bb37a
d6ecb897e5ac951bbbcbb6223fb5bd0953d52ffe167086edb10033fc9822ddb8
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3
d8ceffe128c59833e7b25427d61f97415c24d085e152f6b33b3884d09badced6
d8ea000d44aee5be5ae2e512242b63591f1542c4025f9da0e9783ad302b95620
da07e9a9eb3a5cc11ce9390e2e16ad61add709f4ec7bb2d99935f88d9cf8d2eb
dcf2f500ddb6fd060f99ca8702adfd0062aa7e3b27bd40a327da801e752b3002
dd41af8e2f7ca7f8bde5d1bc251657a75088befd032e99048e8ab78bca97383e
ddce7e25f2a9edf200e6fed5e587dc34d5fb77af40bbf72c1b3977f0f99b6fe4
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df26c73a558a211b59df8b4958d1b94024319844ab6ccd589d7b005e76c4e301
df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea
df8381fff17ce48df50797cbd81fae3e66d0333a2d0ff1a4a68d47cf0d5bdd3a
e009e2d2af449caf723ed6395aa52c4054759d7e4d35e10b5a4ca9f74699c3f5
e207e20d302e5e5d3bdb5c9b87f17d4649978290c1186daa4bd78417607710a8
e2b9d6e3e5160f25b3df947565b4c32b3386d9791d4ea8b6abf07748e66fad6b
e3041011590f4551637b4ffcb57039a03dbcf1f4bf5867422da99128562cacbd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b7159b991308f2fd94f48ad5974b3706a59621c213dee55f87512f8ea48075
e5df21b86b118b2060395db0adae3498fa5bc03a9b1099d5523be386c05f8ebe
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
eba8f0299ba7901370cbc32973297a0e8f7009283ae12799f8a203d43a66f76a
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ee646a16b300650f87e8e31e484dd268861c8b2b3dc0bbd72b43fbe5f520f09d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30efee01525dfbd0eb7b9abbd13b0b39fbb343066831891df6d29728ced3b21
f5b945f7c5e7974cecbce00308034a7fb43515ddbb572fe923e6c8e74e726695
f5c26ab9c2405c9049dceaeb76d5551bc7c3907070cecc34112e22acb236f0c4
f8109d8c2cae96ff237d1be560dd8a8a35db04ff0ead82ae170efbe8d0678c2e
f852e10f255d20e47990e1ecc9e3135a8dca4f1151931188b06a008150c5eefa
f863c1b8d49efa3b6dcbbb14b32300b5d130ce0b0d4bf4c76ec6bfdffffe8e52
f8a389b5b17d684ffceb433518602681283a96f4bec24fca5111e60f664b8766
f9b58c2c20911d76509b29980640957c341a1c0494fbd993415d7ecce035bdac
fab6ecd1b1667e2496df1940313f4a3b897eea71a2d99d747d4d5e0989def6d3
fb2dc62dd4b0853651818d86735fee3d4c7013696669679052e5d1d46ef87f96
fb5a0b8fcbf1decb1e853e023fe85e46412ff5b0ee8651e9fca53e647ad4db9c
fbfbd2165b06d7d429ff83fec50c4358ba82526013092377e6cec2d89696cf62
fd6046fc1f4a0429f959a468afc2ab3ff4e3578721543ca80ac243acc2320d83
ff5213f3dc3bcf8ff080cd7e7fb64e77d3667f037add7576806d660da752827a
ff535025543261ff945ed6ef924a7fa83ab5d8c45d5ecda5443f0e41ba376651
ff6745039b57997690ae4c88a43a1d0650a1cff8e9214f152245b587fdf7f689