urlscan.io logo urlscan.io
SecurityTrails logo

cubdomain.com Open in urlscan Pro
2606:4700:20::681a:5b5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cubdomain.com/
Effective URL: https://cubdomain.com/
Submission: On February 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 6 countries across 66 domains to perform 278 HTTP transactions. The main IP is 2606:4700:20::681a:5b5, located in United States and belongs to CLOUDFLARENET, US. The main domain is cubdomain.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2022. Valid for: a year.
This is the only time cubdomain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a04:4e42::485 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
42 2607:f8b0:400... 15169 (GOOGLE)
3 48 172.66.41.9 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 67.202.105.32 32748 (STEADFAST)
1 3 104.18.25.185 13335 (CLOUDFLAR...)
1 3 51.222.39.185 16276 (OVH)
7 7 8.28.7.82 62713 (AS-PUBMATIC)
10 19 142.251.35.162 15169 (GOOGLE)
3 3 8.28.7.83 62713 (AS-PUBMATIC)
3 3 8.28.7.84 62713 (AS-PUBMATIC)
6 8 34.111.113.62 396982 (GOOGLE-CL...)
1 1 68.67.160.114 29990 (ASN-APPNEX)
3 4 68.67.181.211 29990 (ASN-APPNEX)
2 2 34.98.64.218 396982 (GOOGLE-CL...)
9 15 3.218.90.66 14618 (AMAZON-AES)
7 7 52.223.40.198 16509 (AMAZON-02)
7 7 199.127.204.171 26120 (RHYTHMONE)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
4 4 64.202.112.127 23352 (SERVERCEN...)
2 2 23.205.6.178 16625 (AKAMAI-AS)
4 4 13.248.245.213 16509 (AMAZON-02)
1 1 69.166.1.10 27630 (AS-XFERNET)
2 2 34.199.247.221 14618 (AMAZON-AES)
2 2 209.191.163.208 14744 (INTERNAP-...)
1 8 23.198.216.24 16625 (AKAMAI-AS)
2 2 2620:116:800b... 14618 (AMAZON-AES)
1 1 199.38.167.130 54312 (ROCKETFUEL)
1 1 34.193.58.159 14618 (AMAZON-AES)
7 7 67.202.105.22 32748 (STEADFAST)
1 2 2600:9000:251... 16509 (AMAZON-02)
7 2607:f8b0:400... 15169 (GOOGLE)
2 13.226.39.8 16509 (AMAZON-02)
1 104.18.35.34 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 18.164.96.113 16509 (AMAZON-02)
2 4 52.46.130.91 16509 (AMAZON-02)
1 6 192.40.39.223 27381 (CASALE-MEDIA)
3 3 185.167.164.39 198622 (ADFORM)
1 1 54.88.103.18 14618 (AMAZON-AES)
1 104.18.24.185 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
27 2607:f8b0:400... 15169 (GOOGLE)
1 3 104.127.172.242 16625 (AKAMAI-AS)
3 3 35.211.178.172 19527 (GOOGLE-2)
6 34.117.239.71 396982 (GOOGLE-CL...)
2 2 216.200.232.249 30419 (MEDIAMATH...)
2 2 2606:ae80:147... 25751 (VALUECLICK)
1 2 2600:1901:0:8... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 20.114.189.70 8075 (MICROSOFT...)
2 6 2607:f8b0:400... 15169 (GOOGLE)
5 9 69.173.151.100 26667 (RUBICONPR...)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 52.9.91.27 16509 (AMAZON-02)
1 2001:4998:124... 26101 (YAHOO-BF1)
5 2001:4998:1c:... 14779 (YAHOO)
1 67.220.228.202 16509 (AMAZON-02)
1 4 2600:1f18:4e9... 14618 (AMAZON-AES)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a04:4e42::729 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.40.134 15169 (GOOGLE)
3 3 34.150.170.96 396982 (GOOGLE-CL...)
2 2 151.101.130.49 54113 (FASTLY)
1 2 44.193.124.55 14618 (AMAZON-AES)
1 1 2620:100:a001... 19750 (AS-CRITEO)
1 74.119.119.150 19750 (AS-CRITEO)
1 18.235.247.121 14618 (AMAZON-AES)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 5 104.77.220.25 16625 (AKAMAI-AS)
11 104.77.221.103 16625 (AKAMAI-AS)
1 23.44.133.30 20940 (AKAMAI-ASN1)
2 142.250.176.194 15169 (GOOGLE)
1 1 35.214.223.115 15169 (GOOGLE)
1 1 185.196.197.130 39572 (ADVANCEDH...)
1 1 54.208.243.98 14618 (AMAZON-AES)
1 2 23.200.197.46 16625 (AKAMAI-AS)
3 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:401... ()
278 58
7    2606:4700:20::681a:5b5 (United States)

ASN13335 (CLOUDFLARENET, US)
cubdomain.com
www.cubdomain.com
2    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
42    2607:f8b0:4006:822::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
48    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3019.infolinks.com
2    2607:f8b0:4006:81e::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    67.202.105.32 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
3    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
3    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
7    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
19    142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
cm.g.doubleclick.net
3    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
8    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    68.67.160.114 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
4    68.67.181.211 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
15    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
service.idsync.analytics.yahoo.com
7    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
7    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    23.205.6.178 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-6-178.deploy.static.akamaitechnologies.com
stags.bluekai.com
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    34.199.247.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-247-221.compute-1.amazonaws.com
ad.360yield.com
2    209.191.163.208 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
8    23.198.216.24 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-216-24.deploy.static.akamaitechnologies.com
cs.media.net
warp.media.net
hblg.media.net
lg3.media.net
2    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    34.193.58.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-58-159.compute-1.amazonaws.com
ssp.disqus.com
7    67.202.105.22 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    2600:9000:2510:b000:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
7    2607:f8b0:4006:81c::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
adservice.google.com
2    13.226.39.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-8.ewr53.r.cloudfront.net
api.intentiq.com
1    104.18.35.34 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
3    2607:f8b0:4006:808::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:1ec:4e:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    18.164.96.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-113.jfk50.r.cloudfront.net
sync1.intentiq.com
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    54.88.103.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-103-18.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
5    2607:f8b0:4006:80e::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
27    2607:f8b0:4006:81c::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
3    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
2    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2606:ae80:1471:1a::1370 (United States)

ASN25751 (VALUECLICK, US)
33across-match.dotomi.com
2    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
1    2607:f8b0:4004:c0b::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.clarity.ms
6    2607:f8b0:4006:80a::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
9    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    52.9.91.27 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-91-27.us-west-1.compute.amazonaws.com
prod-m-node-1213.ssp.yahoo.com
1    2001:4998:124:1407::d000 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
pn.ybp.yahoo.com
5    2001:4998:1c:800::1001 (United States)

ASN14779 (YAHOO, US)
s.yimg.com
cdn.js7k.com
beap-bc.yahoo.com
1    67.220.228.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    2600:1f18:4e9:5a01:b6b9:22a8:c0af:3d60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
3    2607:f8b0:4006:817::2006 (Nutley, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2607:f8b0:4006:823::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2607:f8b0:4006:81d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2607:f8b0:4006:821::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2607:f8b0:4006:80d::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.251.40.134 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f6.1e100.net
ad.doubleclick.net
3    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    44.193.124.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-124-55.compute-1.amazonaws.com
pm.w55c.net
1    2620:100:a001::1d (United States)

ASN19750 (AS-CRITEO, US)
ssp-sync.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    18.235.247.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-247-121.compute-1.amazonaws.com
onevideosync.uplynk.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
5    104.77.220.25 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-220-25.deploy.static.akamaitechnologies.com
contextual.media.net
11    104.77.221.103 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-221-103.deploy.static.akamaitechnologies.com
www.ebay.com
i.ebayimg.com
1    23.44.133.30 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-133-30.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
2    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
googleads4.g.doubleclick.net
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    185.196.197.130 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    54.208.243.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-243-98.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    23.200.197.46 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-197-46.deploy.static.akamaitechnologies.com
sync.teads.tv
3    2a04:4e42:400::718 (United States)

ASN54113 (FASTLY, US)
ir.ebaystatic.com
2    2a00:1450:4010:c05::78 (None, )

ASN- ()
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
55 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
743 KB
48 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 6712
router.infolinks.com — Cisco Umbrella Rank: 2621
rt3019.infolinks.com — Cisco Umbrella Rank: 69885
560 KB
37 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
ad.doubleclick.net — Cisco Umbrella Rank: 171
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319
159 KB
20 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
prod-m-node-1213.ssp.yahoo.com — Cisco Umbrella Rank: 6012
pn.ybp.yahoo.com — Cisco Umbrella Rank: 1034
service.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 919
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
beap-bc.yahoo.com — Cisco Umbrella Rank: 780
13 KB
16 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 877
cdn-ima.33across.com — Cisco Umbrella Rank: 8535
events-ssc.33across.com — Cisco Umbrella Rank: 2023
lexicon.33across.com — Cisco Umbrella Rank: 1506
12 KB
13 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 844
eus.rubiconproject.com — Cisco Umbrella Rank: 533
token.rubiconproject.com — Cisco Umbrella Rank: 541
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1064
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
17 KB
13 media.net
cs.media.net — Cisco Umbrella Rank: 1359
contextual.media.net — Cisco Umbrella Rank: 563
warp.media.net — Cisco Umbrella Rank: 2437
hblg.media.net — Cisco Umbrella Rank: 1799
lg3.media.net — Cisco Umbrella Rank: 4898
159 KB
13 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 623
image2.pubmatic.com — Cisco Umbrella Rank: 846
image4.pubmatic.com — Cisco Umbrella Rank: 938
5 KB
12 google.com
adservice.google.com — Cisco Umbrella Rank: 73
www.google.com — Cisco Umbrella Rank: 2
3 KB
10 ebayimg.com
i.ebayimg.com — Cisco Umbrella Rank: 4325
135 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
dsum.casalemedia.com — Cisco Umbrella Rank: 1267
7 KB
8 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 442
fonts.googleapis.com — Cisco Umbrella Rank: 36
704 KB
8 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 424
2 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
58 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
272 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
4 KB
7 cubdomain.com
cubdomain.com
www.cubdomain.com
69 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1033
t.clarity.ms
20 KB
5 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 267
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 940
4 KB
5 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1205
api.intentiq.com — Cisco Umbrella Rank: 1650
sync1.intentiq.com — Cisco Umbrella Rank: 3496
5 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 510
3 KB
5 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 377
ib.adnxs.com — Cisco Umbrella Rank: 203
6 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 338
1 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 532
2 KB
3 ebaystatic.com
ir.ebaystatic.com — Cisco Umbrella Rank: 7083
80 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 730
2 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
127 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
2 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 590
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 755
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
1 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 195
164 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1218
610 B
2 criteo.com
ssp-sync.criteo.com — Cisco Umbrella Rank: 934
dis.criteo.com — Cisco Umbrella Rank: 686
716 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 726
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 591
685 B
2 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 891
31 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 466
33 KB
2 dotomi.com
33across-match.dotomi.com — Cisco Umbrella Rank: 3164
616 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 459
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 654
915 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 589
1 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1457
589 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 663
648 B
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 494
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 957
1 KB
2 openx.net
u.openx.net — Cisco Umbrella Rank: 621
630 B
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1556
hde.tynt.com — Cisco Umbrella Rank: 4763
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
136 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 339
203 KB
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 644
696 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10276
283 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 879
256 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1833
1 ebay.com
www.ebay.com — Cisco Umbrella Rank: 5455
9 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 237
606 B
1 uplynk.com
onevideosync.uplynk.com — Cisco Umbrella Rank: 2773
195 B
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 4596
7 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
514 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1295
565 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 855
601 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1489
273 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 770
736 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 819
750 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 927
6 KB
278 66
Domain Requested by
28 pagead2.googlesyndication.com cubdomain.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
blank
googleads.g.doubleclick.net
ad.doubleclick.net
www.googletagservices.com
imasdk.googleapis.com
27 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
imasdk.googleapis.com
24 router.infolinks.com 3 redirects resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
19 cm.g.doubleclick.net 10 redirects eus.rubiconproject.com
blank
googleads.g.doubleclick.net
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
cubdomain.com
imasdk.googleapis.com
13 resources.infolinks.com cubdomain.com
router.infolinks.com
resources.infolinks.com
12 ups.analytics.yahoo.com 7 redirects blank
contextual.media.net
11 rt3019.infolinks.com resources.infolinks.com
10 i.ebayimg.com www.ebay.com
8 pixel.tapad.com 6 redirects router.infolinks.com
7 www.googletagservices.com googleads.g.doubleclick.net
pn.ybp.yahoo.com
www.googletagservices.com
ad.doubleclick.net
7 ssc-cms.33across.com 7 redirects
7 match.adsrvr.org 7 redirects
7 image8.pubmatic.com 7 redirects
6 www.google.com 2 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
6 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
6 cubdomain.com 1 redirects cubdomain.com
static.cloudflareinsights.com
5 contextual.media.net 1 redirects googleads.g.doubleclick.net
contextual.media.net
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 imasdk.googleapis.com resources.infolinks.com
imasdk.googleapis.com
tpc.googlesyndication.com
5 sync.1rx.io 5 redirects
4 www.gstatic.com googleads.g.doubleclick.net
4 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
4 pr-bh.ybp.yahoo.com 1 redirects blank
4 t.clarity.ms www.clarity.ms
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
4 eb2.3lift.com 4 redirects
4 b1sync.zemanta.com 4 redirects
4 ib.adnxs.com 3 redirects blank
3 ir.ebaystatic.com www.ebay.com
ir.ebaystatic.com
3 um.simpli.fi 3 redirects
3 fonts.googleapis.com googleads.g.doubleclick.net
3 s0.2mdn.net imasdk.googleapis.com
ad.doubleclick.net
3 x.bidswitch.net 3 redirects
3 c1.adform.net 3 redirects
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 cs.media.net 1 redirects contextual.media.net
3 ad.turn.com 3 redirects
3 image4.pubmatic.com 3 redirects
3 image2.pubmatic.com 3 redirects
3 onetag-sys.com 1 redirects router.infolinks.com
googleads.g.doubleclick.net
3 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
ssum-sec.casalemedia.com
3 cdnjs.cloudflare.com cubdomain.com
cdnjs.cloudflare.com
2 csi.gstatic.com imasdk.googleapis.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 lg3.media.net googleads.g.doubleclick.net
cubdomain.com
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 hblg.media.net googleads.g.doubleclick.net
2 pm.w55c.net 1 redirects blank
2 sync-tm.everesttech.net 2 redirects
2 cdn.js7k.com blank
pn.ybp.yahoo.com
2 s.yimg.com blank
2 lexicon.33across.com 1 redirects
2 33across-match.dotomi.com 2 redirects
2 sync.mathtag.com 2 redirects
2 eus.rubiconproject.com hde.tynt.com
eus.rubiconproject.com
2 www.clarity.ms www.googletagmanager.com
www.clarity.ms
2 api.intentiq.com resources.infolinks.com
2 sync.intentiq.com 1 redirects router.infolinks.com
2 cms.quantserve.com 2 redirects
2 ap.lijit.com 2 redirects
2 pixel.advertising.com 2 redirects
2 ad.360yield.com 2 redirects
2 stags.bluekai.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 u.openx.net 2 redirects
2 www.googletagmanager.com cubdomain.com
www.googletagmanager.com
2 cdn.jsdelivr.net cubdomain.com
1 beap-bc.yahoo.com cdn.js7k.com
1 sync.srv.stackadapt.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 csync.loopme.me 1 redirects
1 qsearch-a.akamaihd.net googleads.g.doubleclick.net
1 www.ebay.com resources.infolinks.com
1 warp.media.net googleads.g.doubleclick.net
1 c.bing.com 1 redirects
1 onevideosync.uplynk.com blank
1 dis.criteo.com blank
1 ssp-sync.criteo.com 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 fonts.gstatic.com fonts.googleapis.com
1 vjs.zencdn.net resources.infolinks.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 service.idsync.analytics.yahoo.com blank
1 pn.ybp.yahoo.com blank
1 prod-m-node-1213.ssp.yahoo.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 secure-assets.rubiconproject.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 sync1.intentiq.com
1 cdn-ima.33across.com resources.infolinks.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ssp.disqus.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 secure.adnxs.com 1 redirects
1 hde.tynt.com router.infolinks.com
1 de.tynt.com 1 redirects
1 static.cloudflareinsights.com cubdomain.com
1 www.cubdomain.com cubdomain.com
278 105
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-14 -
2023-06-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.intentiq.com
Amazon		 2022-03-20 -
2023-04-17		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-22 -
2023-05-24		 3 months crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-08 -
2023-05-10		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-27 -
2023-04-19		 2 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-08-30 -
2023-10-01		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
onevideosync.uplynk.com
DigiCert SHA2 High Assurance Server CA		 2023-02-22 -
2023-05-24		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
www.ebay.com
Sectigo RSA Organization Validation Secure Server CA		 2022-08-16 -
2023-08-16		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
i.ebayimg.com
Sectigo RSA Organization Validation Secure Server CA		 2023-01-10 -
2024-01-10		 a year crt.sh

This page contains 36 frames:

Primary Page: https://cubdomain.com/
Frame ID: 4D102AFE7D94B93781221EBBACD688B0
Requests: 77 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Frame ID: BB7D3F22B59EA2F4359723CF66F214C2
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Frame ID: FFA915BCB04029DF2EA29DEF6AD9DF89
Requests: 20 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Frame ID: 380C50DD69AB444AA48256BCAB954BA8
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 79A7EE7D5C96EEFF0D17895B286E8FBA
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: C32EC7D6C90AF900A82496555AD35890
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&adk=1812271804&adf=3025194257&lmt=1677496357&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x540_l%7C140x540_r&format=0x0&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357062&bpp=9&bdt=832&idt=276&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7342740357682&frm=20&pv=2&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=305
Frame ID: 33BBF66190FBD29B409692A0F755695E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&h=280&adk=1213588912&adf=2069133333&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1677496357&rafmt=1&to=qs&pwprc=1302010343&format=1200x280&url=https%3A%2F%2Fcubdomain.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357071&bpp=2&bdt=840&idt=312&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7342740357682&frm=20&pv=1&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sGAMTXv0m7&p=https%3A//cubdomain.com&dtd=318
Frame ID: F7FD681816824A3C937F4B7ECD58479C
Requests: 16 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-1.0.html
Frame ID: 44206F938C0C55479DAFD62C935A8885
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: C8C0C6629623FAB0FEDD847271680565
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A9BA29F0BC64F04CA298A298242F17AE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 194E350908642CD2C007196A70631586
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 5E51EB7F6631B51234D67E9890D4BAB9
Requests: 6 HTTP requests in this frame

Frame: https://pn.ybp.yahoo.com/ab/secure/true/imp/hdbXVv8zaUfeFNfXnYvez_F3xPIQjBLIaXLiccDBSRIZoWoHsv1m65e_Vc474ozYOlAba6dN1DXhfXHqCJ7u_eZqLS-pSqiBF3YT6mt5JZyXeP4bGtfmXLYscI40THXbCsLH5yrcQ--JqKSxPPKP2uZNeAR6po2YTKfORiiHxnD6A9gfAc7KLj4PqLLAcVDiJN8i-h3GTx_DyWeWVUu97vTkY4w726Ny1HmcnJXli0apN50GkhrxrU540PWfcTNAb8V_K_7ygUV1SKUX8Bj_RIL8-vn4C4eRkpKR8kNUQWcKNZqAKj7EJIBUalp-QI7wgt5kWk1tISh5_GbIhjrZrKR0yWDAanSfodQ51gw28WBsI2Fb8z-FouQcFsbJd-GBwU-qNxM_y1Sq_JM1OGt174IG12VAgIe0WnerUTLSe-TKwlM5hoVE5Dq89cKhyk9j63Wjeic-ccB-wR3PzcOPrFn0r5eyvVkNhRdUzHi23eIM1ONDTlms5lMAU2eUyxAGzfrheFPHcTA5RgTJ_AspanBFuPMjMwCfUKbvVCWM5ASXTDcHEf0GH0lqBwO5vld8Cdr-mJADTb2lbG4boBZ4RqVN4cqN3jykduFt65bi3KKHHozSl74sSLnaMykC_HKGjYAuzQNj19Xg8VheF8ZwxeC8pTf06uuoLxtpyKI9ncvQsYT_C1LY67lOb0hM5rjbGosMdTomByzmWxLdn65UV5WXSdbdxeofz6-wLwA1ju9soH1hrGClf8Pe4B3HyU6WOD7vLMxlN0DP6T_8qNsGvGbO3C_w4sxB47qp37-U7p3iL5STYy6SognIu_vHTX1MBdg7hytmuiKjo0_dsnX07_IAvu9u7lyfSltRQ492Vz9pxUBorYqGu4MRgL7xebRphd9TCuPZpnOxPrmr6w097jxJquSfTb0_c40fZef8Tdj0UGuZelK9kLdI6rtyuu86MDPLMIH6RV3FqgpC3jV0ho3FbRANGAVVckiB3PiYT0-I8Vex2-xTu5xVd36YDiClt4tv8hBV-zjQ8W-QaT9UTab8_hR6g9pInsTWBx4rkez7cvbnt3NuSBZ0aMcY1_HQFOynm2mZI1jxTktuOY908hsHGQSky7MTYZz77qwMWuInSrBBguBeP4Zpj6bHm2cbHti-hCg1ND4F1Z62Hhj0dG5NsfXMWqLdAV6-kkwKdGHHE2BiINB2ttZByZmWz8W5JBTSJdCrz0VQoMDViOJZERnTkybEOv5PQMbX6Dm-nUtxGPs6ur3BhKKzp34zF_4kTBh96VBKnZ_DD9-zF1efZzGGzMGOsDdqfW7qaY8hggoCXoLHQvVR7TjfrHPlI3Y6I5sskjNZpDFC2MspupyvhNpjkWoQNoM5gw5Op7zdK11S7pS0TsqklS1t1OKAmPyXjvOfbZQxf2bFqfDYanJM2_IOFOqmq9A3iU9_OP3v4ym06IH92hUn8cXMW3gJp86TCA88kQ7LUjUAnW7fjsBxi1auN5AaY72KUHiswvBgIUOLh0JEZfUCFk8PEAAD2lkkNteWfFy5Wznty-ppDf_D5P-0nmglkP9rdauQvW9NJ1C3-I5EUDLehjgXADkPp719dnOo4GpJqyxSbAnFd6VbRtUSHVngMA7wL3gEKSdUQ337-Kq8SqzKVfDte2Q5_JNhp607C8ss45Q3fJ3H4l6-Og/wp/0.292181/tr/null/pa/null/pclick/https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cfa27200dc%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9691ba01777792dbf7a67b952001f3%26grp%3D%253F%253F%253F%26type%3D2%26hbp%3D84%26nl%3D1677496357930%26rts%3D1677496357876%26ari%3D2a9502103d464418979c7e6f1d4cbb8e%26b%3DMTMyMjI7Ozs7Ozs7MzE2NTQ0NTg7Ozs7Ozs7Ozs7MTs.%26a%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82~979~1%26rdm%3D1%26rd%3D
Frame ID: 3536E4B5739A97A84333F70AB2E1DAEF
Requests: 21 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html
Frame ID: 98F2925E865C64A826EC3DAFA9BAC85A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: C0A906D8D29355FF20B51C249EB02364
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 30DADF908F6EADB7896C1BA12897783B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Frame ID: A53E6E5442BECDC4628C96A7C77FF7A9
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Frame ID: 05B76AE72B2AF60394ADB9820A7724DF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D130609B645F335BA5278156AD430D06
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N744234.4292204YAHOODSPVERIZON/B29114034.359433600;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=402488621;ord=f2ut5f;click=https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cfa27200dc%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9691ba01777792dbf7a67b952001f3%26grp%3D%253F%253F%253F%26type%3D2%26hbp%3D84%26nl%3D1677496357930%26rts%3D1677496357876%26ari%3D2a9502103d464418979c7e6f1d4cbb8e%26b%3DMTMyMjI7Ozs7Ozs7MzE2NTQ0NTg7Ozs7Ozs7Ozs7MTs.%26a%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82~979~1%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2F2IYT4wtnSgkYeW9kHgLcCDyPaBg_nwZTvt890-IKEg-MnRPMgXX7GhOGtQFkBZ38SFC_FE9gl7KV8iMHxOl0RxP8iaERnFExiRHhMrgdBdoOp0nWPbd5aj3-VotVwOUehTHNpKuBp3y_AYYj_afDn6-ERm4zQ0b2Jfd7i23SHPHjt9eIrZ_yLmVbOVxmjVVBsxpSdhEXzrAHNruDNI0owtjXAO23MH4R7hiEH-el2q3WEPyAg6D2LPUsyUBnp4-wTksG12jjZflCe3xCyy8qW2SnRbujXfJ1%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcubdomain.com%2F$0;xdt=0;crlt=EP794zlcxa;gcsr=m;stc=1;chaa=1;sttr=140;prcl=s
Frame ID: CA593F47C9D1885735C1EBDA6C66CF94
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 58A63C26FB226F162575414E38E1AD44
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: 03CCDBA2A6483ED2505F4B0A078ED2FC
Requests: 1 HTTP requests in this frame

Frame: https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Frame ID: F5E568952F4B61BCBBFDE0876B507196
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: E37A70F7BBBFB26C6FA118A993841E29
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: 2CB6EBA7B6AC451084B08F3D68809AF5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 69721C1D88AE93E7E68C78E34558D702
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CURC8I25&prvid=2033%2C294%2C3018%2C313%2C238%2C359%2C459%2C319%2C77%2C99%2C20000%2C184%2C262%2C460%2C241%2C461%2C462%2C188%2C246%2C4%2C10000%2C229%2C9%2C307&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 5A7E3B38E52D98407886650BF03010F3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CFD93029CF80967BAAA4E76AC3C60851
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: 80917DA83E1E166C12073BD13FB6E31C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Frame ID: 2D04DB6CECACDF8B3FDC44E3178C40FF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 400DBC038A0BFF562379CF57D4F6BD41
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF93E8568190C3EE28F2DE3D318828AE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/loader21.html?https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js%3fadTagUrl=https%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-video-pub-1463455084986126%2526slotname%253D345364575467565%2526ad_type%253Dvideo%2526description_url%253Dhttps%25253A%25252F%25252Fcubdomain.com%2526max_ad_duration%253D30000%2526videoad_start_delay%253D0&type=js&vpmute=1&vpa=1&rdp=0
Frame ID: DFD5208085A96B9A285F109300B4BCC7
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html
Frame ID: 6FCA683117A7777C1213C5113A9052A5
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/loader21.html?https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js%3fadTagUrl=https%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-video-pub-6373315980741255%2526slotname%253D463849%2526ad_type%253Dvideo%2526description_url%253Dhttps%25253A%25252F%25252Fcubdomain.com%2526max_ad_duration%253D30000%2526videoad_start_delay%253D0&type=js&vpmute=1&vpa=1&rdp=0
Frame ID: AB8728D440F2C097BFF2D5CFC25355B9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CubDomain.com - Check Website Comprehensive Report

Page URL History Show full URLs

  1. http://cubdomain.com/ HTTP 301
    https://cubdomain.com/ Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
  • /Chart(?:\.bundle)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

278
Requests

74 %
HTTPS

36 %
IPv6

66
Domains

105
Subdomains

58
IPs

6
Countries

3753 kB
Transfer

10082 kB
Size

116
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cubdomain.com/ HTTP 301
    https://cubdomain.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Request Chain 22
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 24
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDcwNzA4MzctQjRBNS00REJDLTkxODQtMzVCMDkyNjBGQ0RC&gdpr=-1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDcwNzA4MzctQjRBNS00REJDLTkxODQtMzVCMDkyNjBGQ0RC&gdpr=-1&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D07070837-B4A5-4DBC-9184-35B09260FCDB HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=07070837-B4A5-4DBC-9184-35B09260FCDB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3356&partner_device_id=07070837-B4A5-4DBC-9184-35B09260FCDB HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Deb644950-4fc1-4c1e-9446-9a6dcaa5c51c%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3536526977433063810&pt=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%2C%2C
Request Chain 25
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=3536526977433063810
Request Chain 26
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
  • https://router.infolinks.com/dyn/ox-usync?uid=95c2aaf5-751a-4498-9ee2-3baae689ca47
Request Chain 27
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-4fSiImlE2uH5oe3TYae.Aml0KBMVJx6HqiNZdKU-~A HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3399&partner_device_id=y-4fSiImlE2uH5oe3TYae.Aml0KBMVJx6HqiNZdKU-~A HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3399&partner_device_id=y-4fSiImlE2uH5oe3TYae.Aml0KBMVJx6HqiNZdKU-~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&ttd_puid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%2C%2C
Request Chain 28
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1677496357454 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5147515765 HTTP 302
  • https://sync.1rx.io/usersync/turn/2904119884902318991?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fur-usync%3Fuid%3DRX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005 HTTP 302
  • https://router.infolinks.com/dyn/ur-usync?uid=RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005
Request Chain 29
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=4DttiO1g2cKjJjyTXxBw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHU2EI5DUNFHTCZZSMNFWUSTKPFKFQ6CCO4 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHU2EI5DUNFHTCZZSMNFWUSTKPFKFQ6CCO4 HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=4DttiO1g2cKjJjyTXxBw
Request Chain 30
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID HTTP 302
  • https://router.infolinks.com/dyn/tplift?uid=2800704551102332073957
Request Chain 31
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP 302
  • https://router.infolinks.com/dyn/sonobi-usync?uid=db31c910-5a7c-4fd8-80e1-a65a20682c2c
Request Chain 32
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://router.infolinks.com/dyn/imd-usync?user_id=0443a9dc-4194-45f8-8e89-ed394c1dc14f&partner_id=1531
Request Chain 33
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-TKbLVsxE2uH04VogSxOMR7z2BgbLOmFX~A
Request Chain 34
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=GOfACLZHW2bggVphS0qDYIgo
Request Chain 35
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D07070837-B4A5-4DBC-9184-35B09260FCDB HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=07070837-B4A5-4DBC-9184-35B09260FCDB
Request Chain 36
  • https://cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E HTTP 302
  • https://router.infolinks.com/dyn/mnet-usync?uid=3204979571524164000V10
Request Chain 37
  • https://sync.1rx.io/usersync2/rmpssp?sub=infolinks HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7305892664 HTTP 302
  • https://sync.1rx.io/usersync/turn/2904119884902318991?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fur-usync%3Fuid%3DRX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005 HTTP 302
  • https://router.infolinks.com/dyn/ur-usync?uid=RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005
Request Chain 38
  • https://cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0 HTTP 302
  • https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=5dz7sOrfr-b-ivzq4t-w5eLWpOH-ia_k69x_7oAn
Request Chain 39
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=969470211960384216
Request Chain 40
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks HTTP 302
  • https://router.infolinks.com/dyn/disus?uid=ua-aefe1d9d-5cb9-390d-b220-8eb7a3e11275
Request Chain 41
  • https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP 302
  • https://router.infolinks.com/dyn/33a-usync?uid=212088524569228
Request Chain 42
  • https://router.infolinks.com/dyn/iq-usync HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=792a2bfe-ceb5-4d9a-84e8-969f30b991aa&3rddpi=2023874098&3rdpcid=Y-yQJZMVii9y9ywf1whDfAAA%26415&3rddpi=1639354730&3rdpcid=y-TKbLVsxE2uH04VogSxOMR7z2BgbLOmFX%7EA&3rddpi=1213503647&3rdpcid=y-4fSiImlE2uH5oe3TYae.Aml0KBMVJx6HqiNZdKU-%7EA&3rddpi=1239766150&3rdpcid=95c2aaf5-751a-4498-9ee2-3baae689ca47&3rddpi=443164713&3rdpcid=5dz7sOrfr-b-ivzq4t-w5eLWpOH-ia_k69x_7oAn
Request Chain 57
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=856708&iiqidtype=2&iiqpcid=ee0092ae-5a5f-4631-ae6b-fcd8041d7862&iiqpciddate=1677496357414&tsrnd=979_1677496357477&jsver=5.32&abtp=100&abtg=A HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=856708&iiqidtype=2&iiqpcid=ee0092ae-5a5f-4631-ae6b-fcd8041d7862&iiqpciddate=1677496357414&tsrnd=979_1677496357477&jsver=5.32&abtp=100&abtg=A&ckls=true&ci=FvY3C8eyD0&nc=false&trid=-1557006047
Request Chain 58
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_yQJZMVii9y9ywf1whDfAAAAZ8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_yQJZMVii9y9ywf1whDfAAAAZ8AAAAB&dcc=t
Request Chain 59
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_yQJZMVii9y9ywf1whDfAAAAZ8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y_yQJZMVii9y9ywf1whDfAAAAZ8AAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFKZL7QEeElwUuEf9PQamEM&google_cver=1
Request Chain 60
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-yQJZMVii9y9ywf1whDfAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKHZWd3YZ-skhuZ_qcCVCrA&google_cver=1
Request Chain 61
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&expiration=1680088357&gdpr=0&gdpr_consent=
Request Chain 62
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=4DttiO1g2cKjJjyTXxBw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NCEOR2GSTZRM4ZGGS3KJJVHSVCYPBBHO HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NCEOR2GSTZRM4ZGGS3KJJVHSVCYPBBHO HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=4DttiO1g2cKjJjyTXxBw
Request Chain 63
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1947652079613187324&expiration=1678705957
Request Chain 64
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7f8e9ceb-6511-487e-8c35-63edb5b48f37&expiration=1709032357
Request Chain 65
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3536526977433063810
Request Chain 73
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 74
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=the33across&gdpr=0&user_id=RZ-d9UqcyaNeyZqvQpzWoEKVwqReysmhS5_V_0GM HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=95399994-aff6-43ee-92ed-ddbfaedd92c3 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=95399994-aff6-43ee-92ed-ddbfaedd92c3&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 75
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1677496357532.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=4ba863fc-9026-4f00-ba10-3f7d40998704
Request Chain 76
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-3Hbu1_dE2uE01R2MqrcaAlcrgOYpaOhg~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-3Hbu1_dE2uE01R2MqrcaAlcrgOYpaOhg%7EA&ts=1677496357&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 77
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=7f00194e9dec06a3&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAB6IXT8Pk5LQNw1knGAAAAAAA&expiration=1677582758&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB6IXT8Pk5LQNw1knGAAAAAAA&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 78
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2069069278710581256250 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2069069278710581256250&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 81
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=0.2.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=0.2.0&b=1&g=if6BcV%2BuV33VxMB9w2Y7lEm41YTphiJ7AZtZMFvU2ZM%3D
Request Chain 85
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=792a2bfe-ceb5-4d9a-84e8-969f30b991aa=&partner_id=3337&partner_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fta-usync%3Fuid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=792a2bfe-ceb5-4d9a-84e8-969f30b991aa=&partner_id=3337&partner_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fta-usync%3Fuid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%252Chttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fta-usync%25253Fuid%25253Deb644950-4fc1-4c1e-9446-9a6dcaa5c51c%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&ttd_puid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%2Chttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fta-usync%253Fuid%253Deb644950-4fc1-4c1e-9446-9a6dcaa5c51c%2C HTTP 302
  • https://router.infolinks.com/dyn/ta-usync?uid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c
Request Chain 102
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LEMQ0Q12-G-4PGH HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LEMQ0Q12-G-4PGH HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LEMQ0Q12-G-4PGH&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 116
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/wZfNeMt7z0TFNlf-cmR6VA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3lOcMVBE2oIhQR._TLgzcFxA_BfZtTOpzRcifQ--~A
Request Chain 117
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-ppvziUuQZuaZmaa2jE-CQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-ppvziUuQZuaZmaa2jE-CQ
Request Chain 118
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&gdpr=0&gdpr_consent=&expires=30
Request Chain 119
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVNUTBRMTItRy00UEdI
Request Chain 120
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTEyZTA2NjM3ZmVjZTBjNzk2MzhlZWI0NWJkNmYyOTZlNjJjMjNhYQ
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFCfVW2Uu951zF7SemXxxMk&google_cver=1
Request Chain 122
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEMQ0Q12-G-4PGH
Request Chain 174
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-C23KsfxE2uUEintKxC5wWNrrqlgbpyo-~A%26gdpr%3d0%26gdpr_consent%3d%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F58292%252Fsync%253F_origin%253D0%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2523PMUID%2526redir2%253Dtrue HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENU0Ui_GMfE_A761sz0EL6k&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2F36A4DC47814133B9133D3750DF1F20 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=&partnerID=156078&pmc=1&pr=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58292%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26uid%3D07070837-B4A5-4DBC-9184-35B09260FCDB%26redir2%3Dtrue&xid=y-C23KsfxE2uUEintKxC5wWNrrqlgbpyo-~A HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=&uid=07070837-B4A5-4DBC-9184-35B09260FCDB&redir2=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/07070837-B4A5-4DBC-9184-35B09260FCDB&gdpr=0
Request Chain 175
  • https://sync-tm.everesttech.net/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D&_test=Y-yQJwAAATRbfgAF HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=Y-yQJwAAATRbfgAF&_origin=0&gdpr=0&gdpr_consent=&_test=Y-yQJwAAATRbfgAF
Request Chain 176
  • https://um.simpli.fi/yahoo?_origin=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=2F36A4DC47814133B9133D3750DF1F20&_origin=0&gdpr=0&gdpr_consent=
Request Chain 177
  • https://ad.turn.com/r/cs?pid=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55939/sync?uid=2904119884902318991&_origin=0&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 178
  • https://pm.w55c.net/ping_match.gif?st=ONEMOBILE&gdpr=0&cs=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=ONEMOBILE&gdpr=0&cs=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent=
Request Chain 179
  • https://ssp-sync.criteo.com/user-sync/redirect?profile=73 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=
Request Chain 182
  • https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/y-_dy1_K5E2uIlED_hAFKaaLytFAMjE7Y-~A
Request Chain 183
  • https://c.bing.com/c.gif?Red3=OATHMS_pd HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/msn/37DE24F61C8E6E260F8636331D306FB2
Request Chain 184
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&_origin=0&gdpr=0&gdpr_consent=
Request Chain 185
  • https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-PyLcHodE2uFwVVTvd.tDTLGVZ5iDjw--~A&gdpr=0
Request Chain 187
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 201
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIwNDk3OTU3MTUyNDE2NDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEI1FTLw3BJsh4OhcWpcsjZU&google_cver=1
Request Chain 221
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c
Request Chain 222
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop HTTP 307
  • https://contextual.media.net/cksync.php?cs=1&ovsid=b8579d86-bf52-40e5-877d-327e64f26f54&type=loop&gdpr_consent=null&gdpr=0
Request Chain 223
  • https://contextual.media.net/cksync.php?cs=1&type=vzn&ovsid={{APID}}&redirect=https%3A%2F%2Fpixel.advertising.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%24UID HTTP 302
  • https://pixel.advertising.com/ups/58222/sync?_origin=1&uid=3204979571524164000V10 HTTP 301
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3204979571524164000V10
Request Chain 224
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKQ4aah-zHYF0JbrGUgi2F8&google_cver=1&google_push=Aa02lx_cIHx1gpcUG4wYD3d87LtCBG2z3NUm9eSQco4328ZFGeqKxTnatBEIPO5v81Kklcj4zmpOKzPFywJwxJUw9y2w1ywr4K2T HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=S6hj_JAmTwC6ED99QJmHBA&google_push=Aa02lx_cIHx1gpcUG4wYD3d87LtCBG2z3NUm9eSQco4328ZFGeqKxTnatBEIPO5v81Kklcj4zmpOKzPFywJwxJUw9y2w1ywr4K2T
Request Chain 225
  • https://um.simpli.fi/gp_match?google_gid=CAESEJJcs1wk6HGiuI8UHVh8oH0&google_cver=1&google_push=Aa02lx9mTAP6cB3px_WXlah7zELX2-83WH9yNH-FBKu9g18FvdxCbzpN_UkLbBcAga8MBO9iiBo1hqAIWFB-e8RY5NkMiY7VRRiD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F36A4DC47814133B9133D3750DF1F20&google_push=Aa02lx9mTAP6cB3px_WXlah7zELX2-83WH9yNH-FBKu9g18FvdxCbzpN_UkLbBcAga8MBO9iiBo1hqAIWFB-e8RY5NkMiY7VRRiD
Request Chain 226
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEHcHv1Gf9hsK3-YGQX0BTys&c_param1=Aa02lx-w2cM-3eyptvhk_235ptBtm5MInoZgrd-2M5MF6PB92Bd0w4uTBTeV1O1oyOsIbWay38uAjEqyE7idbj_em9Avs5roo7k&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aa02lx-w2cM-3eyptvhk_235ptBtm5MInoZgrd-2M5MF6PB92Bd0w4uTBTeV1O1oyOsIbWay38uAjEqyE7idbj_em9Avs5roo7k
Request Chain 227
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECsPfuMlzDJz0sZYakq8bAY&google_cver=1&google_push=Aa02lx9MwosDPLKx2m7YhziCo75nmfPp6tDm6ecsPfIyf7I4TJlnOf8umjCMyezNqUb1Bl6gi_wqXiPdy_CxIXhcUCkMK1hOGyoV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk0NzY1MjA3OTYxMzE4NzMyNA&google_push=Aa02lx9MwosDPLKx2m7YhziCo75nmfPp6tDm6ecsPfIyf7I4TJlnOf8umjCMyezNqUb1Bl6gi_wqXiPdy_CxIXhcUCkMK1hOGyoV
Request Chain 228
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEA-APGgQn97Om1w9y7bf9yA&google_cver=1&google_push=Aa02lx9OwV-fo7c4LwGDgbAMXANOvQsJNVUcZboKgnPHmI9aOKvpFRvY3DweSLQCGDcKqPMVyoJ6koH3lVGimzueJjY4GsTxk3LY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=L1ZOYqHQQcRqpmXCogLXkSaEdkk&google_push=Aa02lx9OwV-fo7c4LwGDgbAMXANOvQsJNVUcZboKgnPHmI9aOKvpFRvY3DweSLQCGDcKqPMVyoJ6koH3lVGimzueJjY4GsTxk3LY
Request Chain 229
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFo-23L0TXQXfWlBBFDT-fU&google_cver=1&google_push=Aa02lx95J1rRRLgFFOgw-dv1yY3jeBSxWR-c1MR2PDvdpP44gWtWnhDWpjH7PA-T-8r2eZoWBGLHo93Mmb_dmTE2RiZQaRXaZ3anTA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx95J1rRRLgFFOgw-dv1yY3jeBSxWR-c1MR2PDvdpP44gWtWnhDWpjH7PA-T-8r2eZoWBGLHo93Mmb_dmTE2RiZQaRXaZ3anTA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 230
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHy3IR1a6I9KeoZrIRJQKNo&google_cver=1&google_push=Aa02lx8PhUcntfw6M4_qvEANKODjlnLhO-XbXJ_TPcKRlLwic3wsP9vQrOvJiYlNMO7GTq1tCmS7jRt6g9xPRlnD1yhaKR4uxDI1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MmM3YmVhZDUtNWU4Zi00NzJhLTkyZmYtNjA3MDVlN2JmN2M4&google_push=Aa02lx8PhUcntfw6M4_qvEANKODjlnLhO-XbXJ_TPcKRlLwic3wsP9vQrOvJiYlNMO7GTq1tCmS7jRt6g9xPRlnD1yhaKR4uxDI1 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

278 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cubdomain.com/
Redirect Chain
  • http://cubdomain.com/
  • https://cubdomain.com/
26 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cubdomain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
250154aaeb73807135d81c49d02c5729d258ae19f7d22bc24ce017ccc0ee2893
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7a007c814ec99ae5-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 27 Feb 2023 11:12:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfYYYmsBZH2L590hISQ3%2BFh3sHTMzSAUTwbh4huUDr7qroCNlqOCxrr255Ukc%2F4mhi%2Ba81YZFtfvSDjd9NpGbm5deNNXY52LZvxIpPgnMojFHvhXtw8NCWcDznIIu2CDoQKOoW%2FBvcXa2iU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
ASP.NET

Redirect headers

CF-RAY
7a007c807befdae5-MIA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 27 Feb 2023 11:12:35 GMT
Expires
Mon, 27 Feb 2023 12:12:35 GMT
Location
https://cubdomain.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BE%2BQAt4rdPnArEvx7jRjdgXc7scuHo5Qztr%2B2QU%2FgZ3aCV6YjvZyE50jeUsWn%2FBPJUkzIeWd412CHwYTHduCKIcGTdeUJG0BAn4OmC65OKQGUUTWE0AHN9QvUs3%2BOpQxaDF09XMA%2FlVWgA%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Server-Timing
cf-q-config;dur=5.0000016926788e-06
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
leaflet.min.css
cdn.jsdelivr.net/combine/npm/bootstrap@5/dist/css/bootstrap.min.css,npm/leaflet@1/dist/ 		201 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/combine/npm/bootstrap@5/dist/css/bootstrap.min.css,npm/leaflet@1/dist/leaflet.min.css
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
87a9bb2c0d13183c255aa63e939708206dc2a91d6f0dc97b5ee4a76a2aefd95b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 11:12:36 GMT
age
9920
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30446
x-served-by
cache-fra-eddf8230088-FRA, cache-fty21334-FTY
etag
W/"325cd-gaW/WwF4i69uoEnSU/EQP+xyb48"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3083218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10480
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOs25OxiAn6ae5bBTsrbbW7Y7E1lMAyBur5fPK1Ng4BvZ2y3ZPDV3kg5j97oc9tp82mWtxspzSMtTLSMiQ6DKHgnEi0fbsvngggJEhNuOQkurIKBm5I1pV9AcjY8YNIz%2B9S0c3qBtSK9uW4KafqxoVTi"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a007c830ce502a4-MIA
expires
Sat, 17 Feb 2024 11:12:36 GMT
cd.min.css
cubdomain.com/bundle/css/ 		91 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cubdomain.com/bundle/css/cd.min.css?v=3h-SLIKvg_RkzNaCmrmcKDft3a_D0Qen0aroYp5v_VM
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
de1f922c82af83f464ccd6829ab99c2837edddafc3d107a7d1aae8629e6ffd53
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sun, 10 Jul 2022 21:30:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"1d894a450e3ed2f"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Rv8sidApKXkX2%2FDc32r6otuw9PiYb6%2B%2FcuOTbcbOyp9iOwI0%2F24HdmbsCkx%2FE3VK%2FdCLocmSM0gSi9m2RpyEz%2FW3q15Q2mLnp8O373xKg1VA%2FPEUlrV%2BLt5%2BHibX9vXTC5Mr3r8kGC5vME%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7a007c82880e9ae5-MIA
cubdomain-logo.png
www.cubdomain.com/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cubdomain.com/img/cubdomain-logo.png
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8e9ada2895b99605f44e4b301b8490ae5ae54646646411c5958daf428271f5f9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1182690
cf-polished
origSize=15592
x-powered-by
ASP.NET
content-length
8270
cf-bgj
imgq:100,h2pri
last-modified
Fri, 18 Jan 2019 01:38:54 GMT
server
cloudflare
etag
"1d4aece9234b7e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPwKZIkeC65f1CNb%2B%2FPXFcCcxAIoWXM20cytFCEmHYuvOo0ClJ6YFow5vq3lR7wOO%2BIXlKadvT%2BYgGvljZol39uTEIqLlQ0BekX095D%2F%2F83Os5vkqvrqc9JAiXAQ1XHfc5x2XErA6enQ7lrSq8ro"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7a007c82c8499ae5-MIA
rocket-loader.min.js
cubdomain.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cubdomain.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 22 Feb 2023 10:50:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"63f5f393-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfM4Fut2Ka1JIXgNN1nw1tNa5y3z6NKQW8c5Q6AEdmt9PwXYWkXRHRJRBS9tokwpDVOvy3tG6%2Fd7hxi1saEsYU1k4kgkKvlXIql5voeYm%2FQjz0tqYb0sgrzW9WTovP2YcmeTGfSeD1GdPDs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7a007c82b83a9ae5-MIA
expires
Wed, 01 Mar 2023 11:12:36 GMT
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://cubdomain.com/
Origin
https://cubdomain.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:36 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7a007c833a86db2d-MIA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7560742c44ea24b691ef049a0005069451550e1aaed824ad1099c47dbdeabc58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
cafe
etag
2970134564437248605
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 27 Feb 2023 11:12:36 GMT
infolinks_main.js
resources.infolinks.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
976021ffdea6b4b2d2696bb52429baed6d49ff320bf3c38fbd07159107ca822c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:36 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 27 Feb 2023 09:56:43 GMT
server
cloudflare
age
4549
etag
W/"eb8-5f5ab7f15d163"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7a007c857c7802dc-MIA
expires
Mon, 27 Feb 2023 10:56:47 GMT
home.min.js
cubdomain.com/bundle/js/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cubdomain.com/bundle/js/home.min.js?v=1rnY_rY0as2wX4HVdRGhwFFCviV43hYxniAjrDXgeKE
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d6b9d8feb6346acdb05f81d57511a1c05142be2578de16319e2023ac35e078a1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sun, 10 Jul 2022 21:30:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"1d894a450e20b7b"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXfkL7WkvnqC1PlAnCbKNNdoRb7byxJmStqMwfYWRixz7dwqjPG80z%2F3Z%2BVmLqlskpI9qfIUaRBeiEnb9y%2Fh2WyWlTTJGczsrKSyuF1mdaqw0b07qEs817%2BOoU57JaaVUUQrbXluGEFUhHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7a007c84fa1b9ae5-MIA
pgwbrowser@1
cdn.jsdelivr.net/combine/npm/jquery@3,npm/bootstrap@5,npm/chart.js@3,npm/moment@2,npm/leaflet@1,npm/ 		552 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/combine/npm/jquery@3,npm/bootstrap@5,npm/chart.js@3,npm/moment@2,npm/leaflet@1,npm/pgwbrowser@1
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3870100cd42756d2731a2cc67f0e7ac14e9ca449caf10d4669259bffde8f50cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 11:12:36 GMT
age
9919
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
176851
x-served-by
cache-fra-eddf8230110-FRA, cache-fty21334-FTY
etag
W/"89f43-M/AFk6VpxT4A1F+f8tqPW7XB4t0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
661712cc67306e9cf1b385985e9c3fb900acc13c34e23ee89fdaf9723206ae7a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de698f771f908f6249a14b16e6c5e46c7bb7fd7477be0d48253a6c27481eb7e6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
https://cubdomain.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:36 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
351435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76764
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-12bdc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nD9rGfpz3zhs0lUSb6YiwCd1KQWs7Fun%2FDWlto0qaIwBcABm%2BiM4gtG0Pwo%2BQGm45CSLAcENwkzGppDZ5YuWs7NQrpzR7PzEGzA9HFWWwQPjuk%2B5UtrGNA06Rh41gbbMEOsULV5ZaiVJ%2Bq5nE7j5vOf7"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a007c8559c73360-MIA
expires
Sat, 17 Feb 2024 11:12:36 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
https://cubdomain.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:36 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2799974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78196
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-13174"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lw4kIpBQK85bdZB0UYwvz2CZJtLzEMma9pE%2FtMWxpMEQabfEVm2qyPZPINIAHoEjJkL6wGFbWl2Y7TTGbLEMSr4TDKhqPmZkBh8Sgjr%2FVXfkogsJU0dGJuYjQikonMYKBdIVu2XnryPlJ1INK55NYa5j"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a007c8559c93360-MIA
expires
Sat, 17 Feb 2024 11:12:36 GMT
ice.js
resources.infolinks.com/js/1849.013-3.025/ 		184 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1849.013-3.025/ice.js
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdef8ba28a5e3388b3badb8033a822d8ee556009f2a459eda35d548c53d8b0e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 18 Feb 2023 09:28:39 GMT
server
cloudflare
age
5763
etag
W/"2df91-5f4f60e1f1f7c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7a007c878e1d02dc-MIA
expires
Wed, 29 Mar 2023 09:36:34 GMT
gtm.js
www.googletagmanager.com/ 		160 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MCJ89XN
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c885ec1530556254f332ebcc5cdc91fc5972e010c676aeccfdc908ea1a3197b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60429
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Feb 2023 11:12:37 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 		365 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d406c2499361ef01cef5ec8080cc790dc40b652a6d5c7bf8394ed4d181c27300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122918
x-xss-protection
0
server
cafe
etag
1910215726132071384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Feb 2023 11:12:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame BB7D 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cubdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
69638
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 Feb 2023 15:51:59 GMT
etag
10353107486223812946
expires
Sun, 12 Mar 2023 15:51:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
cubdomain.com/cdn-cgi/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cubdomain.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cubdomain.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
application/json

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://cubdomain.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7a007c87ed829ae5-MIA
manage
router.infolinks.com/usync/ Frame FFA9 		10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6aa46624952dfb4770ded49db06e2e6971ed23667d5d68b00ca4e52e2318f29

Request headers

Referer
https://cubdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
7a007c888ed002dc-MIA
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 27 Feb 2023 11:12:37 GMT
p3p
CP="NON DSP NID OUR COR"
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		282 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72ca4da1c91950c05d19d69b666b5bfb900212b7376b15d63d782f5ab6fa62b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript;charset=ISO-8859-1
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
7a007c888ed202dc-MIA
gsd
router.infolinks.com/ 		334 B
498 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F&jsv=1849.013-3.025&_cb=16774963571860
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4bfd6c256cf83ea7eac1b74ecf751d3c58a24712c3f256ebd066c441faa338

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript;charset=UTF-8
p3p
CP="NON DSP NID OUR COR"
cache-control
max-age=0
cf-ray
7a007c888ed302dc-MIA
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
hde.tynt.com/deb/ Frame 380C
Redirect Chain
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
  • https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e05965fdb8bf7540aee38cc02360bd6379bdbc3f09e7150b477427b57d4d5fc5

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1392
content-type
text/html
date
Mon, 27 Feb 2023 11:12:37 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 27 Feb 2023 11:12:36 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
usermatch
ssum-sec.casalemedia.com/ Frame 79A7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
2 KB
840 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6f246a4b7046c8b5717872c7cb37e57f3db3e619e79bf1c8a4b07a557036211

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7a007c8a1cda2293-MIA
content-encoding
br
content-type
text/html
date
Mon, 27 Feb 2023 11:12:37 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSkK%2FtR%2FDWJMpOCIi6aGKKUY1KYewUA5DpLUyjjG4YYo2K%2BFwCPTr2xvUKpVDRSJm%2F2R6TFldvm%2BYZHmOkAWiK2J35zwTFWBavG3cy5rPv8jbQqKEqKNjqOYLDxMTFJffvB0kjM%2FSWNpiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7a007c899c3a2293-MIA
content-length
0
date
Mon, 27 Feb 2023 11:12:37 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulcfxIT%2ByMdXFGvww6TdR0o1oTq8ep%2Bkc4Zbmwmi19FH8ViP%2BSjpFPKoSKJK1wATwz%2FYSmWvsbSJAuytI66MRnKaXPGQFIkf39558%2FRrmWEFDWc7oQ4FfaCDIcMvyVhMeMqMAxuK%2FjeUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame C32E 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://router.infolinks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
receive
pixel.tapad.com/idsync/ex/ Frame FFA9
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDcwNzA4MzctQjRBNS00REJDLTkxODQtMzVCMDkyNjBGQ0RC&gdpr=-1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDcwNzA4MzctQjRBNS00REJDLTkxODQtMzVCMDkyNjBGQ0RC&gdpr=-1&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D07070837-B4A5-4DBC-9184-35B09260FCDB
  • https://router.infolinks.com/dyn/pbm-usync?uid=07070837-B4A5-4DBC-9184-35B09260FCDB
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3356&partner_device_id=07070837-B4A5-4DBC-9184-35B09260FCDB
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Deb644950-4fc1-4c1e-9446-9a6dcaa5c51c%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3536526977433063810&pt=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3536526977433063810&pt=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%2C%2C
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Date
Mon, 27 Feb 2023 11:12:38 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dc05e9df-14c0-4fef-940f-1d309b8e4406
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=3536526977433063810&pt=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%2C%2C
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apn-usync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=3536526977433063810
35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=3536526977433063810
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8be96702dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:37 GMT

Redirect headers

Date
Mon, 27 Feb 2023 11:12:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b29f218f-83c2-4c0b-b29b-7ec7e3749d61
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://router.infolinks.com/dyn/apn-usync?user_id=3536526977433063810
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ox-usync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
  • https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
  • https://router.infolinks.com/dyn/ox-usync?uid=95c2aaf5-751a-4498-9ee2-3baae689ca47
35 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ox-usync?uid=95c2aaf5-751a-4498-9ee2-3baae689ca47
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8a988102dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:37 GMT

Redirect headers

date
Mon, 27 Feb 2023 11:12:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://router.infolinks.com/dyn/ox-usync?uid=95c2aaf5-751a-4498-9ee2-3baae689ca47
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
receive
pixel.tapad.com/idsync/ex/ Frame FFA9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
  • https://router.infolinks.com/dyn/VR-usync?uid=y-4fSiImlE2uH5oe3TYae.Aml0KBMVJx6HqiNZdKU-~A
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3399&partner_device_id=y-4fSiImlE2uH5oe3TYae.Aml0KBMVJx6HqiNZdKU-~A
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3399&partner_device_id=y-4fSiImlE2uH5oe3TYae.Aml0KBMVJx6HqiNZdKU-~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&ttd_puid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&ttd_puid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%2C%2C
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&ttd_puid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
ur-usync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1677496357454
  • https://ad.turn.com/r/cs?pid=45&rndcb=5147515765
  • https://sync.1rx.io/usersync/turn/2904119884902318991?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fur-usync%3Fuid%3DRX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005
  • https://router.infolinks.com/dyn/ur-usync?uid=RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005
35 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ur-usync?uid=RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8e4b1102dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:38 GMT

Redirect headers

Date
Mon, 27 Feb 2023 11:12:38 GMT
Server
Tengine
ETag
RXf9c8a9773eac45209328a23b4443e8b0005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://router.infolinks.com/dyn/ur-usync?uid=RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005
Content-Type
text/html
Connection
keep-alive
zmn-usync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=4DttiO1g2cKjJjyTXxBw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TN...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TPOV2GK4RONFXGM33MNFXGW4ZOMNXW2L3EPFXC66TNNYWXK43ZNZRT6ZLYMNUGC3THMU6WS3TGN5WGS3TLOMTHK2LEHU2EI5DUNFHTCZZSMNFWUSTKPFKFQ6CCO4
  • https://router.infolinks.com/dyn/zmn-usync?uid=4DttiO1g2cKjJjyTXxBw
35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=4DttiO1g2cKjJjyTXxBw
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8deac102dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:38 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:38 GMT
Content-Type
text/html; charset=utf-8
Location
https://router.infolinks.com/dyn/zmn-usync?uid=4DttiO1g2cKjJjyTXxBw
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
90
Expires
Thu, 01 Dec 1994 16:00:00 GMT
tplift
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID
  • https://router.infolinks.com/dyn/tplift?uid=2800704551102332073957
35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/tplift?uid=2800704551102332073957
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8d5a5d02dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:37 GMT

Redirect headers

location
https://router.infolinks.com/dyn/tplift?uid=2800704551102332073957
date
Mon, 27 Feb 2023 11:12:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sonobi-usync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
  • https://router.infolinks.com/dyn/sonobi-usync?uid=db31c910-5a7c-4fd8-80e1-a65a20682c2c
35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sonobi-usync?uid=db31c910-5a7c-4fd8-80e1-a65a20682c2c
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8b18e702dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:37 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:37 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-142
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://router.infolinks.com/dyn/sonobi-usync?uid=db31c910-5a7c-4fd8-80e1-a65a20682c2c
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
imd-usync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://router.infolinks.com/dyn/imd-usync?user_id=0443a9dc-4194-45f8-8e89-ed394c1dc14f&partner_id=1531
35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/imd-usync?user_id=0443a9dc-4194-45f8-8e89-ed394c1dc14f&partner_id=1531
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8bd96402dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:37 GMT

Redirect headers

location
https://router.infolinks.com/dyn/imd-usync?user_id=0443a9dc-4194-45f8-8e89-ed394c1dc14f&partner_id=1531
access-control-allow-origin
*
date
Mon, 27 Feb 2023 11:12:37 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
outh-usync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://router.infolinks.com/dyn/outh-usync?uid=y-TKbLVsxE2uH04VogSxOMR7z2BgbLOmFX~A
35 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-TKbLVsxE2uH04VogSxOMR7z2BgbLOmFX~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8b18e902dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:37 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-TKbLVsxE2uH04VogSxOMR7z2BgbLOmFX~A
date
Mon, 27 Feb 2023 11:12:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sovrn-usync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
  • https://router.infolinks.com/dyn/sovrn-usync?uid=GOfACLZHW2bggVphS0qDYIgo
35 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=GOfACLZHW2bggVphS0qDYIgo
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8e4b0f02dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:38 GMT

Redirect headers

Date
Mon, 27 Feb 2023 11:12:37 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=GOfACLZHW2bggVphS0qDYIgo
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usersync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D07070837-B4A5-4DBC-9184-35B09260FCDB
  • https://router.infolinks.com/dyn/usersync?pmuservalue=07070837-B4A5-4DBC-9184-35B09260FCDB
0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/usersync?pmuservalue=07070837-B4A5-4DBC-9184-35B09260FCDB
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
7a007c8d5a5c02dc-MIA
content-length
0

Redirect headers

location
https://router.infolinks.com/dyn/usersync?pmuservalue=07070837-B4A5-4DBC-9184-35B09260FCDB
date
Mon, 27 Feb 2023 11:12:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
mnet-usync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
  • https://router.infolinks.com/dyn/mnet-usync?uid=3204979571524164000V10
35 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/mnet-usync?uid=3204979571524164000V10
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8daa9802dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:38 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:37 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://router.infolinks.com/dyn/mnet-usync?uid=3204979571524164000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 27 Feb 2023 11:12:37 GMT
ur-usync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=infolinks
  • https://ad.turn.com/r/cs?pid=45&rndcb=7305892664
  • https://sync.1rx.io/usersync/turn/2904119884902318991?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fur-usync%3Fuid%3DRX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005
  • https://router.infolinks.com/dyn/ur-usync?uid=RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005
35 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ur-usync?uid=RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8eab4102dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:38 GMT

Redirect headers

Date
Mon, 27 Feb 2023 11:12:38 GMT
Server
Tengine
ETag
RXf9c8a9773eac45209328a23b4443e8b0005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://router.infolinks.com/dyn/ur-usync?uid=RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005
Content-Type
text/html
Connection
keep-alive
qc-usync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
  • https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=5dz7sOrfr-b-ivzq4t-w5eLWpOH-ia_k69x_7oAn
35 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=5dz7sOrfr-b-ivzq4t-w5eLWpOH-ia_k69x_7oAn
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8daa9602dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:38 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://router.infolinks.com/dyn/qc-usync?gdpr=0&uid=5dz7sOrfr-b-ivzq4t-w5eLWpOH-ia_k69x_7oAn
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
zeta-usync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=969470211960384216
35 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=969470211960384216
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8e4b1002dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:38 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=969470211960384216
Date
Mon, 27 Feb 2023 11:12:38 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
disus
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fdisus%3Fuid%3D%24UID&partner=infolinks
  • https://router.infolinks.com/dyn/disus?uid=ua-aefe1d9d-5cb9-390d-b220-8eb7a3e11275
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/disus?uid=ua-aefe1d9d-5cb9-390d-b220-8eb7a3e11275
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c912d0502dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:38 GMT

Redirect headers

location
https://router.infolinks.com/dyn/disus?uid=ua-aefe1d9d-5cb9-390d-b220-8eb7a3e11275
pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
cache-control
no-store
content-length
0
expires
0
33a-usync
router.infolinks.com/dyn/ Frame FFA9
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
  • https://router.infolinks.com/dyn/33a-usync?uid=212088524569228
35 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/33a-usync?uid=212088524569228
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8e4b1202dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:38 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://router.infolinks.com/dyn/33a-usync?uid=212088524569228
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame FFA9
Redirect Chain
  • https://router.infolinks.com/dyn/iq-usync
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=792a2bfe-ceb5-4d9a-84e8-969f30b991aa&3rddpi=2023874098&3rdpcid=Y-yQJZMVii9y9ywf1whDfAAA%26415&3rddpi=...
43 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=792a2bfe-ceb5-4d9a-84e8-969f30b991aa&3rddpi=2023874098&3rdpcid=Y-yQJZMVii9y9ywf1whDfAAA%26415&3rddpi=1639354730&3rdpcid=y-TKbLVsxE2uH04VogSxOMR7z2BgbLOmFX%7EA&3rddpi=1213503647&3rdpcid=y-4fSiImlE2uH5oe3TYae.Aml0KBMVJx6HqiNZdKU-%7EA&3rddpi=1239766150&3rdpcid=95c2aaf5-751a-4498-9ee2-3baae689ca47&3rddpi=443164713&3rdpcid=5dz7sOrfr-b-ivzq4t-w5eLWpOH-ia_k69x_7oAn
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Server
2600:9000:2510:b000:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
2w9ExgA-tVH58k4FfMHknUeh1E967PWeLejrFJ2bn9nkokAHHCxECg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1509139146&pcid=792a2bfe-ceb5-4d9a-84e8-969f30b991aa&3rddpi=2023874098&3rdpcid=Y-yQJZMVii9y9ywf1whDfAAA%26415&3rddpi=1639354730&3rdpcid=y-TKbLVsxE2uH04VogSxOMR7z2BgbLOmFX%7EA&3rddpi=1213503647&3rdpcid=y-4fSiImlE2uH5oe3TYae.Aml0KBMVJx6HqiNZdKU-%7EA&3rddpi=1239766150&3rdpcid=95c2aaf5-751a-4498-9ee2-3baae689ca47&3rddpi=443164713&3rdpcid=5dz7sOrfr-b-ivzq4t-w5eLWpOH-ia_k69x_7oAn
cache-control
no-store
cf-ray
7a007c8e1ae602dc-MIA
content-length
0
doq.htm
rt3019.infolinks.com/action/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3019.infolinks.com/action/doq.htm?pcode=utf-8&r=16774963573091
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
187616f8eb5502e776504cbb8117a768a15e38154007b6e22e5150a10191b9e6

Request headers

Referer
https://cubdomain.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://cubdomain.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-language
en-US
cf-ray
7a007c89dc3d3341-MIA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
iqusync-1.22.min.js
resources.infolinks.com/static/usync/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/usync/iqusync-1.22.min.js
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/lcmanage?pid=3316507&wsid=0&pdom=cubdomain.com&purl=https%3A%2F%2Fcubdomain.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc9c4e8af7e8cd21e77fef4dc6e94a70e2344a30753ef52f1b155703cd435f77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 13:25:02 GMT
server
cloudflare
age
5918
etag
W/"c93-5f494c6433a6a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7a007c894f8402dc-MIA
expires
Wed, 29 Mar 2023 09:33:59 GMT
cookie.js
partner.googleadservices.com/gampad/ 		393 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=cubdomain.com&callback=_gfp_s_&client=ca-pub-1887252086442101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53e6457b5c17de96b796b245329fb9cc366ac189b5ae125ab7d2feefb6ea2033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
250
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cubdomain.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 33BB 		249 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&adk=1812271804&adf=3025194257&lmt=1677496357&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x540_l%7C140x540_r&format=0x0&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357062&bpp=9&bdt=832&idt=276&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7342740357682&frm=20&pv=2&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=305
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf8676faa0ff47dfbe6fbc792c2a06f37ea12d5176a2dbf35b404e8270d0e146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cubdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
67282
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 11:12:38 GMT
expires
Mon, 27 Feb 2023 11:12:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fda429d756b94c06bc7d1fb1dbf0db55c787d5fa9fe964337b7cfc182f994d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11193
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F7FD 		103 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&h=280&adk=1213588912&adf=2069133333&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1677496357&rafmt=1&to=qs&pwprc=1302010343&format=1200x280&url=https%3A%2F%2Fcubdomain.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357071&bpp=2&bdt=840&idt=312&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7342740357682&frm=20&pv=1&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sGAMTXv0m7&p=https%3A//cubdomain.com&dtd=318
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c341fb0279a57b07355442b158ab9aabadc74b573991db0c5f07c534d7172520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cubdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
34712
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 11:12:38 GMT
expires
Mon, 27 Feb 2023 11:12:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		292 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1509139146&pt=17&dpn=1&idtype=0&pcid=792a2bfe-ceb5-4d9a-84e8-969f30b991aa&iiqidtype=2&iiqpcid=ee0092ae-5a5f-4631-ae6b-fcd8041d7862&iiqpciddate=1677496357414&dbsaved=true&fbp=646215241
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.22.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.39.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-39-8.ewr53.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
a04105cc96823158c335004dc7c4480f70424711517aa81cd753a29c2417279b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 b7d10369ae737ec35cf8d7faced56ef0.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://cubdomain.com
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
sCCP7D47MEXG1ZI7af1Euw8aZzpPfHRFGckIKjTeHxf22ToOpE6vTg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
iquid.js
resources.infolinks.com/static/ 		51 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/iquid.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.22.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bb23de30daa7e81e2fafc5d2fbcada4b6fefc10c3251661952a341d6864aa8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 12 Jan 2023 10:55:02 GMT
server
cloudflare
age
3186
etag
W/"cdcf-5f20ef2efeb40"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7a007c89f81d02dc-MIA
expires
Wed, 29 Mar 2023 10:19:31 GMT
ima.js
cdn-ima.33across.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/usync/iqusync-1.22.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cc86861c8349bf926ab5460a0cbd3ed9196006f30160a29e86f23061ab10fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 18:29:43 GMT
server
cloudflare
age
57511
etag
W/"63d95e17-5729"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7a007c8af997da6f-MIA
expires
Tue, 28 Feb 2023 11:12:37 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCJ89XN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 10:47:24 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1513
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 27 Feb 2023 12:47:24 GMT
6x76cn33lg
www.clarity.ms/tag/ 		542 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/6x76cn33lg?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCJ89XN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e52250e8324836d5c9182ee9946de5f2e4d43dc69bebf32c8eddb5dcc15275dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
application/x-javascript
date
Mon, 27 Feb 2023 11:12:37 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0JZD8YwAAAADM+vszGL5CRqpdKJolrJ3KTUlBRURHRTIyMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
js
www.googletagmanager.com/gtag/ 		216 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M2DR8J2TD3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MCJ89XN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
125920c62731ed3aaf1b7a3ee0d304ac5cab2d83381a012022bd207486460fb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77843
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 Feb 2023 11:12:37 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		92 B
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=328512134&pt=17&dpn=1&jsver=5.32&iiqidtype=2&iiqpcid=ee0092ae-5a5f-4631-ae6b-fcd8041d7862&iiqpciddate=1677496357414&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=168_1677496357476&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/iquid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.39.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-39-8.ewr53.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
87668d5e2a485f0f503da6e87ae30b8ac218985583c7862035cb6bf1f190e90a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 b7d10369ae737ec35cf8d7faced56ef0.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://cubdomain.com
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
i5PpVNt-yWVaSJOB0YppCyXOVQRXBuWQo3mTZBSoSvsza6jdqHfZBA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=856708&iiqidtype=2&iiqpcid=ee0092ae-5a5f-4631-ae6b-fcd8041d7862&iiqpciddate=1677496357414&tsrn...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=856708&iiqidtype=2&iiqpcid=ee0092ae-5a5f-4631-ae6b-fcd8041d7862&iiqpciddate=1677496357414&tsr...
43 B
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=856708&iiqidtype=2&iiqpcid=ee0092ae-5a5f-4631-ae6b-fcd8041d7862&iiqpciddate=1677496357414&tsrnd=979_1677496357477&jsver=5.32&abtp=100&abtg=A&ckls=true&ci=FvY3C8eyD0&nc=false&trid=-1557006047
Protocol
H2
Server
18.164.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-113.jfk50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 07f7cebee7fc49278f602ad96f5f6790.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
fs7riifchNS3CV4HMC_RHE03CpbjPCUGDgqkLV8As70nkXTO1njCug==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=328512134&rnd=856708&iiqidtype=2&iiqpcid=ee0092ae-5a5f-4631-ae6b-fcd8041d7862&iiqpciddate=1677496357414&tsrnd=979_1677496357477&jsver=5.32&abtp=100&abtg=A&ckls=true&ci=FvY3C8eyD0&nc=false&trid=-1557006047
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
prJHNfiKVrDmopRgcE7rZ1dMz1c99j80BxecvABAHKoAoKaB_ARTUw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 79A7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_yQJZMVii9y9ywf1whDfAAAAZ8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_yQJZMVii9y9ywf1whDfAAAAZ8AAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_yQJZMVii9y9ywf1whDfAAAAZ8AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6D6SVCVYS8MF1KCZW4R9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R7RMH90GFDAY1MN87GYK
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_yQJZMVii9y9ywf1whDfAAAAZ8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 79A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_yQJZMVii9y9ywf1whDfAAAAZ8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y_yQJZMVii9y9ywf1whDfAAAAZ8AAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFKZL7QEeElwUuEf9PQamEM&google_cver=1
43 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFKZL7QEeElwUuEf9PQamEM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6B6%2F09AQkbAFjFo5JzgIFGpNLZMuDptiAHmFoilza3cze3WVDn7AwTEWAUNsu6czfdp3qguhAZM333M52Qb1MinXBj8J069%2FixUBTO34A1%2BRib92%2BNaGPBN9G7rn%2FBCgZp6ohP9Lu6gDLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7a007c8d4ea70341-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFKZL7QEeElwUuEf9PQamEM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 79A7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-yQJZMVii9y9ywf1whDfAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKHZWd3YZ-skhuZ_qcCVCrA&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKHZWd3YZ-skhuZ_qcCVCrA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKHZWd3YZ-skhuZ_qcCVCrA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 79A7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&expiration=1680088357&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&expiration=1680088357&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&expiration=1680088357&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 79A7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=4DttiO1g2cKjJjyTXxBw&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NCEOR2GS...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=4DttiO1g2cKjJjyTXxBw
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=4DttiO1g2cKjJjyTXxBw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:37 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=4DttiO1g2cKjJjyTXxBw
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 79A7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1947652079613187324&expiration=1678705957
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1947652079613187324&expiration=1678705957
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1947652079613187324&expiration=1678705957
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 79A7
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7f8e9ceb-6511-487e-8c35-63edb5b48f37&expiration=1709032357
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7f8e9ceb-6511-487e-8c35-63edb5b48f37&expiration=1709032357
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=7f8e9ceb-6511-487e-8c35-63edb5b48f37&expiration=1709032357
Date
Mon, 27 Feb 2023 11:12:37 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
crum
dsum.casalemedia.com/ Frame 79A7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3536526977433063810
43 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3536526977433063810
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UecSb3ixJYjJEYI%2BY8HT%2BpKdUftINjEzpxpvNL0kX8JCuj%2BP3I8utz2Zg6XQSdE42MV%2B01bYIZRkXEQNFdHKDuzqTTCjKr6RxYxhD0DfQ9ZbBWTMLXWbpdufo2xOTpu5Cd%2FwXnN%2B"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7a007c8d0f63336d-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 27 Feb 2023 11:12:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
594dec62-76be-441d-834e-a6498dd6cd5b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3536526977433063810
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ix-usync
router.infolinks.com/dyn/ Frame 79A7 		35 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=Y-yQJZMVii9y9ywf1whDfAAA%26415
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8af8c802dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:37 GMT
in_search.js
resources.infolinks.com/js/1849.013-3.025/ 		222 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1849.013-3.025/in_search.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7e24f5c06a55071ace58890ae968f2437d29f0332718689b5e086e55db291c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 18 Feb 2023 09:28:39 GMT
server
cloudflare
age
5654
etag
W/"37760-5f4f60e1f1b94"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7a007c8af8cb02dc-MIA
expires
Wed, 29 Mar 2023 09:38:23 GMT
bubble.js
resources.infolinks.com/js/1849.013-3.025/ 		156 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1849.013-3.025/bubble.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c17497c704b79b84614b5319952fd19919e6649b959ecff2eacb77283f348d5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 18 Feb 2023 09:28:39 GMT
server
cloudflare
age
2128
etag
W/"26f1b-5f4f60e1f1b94"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7a007c8af8cd02dc-MIA
expires
Wed, 29 Mar 2023 10:37:09 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ca69c8dc0ab18c0a31c2b04b837bc181aeb875a2f592fb1d48a1638c4358952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123572
x-xss-protection
0
expires
Mon, 27 Feb 2023 11:12:37 GMT
pbice.js
resources.infolinks.com/js/pbice/3.025/ 		279 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/pbice/3.025/pbice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 30 Jun 2021 09:40:59 GMT
server
cloudflare
age
6062
etag
W/"45adc-5c5f8851c3ea8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7a007c8af8ce02dc-MIA
expires
Wed, 29 Mar 2023 09:31:35 GMT
container-1.0.html
resources.infolinks.com/static/ Frame 4420 		430 B
434 B 		Document
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/container-1.0.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678

Request headers

Referer
https://cubdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
11344
cache-control
max-age=2592000
cf-cache-status
HIT
cf-ray
7a007c8b18e602dc-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 27 Feb 2023 11:12:37 GMT
expires
Wed, 29 Mar 2023 08:03:33 GMT
last-modified
Wed, 17 Nov 2021 13:25:02 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Feb 2023 11:12:37 GMT
usync.html
eus.rubiconproject.com/ Frame C8C0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 27 Feb 2023 11:12:37 GMT
etag
"40010-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 27 Feb 2023 11:12:37 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
match
events-ssc.33across.com/ Frame 380C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=the33across&gdpr=0&user_id=RZ-d9UqcyaNeyZqvQpzWoEKVwqReysmhS5_V_0GM
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=95399994-aff6-43ee-92ed-ddbfaedd92c3
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=95399994-aff6-43ee-92ed-ddbfaedd92c3&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=95399994-aff6-43ee-92ed-ddbfaedd92c3&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=95399994-aff6-43ee-92ed-ddbfaedd92c3&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 380C
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1677496357532.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=4ba863fc-9026-4f00-ba10-3f7d40998704
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=4ba863fc-9026-4f00-ba10-3f7d40998704
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 27 Feb 2023 11:12:38 GMT
Server
MT3 530 4e92630 master ord-pixel-x15 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=4ba863fc-9026-4f00-ba10-3f7d40998704
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 27 Feb 2023 11:12:37 GMT
match
events-ssc.33across.com/ Frame 380C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-3Hbu1_dE2uE01R2MqrcaAlcrgOYpaOhg~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-3Hbu1_dE2uE01R2MqrcaAlcrgOYpaOhg%7EA&ts=1677496357&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-3Hbu1_dE2uE01R2MqrcaAlcrgOYpaOhg%7EA&ts=1677496357&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
referrer-policy
unsafe-url
server
33XP019
x-33x-status
8000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-3Hbu1_dE2uE01R2MqrcaAlcrgOYpaOhg%7EA&ts=1677496357&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 380C
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=7f00194e9dec06a3&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAB6IXT8Pk5LQNw1knGAAAAAAA&expiration=1677582758&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB6IXT8Pk5LQNw1knGAAAAAAA&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB6IXT8Pk5LQNw1knGAAAAAAA&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAB6IXT8Pk5LQNw1knGAAAAAAA&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 380C
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=2069069278710581256250
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2069069278710581256250&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2069069278710581256250&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=2069069278710581256250&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
collect
www.google-analytics.com/g/ 		0
169 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-M2DR8J2TD3&gtm=45je32m0&_p=1337071579&cid=1180126012.1677496357&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677496357&sct=1&seg=0&dl=https%3A%2F%2Fcubdomain.com%2F&dt=CubDomain.com%20-%20Check%20Website%20Comprehensive%20Report&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M2DR8J2TD3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cubdomain.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus2-c-sc/s/0.7.2/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-c-sc/s/0.7.2/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/6x76cn33lg?ref=gtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
06oj8YwAAAACjhDRECRCVRIj5VYB2xFTMTU5aMjIxMDYwNjEyMDM1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"1d9420b80f81c1c"
x-azure-ref
0JZD8YwAAAACh3GI8DQInS45JTpfmvxfkTUlBRURHRTIyMTAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=0.2.0
  • https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=0.2.0&b=1&g=if6BcV%2BuV33VxMB9w2Y7lEm41YTphiJ7AZtZMFvU2ZM%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=0.2.0&b=1&g=if6BcV%2BuV33VxMB9w2Y7lEm41YTphiJ7AZtZMFvU2ZM%3D
Protocol
H2
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://cubdomain.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://cubdomain.com
location
https://lexicon.33across.com/v1/envelope?pid=0015a0000344WLkAAM&src=ima&ver=0.2.0&b=1&g=if6BcV%2BuV33VxMB9w2Y7lEm41YTphiJ7AZtZMFvU2ZM%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
getads.htm
rt3019.infolinks.com/action/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3019.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22homes%22%2C%22scs%22%3A%22aS2CXqcQDq%22%7D%5D&rid=4beacbef-7e1c-4999-8cec-9ceccc6fcd82&jsv=1849.013-3.025&sr=1600X1200&rts=1677496357768&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=110.0.5481.177&dv=p&ce=t&purl=https%3A%2F%2Fcubdomain.com%2F&tzo=-0000&c=c&strg=true&pitc=91~M8V0P2dxLOGCWfhNh4ZCExodL9Vp8eFi&rsd=ZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB&rsk=76&rcs=7mi0N8Tk2wFTiNll69cR2A&cuid=792a2bfe-ceb5-4d9a-84e8-969f30b991aa&ique=&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca91149285e8b41f34a6ad7bd23ce45e905acd6d191e7582a77b65793cfa7136

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
en-US
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7a007c8c299702dc-MIA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
intag_incontent.js
resources.infolinks.com/js/1849.013-3.025/ 		199 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1849.013-3.025/intag_incontent.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8089495c7dd4f2030ed449649d4cc8271eda9e0566d11112d55cc22b7170316

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:37 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 18 Feb 2023 09:28:39 GMT
server
cloudflare
age
2788
etag
W/"31bf3-5f4f60e1f13c4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7a007c8c299902dc-MIA
expires
Wed, 29 Mar 2023 10:26:09 GMT
collect
www.google-analytics.com/j/ 		4 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1337071579&t=pageview&_s=1&dl=https%3A%2F%2Fcubdomain.com%2F&ul=en-us&de=UTF-8&dt=CubDomain.com%20-%20Check%20Website%20Comprehensive%20Report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=742443616&gjid=1360477716&cid=1180126012.1677496357&tid=UA-101202427-1&_gid=2012391706.1677496358&_r=1&_slc=1&gtm=45He32m0n81MCJ89XN&z=1548884552
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cubdomain.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cubdomain.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ta-usync
router.infolinks.com/dyn/ Frame 4420
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=792a2bfe-ceb5-4d9a-84e8-969f30b991aa=&partner_id=3337&partner_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fta-usync%3Fuid%3D%24%7BTA_DE...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=792a2bfe-ceb5-4d9a-84e8-969f30b991aa=&partner_id=3337&partner_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fta-usync%3Fuid%3D%24%7...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%252Chttps%25253A%25252F%25252Frouter.infolinks.com%25252Fdyn%25252Fta-usync%25253Fui...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&ttd_puid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c%2Chttps%253A%252F%252Frouter.infolinks...
  • https://router.infolinks.com/dyn/ta-usync?uid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c
35 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ta-usync?uid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/container-1.0.html
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://resources.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
7a007c8ecb5402dc-MIA
content-length
35
expires
Sun, 27 Feb 2022 11:12:38 GMT

Redirect headers

date
Mon, 27 Feb 2023 11:12:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://router.infolinks.com/dyn/ta-usync?uid=eb644950-4fc1-4c1e-9446-9a6dcaa5c51c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
stats.g.doubleclick.net/j/ 		2 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-101202427-1&cid=1180126012.1677496357&jid=742443616&gjid=1360477716&_gid=2012391706.1677496358&_u=YADAAEAAAAAAACAAI~&z=980084622
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cubdomain.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 27 Feb 2023 11:12:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cubdomain.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcl.htm
rt3019.infolinks.com/action/ 		0
120 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3019.infolinks.com/action/dcl.htm?rid=4beacbef-7e1c-4999-8cec-9ceccc6fcd82&jsv=1849.013-3.025&capara=%7B%22failedAlgos%22%3A%22palgo%22%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7a007c8d0a3402dc-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
getads.htm
rt3019.infolinks.com/action/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3019.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_CONTENT0%22%2C%22bdc%22%3A2%2C%22prod_t%22%3A%22c%22%2C%22miw%22%3A14%2C%22maw%22%3A1614%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22sdata%22%3A%22homes%22%2C%22scs%22%3A%22aS2CXqcQDq%22%7D%5D&rid=4beacbef-7e1c-4999-8cec-9ceccc6fcd82&jsv=1849.013-3.025&sr=1600X1200&rts=1677496357945&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=110.0.5481.177&dv=p&ce=t&purl=https%3A%2F%2Fcubdomain.com%2F&tzo=-0000&c=c&strg=true&pitc=91~M8V0P2dxLOGCWfhNh4ZCExodL9Vp8eFi&rsd=ZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB&rsk=76&rcs=7mi0N8Tk2wFTiNll69cR2A&cuid=792a2bfe-ceb5-4d9a-84e8-969f30b991aa&ique=&hbnr=true
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
314424498540c8a6be07bb2fa6c58b8fbfde7734374b52a1af8c48df8de654ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
en-US
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7a007c8d4a4a02dc-MIA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcl.htm
rt3019.infolinks.com/action/ 		0
45 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3019.infolinks.com/action/dcl.htm?rid=4beacbef-7e1c-4999-8cec-9ceccc6fcd82&jsv=1849.013-3.025&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A1%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7a007c8d4a4c02dc-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
getads.htm
rt3019.infolinks.com/action/ 		562 B
545 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3019.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_ARTICLE0%22%2C%22bdc%22%3A3%2C%22prod_t%22%3A%22a%22%2C%22miw%22%3A14%2C%22maw%22%3A1614%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22sdata%22%3A%22month%22%2C%22scs%22%3A%22MEqj_DrGDX%22%7D%5D&rid=4beacbef-7e1c-4999-8cec-9ceccc6fcd82&jsv=1849.013-3.025&sr=1600X1200&rts=1677496357949&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=110.0.5481.177&dv=p&ce=t&purl=https%3A%2F%2Fcubdomain.com%2F&tzo=-0000&c=c&strg=true&pitc=91~M8V0P2dxLOGCWfhNh4ZCExodL9Vp8eFi&rsd=ZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB&rsk=76&rcs=7mi0N8Tk2wFTiNll69cR2A&cuid=792a2bfe-ceb5-4d9a-84e8-969f30b991aa&ique=&hbnr=true
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e9503b9419cb154bf2bc1b74c239523425098fbcc42e5da5be77e20a4289d3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:39 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
en-US
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7a007c8d4a4d02dc-MIA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
t.clarity.ms/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c-sc/s/0.7.2/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://cubdomain.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
https://cubdomain.com
date
Mon, 27 Feb 2023 11:12:37 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A9BA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cubdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
20852
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 05:25:06 GMT
expires
Tue, 27 Feb 2024 05:25:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 194E 		783 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fea59b05b79ae05d4e63bd254de222aa63437d978c1d49d9a0c1108d593b8931
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JjEQYRfFNGWsikOcV53d3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cubdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-JjEQYRfFNGWsikOcV53d3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 11:12:38 GMT
expires
Mon, 27 Feb 2023 11:12:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame C8C0 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
02d30af89e689b202bbe46caffa50312ba5ffd209dd2ced87de71f582eadb703

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
content-encoding
gzip
last-modified
Mon, 27 Feb 2023 02:44:25 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=55863
content-length
10007
expires
Tue, 28 Feb 2023 02:43:41 GMT
vidice.js
resources.infolinks.com/js/vidice/2.0/ 		333 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 25 Jan 2022 09:20:02 GMT
server
cloudflare
age
13412
etag
W/"5344d-5d6649709d511"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7a007c8ddabb02dc-MIA
expires
Wed, 29 Mar 2023 07:29:06 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-101202427-1&cid=1180126012.1677496357&jid=742443616&_u=YADAAEAAAAAAACAAI~&z=1457921915
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame C8C0 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
pagead2.googlesyndication.com/bg/ Frame A9BA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 18:19:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
406371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14406
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 18:19:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 194E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=1813829335459140&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
collect
t.clarity.ms/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c-sc/s/0.7.2/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://cubdomain.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
https://cubdomain.com
date
Mon, 27 Feb 2023 11:12:37 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
generate_204
tpc.googlesyndication.com/ Frame A9BA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nGTKxA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
match
events-ssc.33across.com/ Frame C8C0
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LEMQ0Q12-G-4PGH
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LEMQ0Q12-G-4PGH
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LEMQ0Q12-G-4PGH&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LEMQ0Q12-G-4PGH&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LEMQ0Q12-G-4PGH&ts=1677496358&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
adview.htm
rt3019.infolinks.com/action/ 		0
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt3019.infolinks.com/action/adview.htm?rid=4beacbef-7e1c-4999-8cec-9ceccc6fcd82&bdc=2&midx=0&emd=MTQ3fjE4MjE&rts=1677496358415&prod_t=c&jsv=1849.013-3.025&capara=%7B%22docHeight%22%3A1200%2C%22width%22%3A1600%2C%22index%22%3A0%7D&sdata=homes&scs=aS2CXqcQDq&rsd=ZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB&rsk=76&rcs=7mi0N8Tk2wFTiNll69cR2A
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7a007c904c6302dc-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
loader.gif
resources.infolinks.com/static/skins/ 		962 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.infolinks.com/static/skins/loader.gif
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
HIT
age
3551
cf-polished
origSize=1631, status=webp_bigger
content-length
962
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Nov 2016 12:31:03 GMT
server
cloudflare
etag
"65f-54142035d0066"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7a007c904c6402dc-MIA
expires
Wed, 29 Mar 2023 10:13:27 GMT
loader-bg.png
resources.infolinks.com/static/skins/ 		902 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.infolinks.com/static/skins/loader-bg.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
HIT
age
5142
cf-polished
origFmt=png, origSize=1488
content-disposition
inline; filename="loader-bg.webp"
content-length
902
cf-bgj
imgq:85,h2pri
last-modified
Mon, 14 Nov 2016 12:31:03 GMT
server
cloudflare
etag
"5d0-541420359b4a6"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7a007c904c6502dc-MIA
expires
Wed, 29 Mar 2023 09:46:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 5E51 		145 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: blank
URL: about:blank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ec2a1a9f6170536cd113af787259b36aa15df7dcde243207ef0776d7842425f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49339
x-xss-protection
0
server
cafe
etag
12569284178030457343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 27 Feb 2023 11:12:38 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
adview.htm
rt3019.infolinks.com/action/ 		0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt3019.infolinks.com/action/adview.htm?rid=4beacbef-7e1c-4999-8cec-9ceccc6fcd82&bdc=1&midx=1&emd=OTc5fm51bGxfMTI0Njg2OTZ-NTg2Mjk2NQ&rts=1677496358467&prod_t=d&jsv=1849.013-3.025&skin=sidebar&theme=def&sdata=homes&scs=aS2CXqcQDq&rsd=ZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB&rsk=76&rcs=7mi0N8Tk2wFTiNll69cR2A
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7a007c911cfa02dc-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
adEvent.do
prod-m-node-1213.ssp.yahoo.com/admax/ 		43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-1213.ssp.yahoo.com/admax/adEvent.do?tidi=770949141&dcn=8a969c9e01777792d6e5a677d55001c6&posi=1464404&grp=???&nl=1677496357932&rts=1677496357876&pix=0&et=1&a=4beacbef-7e1c-4999-8cec-9ceccc6fcd82%7E979%7E1&m=aXAtMTAtMjItNDUtMjI0&p=MC4wMDAyOTIxODE&b=MTMyMjI7T0FUSDEwMDM2NTAwMDt0YXhhY3QuY29tOzs7OzJhOTUwMjEwM2Q0NjQ0MTg5NzljN2U2ZjFkNGNiYjhlOzMxNjU0NDU4OzE2Nzc0OTQxMjI7OzAuMDAwMjA0NTI3OzswOzs1ODYyOTY1O2Y0NWNhNjA4MDk1OGViZjI4YTk5MDI1MWFmODk1NWQ4NjhhYzM1YjQ7MTsxOw..&uid=y-4fSiImlE2uH5oe3TYae.Aml0KBMVJx6HqiNZdKU-~A&xdi=Pz8_fEdvb2dsZXwxMHwxN3xEZXNrdG9w&xoi=MHxVU0E.&hb=true&type=2&hbp=84&bkts=NDQjMTg0&af=2&dety=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.91.27 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-91-27.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
last-modified
Fri, 24 Feb 2023 18:23:56 GMT
server
nginx
accept-ranges
bytes
content-length
43
content-type
image/gif
https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cf...
pn.ybp.yahoo.com/ab/secure/true/imp/hdbXVv8zaUfeFNfXnYvez_F3xPIQjBLIaXLiccDBSRIZoWoHsv1m65e_Vc474ozYOlAba6dN1DXhfXHqCJ7u_eZqLS-pSqiBF3YT6mt5JZyXeP4bGtfmXLYscI40THXbCsLH5yrcQ--JqKSxPPKP2uZNeAR6po2YT... Frame 3536 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/hdbXVv8zaUfeFNfXnYvez_F3xPIQjBLIaXLiccDBSRIZoWoHsv1m65e_Vc474ozYOlAba6dN1DXhfXHqCJ7u_eZqLS-pSqiBF3YT6mt5JZyXeP4bGtfmXLYscI40THXbCsLH5yrcQ--JqKSxPPKP2uZNeAR6po2YTKfORiiHxnD6A9gfAc7KLj4PqLLAcVDiJN8i-h3GTx_DyWeWVUu97vTkY4w726Ny1HmcnJXli0apN50GkhrxrU540PWfcTNAb8V_K_7ygUV1SKUX8Bj_RIL8-vn4C4eRkpKR8kNUQWcKNZqAKj7EJIBUalp-QI7wgt5kWk1tISh5_GbIhjrZrKR0yWDAanSfodQ51gw28WBsI2Fb8z-FouQcFsbJd-GBwU-qNxM_y1Sq_JM1OGt174IG12VAgIe0WnerUTLSe-TKwlM5hoVE5Dq89cKhyk9j63Wjeic-ccB-wR3PzcOPrFn0r5eyvVkNhRdUzHi23eIM1ONDTlms5lMAU2eUyxAGzfrheFPHcTA5RgTJ_AspanBFuPMjMwCfUKbvVCWM5ASXTDcHEf0GH0lqBwO5vld8Cdr-mJADTb2lbG4boBZ4RqVN4cqN3jykduFt65bi3KKHHozSl74sSLnaMykC_HKGjYAuzQNj19Xg8VheF8ZwxeC8pTf06uuoLxtpyKI9ncvQsYT_C1LY67lOb0hM5rjbGosMdTomByzmWxLdn65UV5WXSdbdxeofz6-wLwA1ju9soH1hrGClf8Pe4B3HyU6WOD7vLMxlN0DP6T_8qNsGvGbO3C_w4sxB47qp37-U7p3iL5STYy6SognIu_vHTX1MBdg7hytmuiKjo0_dsnX07_IAvu9u7lyfSltRQ492Vz9pxUBorYqGu4MRgL7xebRphd9TCuPZpnOxPrmr6w097jxJquSfTb0_c40fZef8Tdj0UGuZelK9kLdI6rtyuu86MDPLMIH6RV3FqgpC3jV0ho3FbRANGAVVckiB3PiYT0-I8Vex2-xTu5xVd36YDiClt4tv8hBV-zjQ8W-QaT9UTab8_hR6g9pInsTWBx4rkez7cvbnt3NuSBZ0aMcY1_HQFOynm2mZI1jxTktuOY908hsHGQSky7MTYZz77qwMWuInSrBBguBeP4Zpj6bHm2cbHti-hCg1ND4F1Z62Hhj0dG5NsfXMWqLdAV6-kkwKdGHHE2BiINB2ttZByZmWz8W5JBTSJdCrz0VQoMDViOJZERnTkybEOv5PQMbX6Dm-nUtxGPs6ur3BhKKzp34zF_4kTBh96VBKnZ_DD9-zF1efZzGGzMGOsDdqfW7qaY8hggoCXoLHQvVR7TjfrHPlI3Y6I5sskjNZpDFC2MspupyvhNpjkWoQNoM5gw5Op7zdK11S7pS0TsqklS1t1OKAmPyXjvOfbZQxf2bFqfDYanJM2_IOFOqmq9A3iU9_OP3v4ym06IH92hUn8cXMW3gJp86TCA88kQ7LUjUAnW7fjsBxi1auN5AaY72KUHiswvBgIUOLh0JEZfUCFk8PEAAD2lkkNteWfFy5Wznty-ppDf_D5P-0nmglkP9rdauQvW9NJ1C3-I5EUDLehjgXADkPp719dnOo4GpJqyxSbAnFd6VbRtUSHVngMA7wL3gEKSdUQ337-Kq8SqzKVfDte2Q5_JNhp607C8ss45Q3fJ3H4l6-Og/wp/0.292181/tr/null/pa/null/pclick/https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cfa27200dc%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9691ba01777792dbf7a67b952001f3%26grp%3D%253F%253F%253F%26type%3D2%26hbp%3D84%26nl%3D1677496357930%26rts%3D1677496357876%26ari%3D2a9502103d464418979c7e6f1d4cbb8e%26b%3DMTMyMjI7Ozs7Ozs7MzE2NTQ0NTg7Ozs7Ozs7Ozs7MTs.%26a%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82~979~1%26rdm%3D1%26rd%3D
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4998:124:1407::d000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
21e0a0270ab26a8e101db6854997c80c58acc882ae46216732c247dd2ffb7761
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
3694
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 3536 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58292,55986,55964,55939,56554,58301&referrer=cubdomain.com&limit=12&us_privacy=null&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d6f40a6f78af38a98a64ac5f86f8c5e584960ebcbca8e7d26cd1af85fd61fbda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
server
ATS/9.1.10.25
age
0
content-type
application/javascript
adfeedback-1.0.108.js
s.yimg.com/cb/af/ Frame 3536 		129 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cb/af/adfeedback-1.0.108.js
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 10:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
JVMRQTF1ZBCZRQ7B
age
3151
x-amz-server-side-encryption
AES256
x-amz-id-2
3SXCtOVEFJPBqAfKDW79noIc2orTmKegrjuje2rj8sjBWJkQsJbV2Vdyh4b/N2vsBVv/D0JZkoc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Mar 2022 01:19:31 GMT
server
ATS
etag
"dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
talon-1.0.40.js
cdn.js7k.com/ix/ Frame 3536 		69 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 10:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
GBM1V4DXQBZ0HY4A
age
4015
x-amz-server-side-encryption
AES256
content-length
16540
x-amz-id-2
5ejBezu1bYbh8UYHPb1+Mff8TZIQ+5bW+cdZn/nuZOUo0h7zNJHn15dBf9CVxASzqTezqbOjmyM=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 16:08:42 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
infolinks_feel_better.mp4
resources.infolinks.com/static/vid-content/ 		0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame C8C0 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2N4SRQJV2W6VFX79AYC1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C8C0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/wZfNeMt7z0TFNlf-cmR6VA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3lOcMVBE2oIhQR._TLgzcFxA_BfZtTOpzRcifQ--~A
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3lOcMVBE2oIhQR._TLgzcFxA_BfZtTOpzRcifQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 27 Feb 2023 11:12:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3lOcMVBE2oIhQR._TLgzcFxA_BfZtTOpzRcifQ--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame C8C0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-ppvziUuQZuaZmaa2jE-CQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-ppvziUuQZuaZmaa2jE-CQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-ppvziUuQZuaZmaa2jE-CQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FVCC3E7MY0EWRWY76953
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-ppvziUuQZuaZmaa2jE-CQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C8C0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame C8C0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVNUTBRMTItRy00UEdI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVNUTBRMTItRy00UEdI
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVNUTBRMTItRy00UEdI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame C8C0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTEyZTA2NjM3ZmVjZTBjNzk2MzhlZWI0NWJkNmYyOTZlNjJjMjNhYQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTEyZTA2NjM3ZmVjZTBjNzk2MzhlZWI0NWJkNmYyOTZlNjJjMjNhYQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTEyZTA2NjM3ZmVjZTBjNzk2MzhlZWI0NWJkNmYyOTZlNjJjMjNhYQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C8C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFCfVW2Uu951zF7SemXxxMk&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFCfVW2Uu951zF7SemXxxMk&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFCfVW2Uu951zF7SemXxxMk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame C8C0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEMQ0Q12-G-4PGH
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEMQ0Q12-G-4PGH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 7D0F69FE486543A99530F9C3DD475756 Ref B: MIAEDGE2318 Ref C: 2023-02-27T11:12:39Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX1rI6YhJ0TO6/j8VBMlg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEMQ0Q12-G-4PGH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
vtt.min.js
vjs.zencdn.net/vttjs/0.14.1/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/vttjs/0.14.1/vtt.min.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/vidice/2.0/vidice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a36011812516a45305217c2fc2d0a0b2fcf9e66e4c84708cc1b6818066024fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by
cache-pdk17827-PDK
date
Mon, 27 Feb 2023 11:12:38 GMT
content-encoding
gzip
last-modified
Tue, 10 Apr 2018 19:42:19 GMT
etag
"52c6ba3260a51c570977f84d2bd7bf55"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
7089
x-cache-hits
22664
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd7349aae312bc35faad727443a7f8203fc98603c8ee34acf5847bfe974e5252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52032
x-xss-protection
0
server
cafe
etag
6216717472470171456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Feb 2023 11:12:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44778204&url=https%3A%2F%2Fcubdomain.com%2F&pvc=1813829335459140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
infolinks_feel_better.mp4
resources.infolinks.com/static/vid-content/ 		123 KB
123 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/vid-content/infolinks_feel_better.mp4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c877407826f69e8ce67c34e5d32f39660263412adade653ac0ab1214484517d

Request headers

Referer
https://cubdomain.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Sun, 13 Sep 2020 07:30:02 GMT
server
cloudflare
age
11513
etag
"1ec1a-5af2ce2cf9b6b"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-125977/125978
cache-control
max-age=2592000
cf-ray
7a007c918d4102dc-MIA
Content-Length
125978
expires
Wed, 29 Mar 2023 08:00:45 GMT
bridge3.557.0_en.html
imasdk.googleapis.com/js/core/ Frame 98F2 		694 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ed1c1634d9f96286eecd6bfe892542a2cd46f4e46d437210fa99e4c8482966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cubdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
25897
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227119
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 04:01:01 GMT
expires
Tue, 27 Feb 2024 04:01:01 GMT
last-modified
Tue, 21 Feb 2023 14:27:34 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Feb 2023 11:12:38 GMT
css
fonts.googleapis.com/ Frame F7FD 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&h=280&adk=1213588912&adf=2069133333&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1677496357&rafmt=1&to=qs&pwprc=1302010343&format=1200x280&url=https%3A%2F%2Fcubdomain.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357071&bpp=2&bdt=840&idt=312&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7342740357682&frm=20&pv=1&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sGAMTXv0m7&p=https%3A//cubdomain.com&dtd=318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 11:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 10:07:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 11:12:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame F7FD 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&h=280&adk=1213588912&adf=2069133333&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1677496357&rafmt=1&to=qs&pwprc=1302010343&format=1200x280&url=https%3A%2F%2Fcubdomain.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357071&bpp=2&bdt=840&idt=312&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7342740357682&frm=20&pv=1&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sGAMTXv0m7&p=https%3A//cubdomain.com&dtd=318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
68166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/ Frame F7FD 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&h=280&adk=1213588912&adf=2069133333&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1677496357&rafmt=1&to=qs&pwprc=1302010343&format=1200x280&url=https%3A%2F%2Fcubdomain.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357071&bpp=2&bdt=840&idt=312&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7342740357682&frm=20&pv=1&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sGAMTXv0m7&p=https%3A//cubdomain.com&dtd=318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
68167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9122
x-xss-protection
0
server
cafe
etag
6330344511044705610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame F7FD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&h=280&adk=1213588912&adf=2069133333&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1677496357&rafmt=1&to=qs&pwprc=1302010343&format=1200x280&url=https%3A%2F%2Fcubdomain.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357071&bpp=2&bdt=840&idt=312&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7342740357682&frm=20&pv=1&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sGAMTXv0m7&p=https%3A//cubdomain.com&dtd=318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
68166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame F7FD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&h=280&adk=1213588912&adf=2069133333&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1677496357&rafmt=1&to=qs&pwprc=1302010343&format=1200x280&url=https%3A%2F%2Fcubdomain.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357071&bpp=2&bdt=840&idt=312&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7342740357682&frm=20&pv=1&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sGAMTXv0m7&p=https%3A//cubdomain.com&dtd=318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
68167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F7FD 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&h=280&adk=1213588912&adf=2069133333&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1677496357&rafmt=1&to=qs&pwprc=1302010343&format=1200x280&url=https%3A%2F%2Fcubdomain.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357071&bpp=2&bdt=840&idt=312&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7342740357682&frm=20&pv=1&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sGAMTXv0m7&p=https%3A//cubdomain.com&dtd=318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677104061356577"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Feb 2023 11:12:38 GMT
ed8ae2896763956dad3710d8730c1299.js
www.gstatic.com/mysidia/ Frame F7FD 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&h=280&adk=1213588912&adf=2069133333&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1677496357&rafmt=1&to=qs&pwprc=1302010343&format=1200x280&url=https%3A%2F%2Fcubdomain.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357071&bpp=2&bdt=840&idt=312&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7342740357682&frm=20&pv=1&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sGAMTXv0m7&p=https%3A//cubdomain.com&dtd=318
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
327808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14007
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 03:30:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 24 May 2023 16:09:10 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ Frame 5E51 		365 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d406c2499361ef01cef5ec8080cc790dc40b652a6d5c7bf8394ed4d181c27300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122918
x-xss-protection
0
server
cafe
etag
1910215726132071384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Feb 2023 11:12:38 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F7FD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CwS2BJZD8Y5zZG8uwhQbMhr_wBL2enMNu55uQpOIQsJAfEAEg9sLHImDJhoCA3KPEEKAByLGpzQPIAQmoAwHIA8sEqgS8AU_QkIDG14qRZYWU-XVPhdw1Gi8EeN8pIQa6I0JcVOmCKtwolyA5vCz9SfKlY3jHOd5Nxw0VAiCzwtJuoK99LSbPEO9_Df5MNPTtc9cdnZKznXQNfb8MfMSWmt_4d3AbS5WiEJGenODbwBLnP49k5IqYdt7vBIylVU9hhyVPmfZKXWXsbEAFsoN5fzyZ6fy0y_4kwMz5c4tM3dLuan2MtWQr8ANL_r9EkXsWiEd8RgSKuxQiWQ004FS81flNwASV67uV4QOSBQQIBBgBkgUECAUYBKAGLoAH5OriNagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEM3QdNIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDYgUA9AVAYAXAbIXHAoaCAASFHB1Yi0xODg3MjUyMDg2NDQyMTAxGAA&sigh=2aNIQeY-n-E&uach_m=[UACH]&cid=CAQSGwDUE5ymZnPup4DB6NPUCedJ35fEsT0JT20LPxgB&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&h=280&adk=1213588912&adf=2069133333&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1677496357&rafmt=1&to=qs&pwprc=1302010343&format=1200x280&url=https%3A%2F%2Fcubdomain.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357071&bpp=2&bdt=840&idt=312&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7342740357682&frm=20&pv=1&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sGAMTXv0m7&p=https%3A//cubdomain.com&dtd=318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&h=280&adk=1213588912&adf=2069133333&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1677496357&rafmt=1&to=qs&pwprc=1302010343&format=1200x280&url=https%3A%2F%2Fcubdomain.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357071&bpp=2&bdt=840&idt=312&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7342740357682&frm=20&pv=1&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sGAMTXv0m7&p=https%3A//cubdomain.com&dtd=318
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 27 Feb 2023 11:12:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/4510879845331638827/ Frame F7FD 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4510879845331638827/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&h=280&adk=1213588912&adf=2069133333&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1677496357&rafmt=1&to=qs&pwprc=1302010343&format=1200x280&url=https%3A%2F%2Fcubdomain.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357071&bpp=2&bdt=840&idt=312&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7342740357682&frm=20&pv=1&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sGAMTXv0m7&p=https%3A//cubdomain.com&dtd=318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4113df6a4b5fe797e44b461909177ba92ddaa8dff65d498e41e9b4ae1901465
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 10:35:20 GMT
x-content-type-options
nosniff
age
2238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29925
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 08:08:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 27 Feb 2024 10:35:20 GMT
truncated
/ Frame F7FD 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F7FD 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cubdomain.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame C0A9 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cubdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68165
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 Feb 2023 16:16:33 GMT
etag
10353107486223812946
expires
Sun, 12 Mar 2023 16:16:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 30DA 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cubdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68165
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 Feb 2023 16:16:33 GMT
etag
10353107486223812946
expires
Sun, 12 Mar 2023 16:16:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F7FD 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbf3c9f12e3bbaa1284086ff1fdd9de54a01c11e5276059d5f56c6233cc7b5a2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
dcmads.js
www.googletagservices.com/dcm/ Frame 3536 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/hdbXVv8zaUfeFNfXnYvez_F3xPIQjBLIaXLiccDBSRIZoWoHsv1m65e_Vc474ozYOlAba6dN1DXhfXHqCJ7u_eZqLS-pSqiBF3YT6mt5JZyXeP4bGtfmXLYscI40THXbCsLH5yrcQ--JqKSxPPKP2uZNeAR6po2YTKfORiiHxnD6A9gfAc7KLj4PqLLAcVDiJN8i-h3GTx_DyWeWVUu97vTkY4w726Ny1HmcnJXli0apN50GkhrxrU540PWfcTNAb8V_K_7ygUV1SKUX8Bj_RIL8-vn4C4eRkpKR8kNUQWcKNZqAKj7EJIBUalp-QI7wgt5kWk1tISh5_GbIhjrZrKR0yWDAanSfodQ51gw28WBsI2Fb8z-FouQcFsbJd-GBwU-qNxM_y1Sq_JM1OGt174IG12VAgIe0WnerUTLSe-TKwlM5hoVE5Dq89cKhyk9j63Wjeic-ccB-wR3PzcOPrFn0r5eyvVkNhRdUzHi23eIM1ONDTlms5lMAU2eUyxAGzfrheFPHcTA5RgTJ_AspanBFuPMjMwCfUKbvVCWM5ASXTDcHEf0GH0lqBwO5vld8Cdr-mJADTb2lbG4boBZ4RqVN4cqN3jykduFt65bi3KKHHozSl74sSLnaMykC_HKGjYAuzQNj19Xg8VheF8ZwxeC8pTf06uuoLxtpyKI9ncvQsYT_C1LY67lOb0hM5rjbGosMdTomByzmWxLdn65UV5WXSdbdxeofz6-wLwA1ju9soH1hrGClf8Pe4B3HyU6WOD7vLMxlN0DP6T_8qNsGvGbO3C_w4sxB47qp37-U7p3iL5STYy6SognIu_vHTX1MBdg7hytmuiKjo0_dsnX07_IAvu9u7lyfSltRQ492Vz9pxUBorYqGu4MRgL7xebRphd9TCuPZpnOxPrmr6w097jxJquSfTb0_c40fZef8Tdj0UGuZelK9kLdI6rtyuu86MDPLMIH6RV3FqgpC3jV0ho3FbRANGAVVckiB3PiYT0-I8Vex2-xTu5xVd36YDiClt4tv8hBV-zjQ8W-QaT9UTab8_hR6g9pInsTWBx4rkez7cvbnt3NuSBZ0aMcY1_HQFOynm2mZI1jxTktuOY908hsHGQSky7MTYZz77qwMWuInSrBBguBeP4Zpj6bHm2cbHti-hCg1ND4F1Z62Hhj0dG5NsfXMWqLdAV6-kkwKdGHHE2BiINB2ttZByZmWz8W5JBTSJdCrz0VQoMDViOJZERnTkybEOv5PQMbX6Dm-nUtxGPs6ur3BhKKzp34zF_4kTBh96VBKnZ_DD9-zF1efZzGGzMGOsDdqfW7qaY8hggoCXoLHQvVR7TjfrHPlI3Y6I5sskjNZpDFC2MspupyvhNpjkWoQNoM5gw5Op7zdK11S7pS0TsqklS1t1OKAmPyXjvOfbZQxf2bFqfDYanJM2_IOFOqmq9A3iU9_OP3v4ym06IH92hUn8cXMW3gJp86TCA88kQ7LUjUAnW7fjsBxi1auN5AaY72KUHiswvBgIUOLh0JEZfUCFk8PEAAD2lkkNteWfFy5Wznty-ppDf_D5P-0nmglkP9rdauQvW9NJ1C3-I5EUDLehjgXADkPp719dnOo4GpJqyxSbAnFd6VbRtUSHVngMA7wL3gEKSdUQ337-Kq8SqzKVfDte2Q5_JNhp607C8ss45Q3fJ3H4l6-Og/wp/0.292181/tr/null/pa/null/pclick/https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cfa27200dc%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9691ba01777792dbf7a67b952001f3%26grp%3D%253F%253F%253F%26type%3D2%26hbp%3D84%26nl%3D1677496357930%26rts%3D1677496357876%26ari%3D2a9502103d464418979c7e6f1d4cbb8e%26b%3DMTMyMjI7Ozs7Ozs7MzE2NTQ0NTg7Ozs7Ozs7Ozs7MTs.%26a%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82~979~1%26rdm%3D1%26rd%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 10:26:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 27 Feb 2023 11:26:16 GMT
inside-5.js
cdn.js7k.com/rq/iv/ Frame 3536 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside-5.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/hdbXVv8zaUfeFNfXnYvez_F3xPIQjBLIaXLiccDBSRIZoWoHsv1m65e_Vc474ozYOlAba6dN1DXhfXHqCJ7u_eZqLS-pSqiBF3YT6mt5JZyXeP4bGtfmXLYscI40THXbCsLH5yrcQ--JqKSxPPKP2uZNeAR6po2YTKfORiiHxnD6A9gfAc7KLj4PqLLAcVDiJN8i-h3GTx_DyWeWVUu97vTkY4w726Ny1HmcnJXli0apN50GkhrxrU540PWfcTNAb8V_K_7ygUV1SKUX8Bj_RIL8-vn4C4eRkpKR8kNUQWcKNZqAKj7EJIBUalp-QI7wgt5kWk1tISh5_GbIhjrZrKR0yWDAanSfodQ51gw28WBsI2Fb8z-FouQcFsbJd-GBwU-qNxM_y1Sq_JM1OGt174IG12VAgIe0WnerUTLSe-TKwlM5hoVE5Dq89cKhyk9j63Wjeic-ccB-wR3PzcOPrFn0r5eyvVkNhRdUzHi23eIM1ONDTlms5lMAU2eUyxAGzfrheFPHcTA5RgTJ_AspanBFuPMjMwCfUKbvVCWM5ASXTDcHEf0GH0lqBwO5vld8Cdr-mJADTb2lbG4boBZ4RqVN4cqN3jykduFt65bi3KKHHozSl74sSLnaMykC_HKGjYAuzQNj19Xg8VheF8ZwxeC8pTf06uuoLxtpyKI9ncvQsYT_C1LY67lOb0hM5rjbGosMdTomByzmWxLdn65UV5WXSdbdxeofz6-wLwA1ju9soH1hrGClf8Pe4B3HyU6WOD7vLMxlN0DP6T_8qNsGvGbO3C_w4sxB47qp37-U7p3iL5STYy6SognIu_vHTX1MBdg7hytmuiKjo0_dsnX07_IAvu9u7lyfSltRQ492Vz9pxUBorYqGu4MRgL7xebRphd9TCuPZpnOxPrmr6w097jxJquSfTb0_c40fZef8Tdj0UGuZelK9kLdI6rtyuu86MDPLMIH6RV3FqgpC3jV0ho3FbRANGAVVckiB3PiYT0-I8Vex2-xTu5xVd36YDiClt4tv8hBV-zjQ8W-QaT9UTab8_hR6g9pInsTWBx4rkez7cvbnt3NuSBZ0aMcY1_HQFOynm2mZI1jxTktuOY908hsHGQSky7MTYZz77qwMWuInSrBBguBeP4Zpj6bHm2cbHti-hCg1ND4F1Z62Hhj0dG5NsfXMWqLdAV6-kkwKdGHHE2BiINB2ttZByZmWz8W5JBTSJdCrz0VQoMDViOJZERnTkybEOv5PQMbX6Dm-nUtxGPs6ur3BhKKzp34zF_4kTBh96VBKnZ_DD9-zF1efZzGGzMGOsDdqfW7qaY8hggoCXoLHQvVR7TjfrHPlI3Y6I5sskjNZpDFC2MspupyvhNpjkWoQNoM5gw5Op7zdK11S7pS0TsqklS1t1OKAmPyXjvOfbZQxf2bFqfDYanJM2_IOFOqmq9A3iU9_OP3v4ym06IH92hUn8cXMW3gJp86TCA88kQ7LUjUAnW7fjsBxi1auN5AaY72KUHiswvBgIUOLh0JEZfUCFk8PEAAD2lkkNteWfFy5Wznty-ppDf_D5P-0nmglkP9rdauQvW9NJ1C3-I5EUDLehjgXADkPp719dnOo4GpJqyxSbAnFd6VbRtUSHVngMA7wL3gEKSdUQ337-Kq8SqzKVfDte2Q5_JNhp607C8ss45Q3fJ3H4l6-Og/wp/0.292181/tr/null/pa/null/pclick/https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cfa27200dc%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9691ba01777792dbf7a67b952001f3%26grp%3D%253F%253F%253F%26type%3D2%26hbp%3D84%26nl%3D1677496357930%26rts%3D1677496357876%26ari%3D2a9502103d464418979c7e6f1d4cbb8e%26b%3DMTMyMjI7Ozs7Ozs7MzE2NTQ0NTg7Ozs7Ozs7Ozs7MTs.%26a%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82~979~1%26rdm%3D1%26rd%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
94dbc2b8c346e21c33acc3282ad347f68547a5c36db412853677a264389e63e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
KHBPPP81ZX3YFC78
age
11998
x-amz-server-side-encryption
AES256
content-length
14351
x-amz-id-2
rYs+3QKxdSZRVQMhSuuTgscVbiIQdLaIuCwyYah5o8eDzVHLSSTLGLGNNusoyGMiWp6BBZgNhtg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"ebd5ce30dface9cc8115a8aae27d3a5b-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 3536 		565 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 10:53:27 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
DEYYF61SZC7Z8BWN
age
1153
x-amz-server-side-encryption
AES256
content-length
565
x-amz-id-2
9VuWusLUJ1g0GA2NZ8GBBQQ35iXpm+dsRvyJxqi1lhpak3rSN515ueC/HRuH3V4LDv/Eph80qBM=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jul 2020 18:15:42 GMT
server
ATS
etag
"349bad1100a940608cb9109eb2b166a2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
cache-control
max-age=15552000, public
accept-ranges
bytes
css2
fonts.googleapis.com/ Frame C0A9 		4 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 11:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 10:31:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 11:12:39 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C0A9 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 22:11:00 GMT
x-content-type-options
nosniff
age
46899
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 26 Feb 2024 22:11:00 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C0A9 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 23:34:23 GMT
x-content-type-options
nosniff
age
301096
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 23 Feb 2024 23:34:23 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/elements/html/ Frame C0A9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19aed7d310d8bf5f137d0273df387b2d5b023e7c8eda1d30c1f7a8459d5a3bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
68166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8556
x-xss-protection
0
server
cafe
etag
12004167960083760723
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 30DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgVRTJZD8Y4-LGuqKrr4PhPqE2ATT2dvtbs-G2Y_RC_-V0KHhFhABIPbCxyJgyYaAgNyjxBCgAY6TlM4DyAECqAMByAPJBKoEvAFP0Jg93FNjMV0PemScLSONY5BPbOhKSgGwbDqf5xejZrtGSCCzDrhgs3bXnk6h9zYmLc0jXJEJkN3yMV0fYt1B-hP2Ip6RnAGzpbopv6AQ7uvHdQs8VQMDSds-DAJmiotMuXcbwLClaL_AQLwNdnIIy7G_JgNFiQNm6YoRRUd099CCdbEPilPZHmIY1Y6ViUwAK-0CJLW-BbD77MsjQgfjPqkYCodeREmx2z28cJ8cHyXqyRGDtBL1Tsg_MsAE6ICSss0BkgUECAQYAZIFBAgFGASgBgKAB9rs6zGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCH9iXSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMTg4NzI1MjA4NjQ0MjEwMRgA&sigh=Qx5TU1moRgE&uach_m=[UACH]&cid=CAQSGwDUE5ymTYaaBp6qE-l8WPNsmt9EzWmHVC7SqRgB
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 27 Feb 2023 11:12:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/ Frame 30DA 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
68168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9122
x-xss-protection
0
server
cafe
etag
6330344511044705610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:31 GMT
6039879660543135347
tpc.googlesyndication.com/simgad/ Frame 30DA 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6039879660543135347?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qn4E4yXNee1XTHt-v5pcBQAge7j3Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e73f40619326967e092705365f3fa80dc873c49c44383ad8d1bb63ad576dbf19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34175
x-xss-protection
0
last-modified
Fri, 07 Feb 2020 06:46:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 27 Feb 2024 11:12:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 30DA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
68167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 30DA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
68168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 30DA 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677104061356577"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Feb 2023 11:12:39 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 30DA 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54ec5d49fd3dbb498c6f9fb4746bb071d87b86ae802c77b238b3eace00999e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 17:59:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
61978
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13744
x-xss-protection
0
server
cafe
etag
5530353353552386020
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 17:59:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=1813829335459140&bg=!QkGlQRXNAAZYlHKzeJQ7ADkAdvg8Wkwwg3EDDRyqgEDNGwFo_Jf70pwm-_yLHjeqPoAq2OwnKfkS4DvXD7hYNhJ0u4XOGQw6-NgCAAAAgFIAAAAEaAEHCgCurbtTVDUGHz8nqi4gVCBJdzEULYXZ4kIgGOyoCDWfUpCWtDq0Sgv8oXYwUvPW6DbjSahKoVBaq6L6bPWZwJd4HowWhwK4Sr9BkeRoX0FbvDsqss-TnQ8Th4iIQm2Kqzi-ujpy_Phg8DPwW2L3pG13Mk3hCyf88BFsnNKIOpKa80dtXtguh0-nj3hSgT_NJsyK1TidPMymM2fbeY8E6ul5QiRHXaJLvrTV9jb1hCdumQKap-mc1slnvCMHZy4Vkdi5o68wlWHGcETdcoESkibYukPVOFYbC8mpmGlSMmLQEUBD7RQ8itVwWcqduTG4k84sDhu3RnJzhHqCvRe633C1qouxRpY-WZRVSZgZ09RvYF0SzkyMyelBkOM5-F-jtyf3VmoEyQtlNbPWaky2IbUa5IhPcPYnmGY2o3aKVFKfMmRSM9jhE5kdOzjd_butitsDQ5evNRWB1EDYQmlB6YgrfQyg5QjveLwxM9u9Dzc1O8aklA1YPQruHy9hcimTHDk1TqVkdrlqoldIEzbkyai0j_0_3fC1i91d5EvG_7xFweJFpg-JM0Rh6vUBg5yxFBTRz2hBpSU4uS8jaFnrbN7CjYrU8BRY2Vdi-7p7TX1SpAhtVjCrNhgEHMHdqwXuQ1Y1EFiPOQrt5eNoCF2kN4MjISevtkDrT8qn-Mn_51Jmp7XM2Gf_t8NqfB50cSrCcEC2DbX89f5jUT9U9M8zbVqZtCr9Xlf60Y-GmztqsVV3i27tBhlYRaviFAeKLNRUYfl5E0WeS_QntTI-yKHnFG-rn8IVefhmYKjSH0ZihH1umDxv3oYmay_WA5-SeBmb9ugNm-jnvB-IYrmiMWJogFCtIeitegdbmbMGf_UvePvyPVG2A3Y-q7krCgAqLbm-i14FVATGqfHPwuELdQ9n2PNLL_cKNvhVDw8HX9O8fuFoEvOAKjvWFHpfS9IgdjswtzeB_H2gHx4_N9Iw9UhEA6s6vG2K3eoivT6S6CrFtnn_WTshwFib3XBfxPCL_uDwtaz5jhB22T0yK3fkx7dS7jzjxtM6K3l5A-Xe73jRYDCG7eqjOeVermuqtx26LTsZqT2AZ_xoeE1Kg7gYRfe_hXWjyywTeEr6313vO3m2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
integrator.js
adservice.google.com/adsid/ Frame 5E51 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A53E 		35 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba6f2500c10df5ef58130163b914ccdc6432e05e4fc09523e273a796a75c5aab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15603
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 11:12:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
impl_v95.js
www.googletagservices.com/dcm/ Frame 3536 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 17:26:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Feb 2024 17:26:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7FD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20230223&sample=0.01
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/load_preloaded_resource_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame F7FD 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:42:56 GMT
x-content-type-options
nosniff
age
365383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 05:42:56 GMT
css
fonts.googleapis.com/ Frame 05B7 		4 KB
889 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 11:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 10:49:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Feb 2023 11:12:39 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 05B7 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
68167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/ Frame 05B7 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
68168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9122
x-xss-protection
0
server
cafe
etag
6330344511044705610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 05B7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
68167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 05B7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
68168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 05B7 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677104061356577"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Feb 2023 11:12:39 GMT
ed8ae2896763956dad3710d8730c1299.js
www.gstatic.com/mysidia/ Frame 05B7 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
327809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14007
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 03:30:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 24 May 2023 16:09:10 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D130 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3240
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 10:18:39 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
B29114034.359433600;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=402488621;ord=f2ut5f;click=https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001...
ad.doubleclick.net/ddm/adi/N744234.4292204YAHOODSPVERIZON/ Frame CA59 		54 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N744234.4292204YAHOODSPVERIZON/B29114034.359433600;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=402488621;ord=f2ut5f;click=https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cfa27200dc%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9691ba01777792dbf7a67b952001f3%26grp%3D%253F%253F%253F%26type%3D2%26hbp%3D84%26nl%3D1677496357930%26rts%3D1677496357876%26ari%3D2a9502103d464418979c7e6f1d4cbb8e%26b%3DMTMyMjI7Ozs7Ozs7MzE2NTQ0NTg7Ozs7Ozs7Ozs7MTs.%26a%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82~979~1%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2F2IYT4wtnSgkYeW9kHgLcCDyPaBg_nwZTvt890-IKEg-MnRPMgXX7GhOGtQFkBZ38SFC_FE9gl7KV8iMHxOl0RxP8iaERnFExiRHhMrgdBdoOp0nWPbd5aj3-VotVwOUehTHNpKuBp3y_AYYj_afDn6-ERm4zQ0b2Jfd7i23SHPHjt9eIrZ_yLmVbOVxmjVVBsxpSdhEXzrAHNruDNI0owtjXAO23MH4R7hiEH-el2q3WEPyAg6D2LPUsyUBnp4-wTksG12jjZflCe3xCyy8qW2SnRbujXfJ1%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcubdomain.com%2F$0;xdt=0;crlt=EP794zlcxa;gcsr=m;stc=1;chaa=1;sttr=140;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f6.1e100.net
Software
cafe /
Resource Hash
1c9d3caa3957f429c885951d1ddc50f270e93802b6f77b6e1cae9cb029e5e80b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
26838
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 11:12:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
07070837-B4A5-4DBC-9184-35B09260FCDB&gdpr=0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3536
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-C23KsfxE2uUEintKxC5wWNrrqlgbpyo-~A%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENU0Ui_GMfE_A761sz0EL6k&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2F36A4DC47814133B9133D3750DF1F20
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=&partnerID=156078&pmc=1&pr=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58292%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26uid%...
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=&uid=07070837-B4A5-4DBC-9184-35B09260FCDB&redir2=true
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/07070837-B4A5-4DBC-9184-35B09260FCDB&gdpr=0
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/07070837-B4A5-4DBC-9184-35B09260FCDB&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
2600:1f18:4e9:5a01:b6b9:22a8:c0af:3d60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/07070837-B4A5-4DBC-9184-35B09260FCDB&gdpr=0
date
Mon, 27 Feb 2023 11:12:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55986/ Frame 3536
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_conse...
  • https://sync-tm.everesttech.net/ct/upi/pid/eknnbrON?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0%26gdpr%3D0%26gdpr_co...
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=Y-yQJwAAATRbfgAF&_origin=0&gdpr=0&gdpr_consent=&_test=Y-yQJwAAATRbfgAF
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=Y-yQJwAAATRbfgAF&_origin=0&gdpr=0&gdpr_consent=&_test=Y-yQJwAAATRbfgAF
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

x-served-by
cache-fty21339-FTY
pragma
no-cache
date
Mon, 27 Feb 2023 11:12:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677496360.533839,VS0,VE0
x-cache
HIT
location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=Y-yQJwAAATRbfgAF&_origin=0&gdpr=0&gdpr_consent=&_test=Y-yQJwAAATRbfgAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/55964/ Frame 3536
Redirect Chain
  • https://um.simpli.fi/yahoo?_origin=0&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=2F36A4DC47814133B9133D3750DF1F20&_origin=0&gdpr=0&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=2F36A4DC47814133B9133D3750DF1F20&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Mon, 27 Feb 2023 11:12:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=2F36A4DC47814133B9133D3750DF1F20&_origin=0&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 26 Feb 2023 11:12:39 GMT
sync
ups.analytics.yahoo.com/ups/55939/ Frame 3536
Redirect Chain
  • https://ad.turn.com/r/cs?pid=18&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55939/sync?uid=2904119884902318991&_origin=0&gdpr=0&gdpr_consent=&us_privacy=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55939/sync?uid=2904119884902318991&_origin=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55939/sync?uid=2904119884902318991&_origin=0&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 27 Feb 2023 11:12:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ping_match.gif
pm.w55c.net/ Frame 3536
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=ONEMOBILE&gdpr=0&cs=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=ONEMOBILE&gdpr=0&cs=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent=
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pm.w55c.net/ping_match.gif?scc=1&st=ONEMOBILE&gdpr=0&cs=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent=
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Server
44.193.124.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-124-55.compute-1.amazonaws.com
Software
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-023d355a21cef6104@us-east-1e@dxedge-app-us-east-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:38 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-023d355a21cef6104@us-east-1e@dxedge-app-us-east-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:38 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-0f1dce2c5f386191e@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://pm.w55c.net/ping_match.gif?scc=1&st=ONEMOBILE&gdpr=0&cs=&rurl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F56554%2Fsync%3Fuid%3D_wfivefivec_%26_origin%3D0&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 3536
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?profile=73
  • https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_cons...
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
185159
expires
Mon, 27 Feb 2023 00:00:00 GMT

Redirect headers

location
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=
date
Mon, 27 Feb 2023 11:12:38 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel
content-length
0
usync
onevideosync.uplynk.com/ Frame 3536 		0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onevideosync.uplynk.com/usync?key=onevideo&comboId=y-AMNfBrlE2uGlGBmpsYOk4aFkkBz9MmXQ~A&gdpr=0&gdpr_consent=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.247.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-247-121.compute-1.amazonaws.com
Software
ribs2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
server
ribs2.0
content-length
0
content-type
text/plain
pixel
cm.g.doubleclick.net/ Frame 3536 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1xYkJnVlFsRTJ1R1VzUGZsVFluc3hMUklpbkl5bmhMOH5B&gdpr=0&gdpr_consent=
Requested by
Host: blank
URL: about:blank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
y-_dy1_K5E2uIlED_hAFKaaLytFAMjE7Y-~A
pr-bh.ybp.yahoo.com/sync/adtech/ Frame 3536
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true
  • https://pr-bh.ybp.yahoo.com/sync/adtech/y-_dy1_K5E2uIlED_hAFKaaLytFAMjE7Y-~A
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adtech/y-_dy1_K5E2uIlED_hAFKaaLytFAMjE7Y-~A
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
2600:1f18:4e9:5a01:b6b9:22a8:c0af:3d60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/adtech/y-_dy1_K5E2uIlED_hAFKaaLytFAMjE7Y-~A
date
Mon, 27 Feb 2023 11:12:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
37DE24F61C8E6E260F8636331D306FB2
pr-bh.ybp.yahoo.com/sync/msn/ Frame 3536
Redirect Chain
  • https://c.bing.com/c.gif?Red3=OATHMS_pd
  • https://pr-bh.ybp.yahoo.com/sync/msn/37DE24F61C8E6E260F8636331D306FB2
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/msn/37DE24F61C8E6E260F8636331D306FB2
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
2600:1f18:4e9:5a01:b6b9:22a8:c0af:3d60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A0B913448D3746C1B9277B9C9B685A45 Ref B: MIAEDGE1712 Ref C: 2023-02-27T11:12:39Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://pr-bh.ybp.yahoo.com/sync/msn/37DE24F61C8E6E260F8636331D306FB2
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sync
ups.analytics.yahoo.com/ups/55953/ Frame 3536
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&_origin=0&gdpr=0&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c&_origin=0&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
267
setuid
ib.adnxs.com/prebid/ Frame 3536
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-PyLcHodE2uFwVVTvd.tDTLGVZ5iDjw--~A&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-PyLcHodE2uFwVVTvd.tDTLGVZ5iDjw--~A&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:39 GMT
AN-X-Request-Uuid
90cbef0b-2659-4c5c-b9e9-dcb2f050728a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
38.132.118.73; 38.132.118.73; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-PyLcHodE2uFwVVTvd.tDTLGVZ5iDjw--~A&gdpr=0
date
Mon, 27 Feb 2023 11:12:39 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
s
googleads.g.doubleclick.net/pagead/drt/ Frame 58A6 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3240
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 10:18:39 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame D130
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 11:12:39 GMT
expires
Mon, 27 Feb 2023 11:12:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 11:12:39 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
pagead2.googlesyndication.com/bg/ Frame 03CC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 18:19:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
406372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14406
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 18:19:47 GMT
nmedianet.js
contextual.media.net/ Frame A53E 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU2F14C6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.220.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
453ff51e85f2424386b5678071561a4ec69a2aaf84bb5078f95217af4b8db8de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-mnt-h
21-7zm4
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 27 Feb 2023 11:12:39 GMT
server
Apache
etag
"c0f3dff65c5dabbcc8c5e1c41994eb10"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-3hlg
timing-allow-origin
*
expires
Mon, 27 Feb 2023 11:17:39 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame A53E 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Mon, 27 Feb 2023 11:12:39 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=17009
access-control-allow-credentials
true
content-length
62892
expires
Mon, 27 Feb 2023 15:56:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame A53E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
68167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame A53E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 16:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
68168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 16:16:31 GMT
l
www.google.com/ads/measurement/ Frame A53E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcjSrc6Pg5dKeB5wV53GylLtkXXAGcmICzkPpGupg8A2AOgMUz7uNqYhEC6n7JoLS3U6-HYXnx-eZD3G_Q7Y3aupXpSQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A53E 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677104061356577"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Feb 2023 11:12:39 GMT
stick
www.ebay.com/gum/v1/ Frame F5E5 		44 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/intag_incontent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.77.221.103 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-221-103.deploy.static.akamaitechnologies.com
Software
ebay-proxy-server /
Resource Hash
bfaa39ed033e1ffc75d6836a262e185c70c7b0a0154448a0e38aca11f0db7471
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' *.ebay.com *.ebayimg.com *.ebaystatic.com;frame-ancestors https://cubdomain.com
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cubdomain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-inline' *.ebay.com *.ebayimg.com *.ebaystatic.com;frame-ancestors https://cubdomain.com
content-type
text/html
date
Mon, 27 Feb 2023 11:12:40 GMT
rlogid
t6dpk%3D9whhdpk*6rjss%28rbpv67%3A1-18692931b7d-0x2330
server
ebay-proxy-server
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-edgeconnect-midmile-rtt
1
x-edgeconnect-origin-mex-latency
987
x-envoy-upstream-service-time
984
adview.htm
rt3019.infolinks.com/action/ 		0
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt3019.infolinks.com/action/adview.htm?rid=4beacbef-7e1c-4999-8cec-9ceccc6fcd82&bdc=3&midx=0&emd=NDg4fjE5MTM&rts=1677496359488&prod_t=a&jsv=1849.013-3.025&sdata=month&scs=MEqj_DrGDX&rsd=ZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB&rsk=76&rcs=7mi0N8Tk2wFTiNll69cR2A
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7a007c96e9de02dc-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A53E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CIYjJJ5D8Y9OmB8DUxtYPnMeauA-Oz5iWbLHDo4rbC8CNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTYzNzMzMTU5ODA3NDEyNTXIAQmoAwGqBLQBT9CnyiJdxghwseGxpNPM7b3tzJztQPec3ebsLAtinvxtVDo_50U7ZeTjTccv4BGE7o9oe5Aj9sJeOdUAOg1t1w6yzay6tYuno8x6seBQbvnBDKBicY8S_HaJtWpp5zs0y0-DuCVsxgkBGV9Gv57VMC2qZXw16ewRxjiy4zZ2oB5zqvP-Z4ls6_TgEdSbaUHnk6AZfp5Nf5Frd4EFuP9es8140z18Hc17-wfgzYTDVW-_lscNgAaG1be3q_22pPgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjM3MzMxNTk4MDc0MTI1NRj91Cc&sigh=1hYUm_gImy8&uach_m=[UACH]&cid=CAQSKQDUE5ymTVb6o6zMN2EHFsVOFqqsC-ERuGRhz8DIR5OiQSuXnsoACwz1GAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 27 Feb 2023 11:12:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame A53E 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=9db63445eda0429a89e89b005ad3196a&bidrestime=1677496359226&cbdp=0.042&ogbdp=0.08&prvReqId=2553496081198_540940741_17484912413191&pvid=319&scrid=1700080812610100728009000000500&size=728x90&slotVisibility=2&viewability=22&app=0&cc=US&cid=8CURC8I25&csip=rtb-appnexus-745f5fc68-fx745.SC&device_id=4&dn=cubdomain.com&itype=ADX&mang=1&requrl=https%3A%2F%2Fcubdomain.com&dtc=east_sc&zone=d&commit_id=9ad974a0&ugd=4&sc_pvid=294&ctr=-1.0&rme=nurl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:39 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 27 Feb 2023 11:12:39 GMT
log
qsearch-a.akamaihd.net/ Frame A53E 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=&other_prv=294%7C319&jar_err=&current_day=1.0&adtyp=0&req_id=m0afNNW3D2uUVmw4jCJrXw&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=54.1082&exp=&deal_id=&fdbk_id=&second_bidder=294&search_res=48&floor_bucket=0.00&gpid_format=&seat=319&rc=-1&size=728x90&ecp_rtime=0&f_seg=&prdp=0.0416&ogcbdp=0.0800&dfpbd=0.0416&server=1&ogerpm_wd_bkt=0-1&model_version=202302261236_generic_adx_2-cid_1&viewability=0.2200&dmm_r=0.2290&cut=48&dmm_l=0.2290&as_cache=1&tcyerpm=&sc=FL&send_erpm=true&dmm_m9=0.0000&sd=1&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=cubdomain.com%2F&bidrestime=1677496359226&cc=US&strg=harmony&ss=&current_hour=10&time_stamp=2023-02-27+11%3A12%3A39&model_key=generic_adx_2-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.0800&ct=dover&akey=&mnckfl=0&asn=202&bdp_bucket=0.10&algo=unison12&dc=east_sc&dim5=000&splid=&dim4=exploration&erpm_mult=1.000000&dn=cubdomain.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F110.0.5481.177+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=9db63445eda0429a89e89b005ad3196a&zone=d&infl=&o_ver=NT+10.0&br_ver=110.0.5481.177&bdmm_m6=1.0000&bdmm_m7=0.2970&bdmm_m5=1.0610&ver=9.2.0&totalTimeBucket=2&visibility=2&totalTime=2149341&dmm_m1=2023-02-27+11%3A12%3A39.228197380&e_rpm=0.0640&dmm_m22=0.0000&gdpr=&vsid=&sb_flr=false&log_less=false&gpid_sent=false&ogerpm_used=false&sfm_key=&bdmm_m12=0.3150&cid=8CURC8I25&bcrid=1700080812610100728009000000500&rawbid=0.0800&seat_id=319&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-appnexus-745f5fc68-fx745.SC&dfp_bucket=0.0&adblk=1445061518&itype=adx&pvid_seat=319_319&cliIP=0&advurl=topics.businessfocus.online%2F&level_base=0&crid=174849124&sat=1&br_id=265&cut_bkt=50&gpid=&iwb=1&dmm_d22=0.02&second_bid=0.050000&sc_pvid=319&capd=0&other_bids=0.05%7C0.08
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.44.133.30 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-133-30.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:39 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 27 Feb 2023 11:12:39 GMT
tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
pagead2.googlesyndication.com/bg/ Frame E37A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1887252086442101&output=html&h=280&adk=1213588912&adf=2069133333&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1677496357&rafmt=1&to=qs&pwprc=1302010343&format=1200x280&url=https%3A%2F%2Fcubdomain.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496357071&bpp=2&bdt=840&idt=312&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7342740357682&frm=20&pv=1&ga_vid=1180126012.1677496357&ga_sid=1677496357&ga_hid=1337071579&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31072348%2C44774292%2C31071268&oid=2&pvsid=1813829335459140&tmod=1400963825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sGAMTXv0m7&p=https%3A//cubdomain.com&dtd=318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 18:19:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
406372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14406
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 18:19:47 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 58A6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 11:12:39 GMT
expires
Mon, 27 Feb 2023 11:12:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 11:12:39 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
pagead2.googlesyndication.com/bg/ Frame 2CB6 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 18:19:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
406372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14406
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 18:19:47 GMT
12056794173146761470
s0.2mdn.net/simgad/ Frame CA59 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12056794173146761470
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N744234.4292204YAHOODSPVERIZON/B29114034.359433600;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=402488621;ord=f2ut5f;click=https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cfa27200dc%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9691ba01777792dbf7a67b952001f3%26grp%3D%253F%253F%253F%26type%3D2%26hbp%3D84%26nl%3D1677496357930%26rts%3D1677496357876%26ari%3D2a9502103d464418979c7e6f1d4cbb8e%26b%3DMTMyMjI7Ozs7Ozs7MzE2NTQ0NTg7Ozs7Ozs7Ozs7MTs.%26a%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82~979~1%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2F2IYT4wtnSgkYeW9kHgLcCDyPaBg_nwZTvt890-IKEg-MnRPMgXX7GhOGtQFkBZ38SFC_FE9gl7KV8iMHxOl0RxP8iaERnFExiRHhMrgdBdoOp0nWPbd5aj3-VotVwOUehTHNpKuBp3y_AYYj_afDn6-ERm4zQ0b2Jfd7i23SHPHjt9eIrZ_yLmVbOVxmjVVBsxpSdhEXzrAHNruDNI0owtjXAO23MH4R7hiEH-el2q3WEPyAg6D2LPUsyUBnp4-wTksG12jjZflCe3xCyy8qW2SnRbujXfJ1%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcubdomain.com%2F$0;xdt=0;crlt=EP794zlcxa;gcsr=m;stc=1;chaa=1;sttr=140;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc76673400a898b78026dbb1e2cadd1652416487841d44b354a22ff322639870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 20:08:30 GMT
x-content-type-options
nosniff
age
486249
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96286
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 19:39:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Feb 2024 20:08:30 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/xfa/ Frame CA59 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N744234.4292204YAHOODSPVERIZON/B29114034.359433600;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=402488621;ord=f2ut5f;click=https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cfa27200dc%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9691ba01777792dbf7a67b952001f3%26grp%3D%253F%253F%253F%26type%3D2%26hbp%3D84%26nl%3D1677496357930%26rts%3D1677496357876%26ari%3D2a9502103d464418979c7e6f1d4cbb8e%26b%3DMTMyMjI7Ozs7Ozs7MzE2NTQ0NTg7Ozs7Ozs7Ozs7MTs.%26a%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82~979~1%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2F2IYT4wtnSgkYeW9kHgLcCDyPaBg_nwZTvt890-IKEg-MnRPMgXX7GhOGtQFkBZ38SFC_FE9gl7KV8iMHxOl0RxP8iaERnFExiRHhMrgdBdoOp0nWPbd5aj3-VotVwOUehTHNpKuBp3y_AYYj_afDn6-ERm4zQ0b2Jfd7i23SHPHjt9eIrZ_yLmVbOVxmjVVBsxpSdhEXzrAHNruDNI0owtjXAO23MH4R7hiEH-el2q3WEPyAg6D2LPUsyUBnp4-wTksG12jjZflCe3xCyy8qW2SnRbujXfJ1%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcubdomain.com%2F$0;xdt=0;crlt=EP794zlcxa;gcsr=m;stc=1;chaa=1;sttr=140;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5e2feb1c86511dd8ae06b0f37731b3b44bf0c601fefd78d3c88e41756d5ea1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 19:44:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
55668
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3925
x-xss-protection
0
server
cafe
etag
3610070691013062298
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 19:44:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/elements/html/ Frame CA59 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N744234.4292204YAHOODSPVERIZON/B29114034.359433600;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=402488621;ord=f2ut5f;click=https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cfa27200dc%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9691ba01777792dbf7a67b952001f3%26grp%3D%253F%253F%253F%26type%3D2%26hbp%3D84%26nl%3D1677496357930%26rts%3D1677496357876%26ari%3D2a9502103d464418979c7e6f1d4cbb8e%26b%3DMTMyMjI7Ozs7Ozs7MzE2NTQ0NTg7Ozs7Ozs7Ozs7MTs.%26a%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82~979~1%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2F2IYT4wtnSgkYeW9kHgLcCDyPaBg_nwZTvt890-IKEg-MnRPMgXX7GhOGtQFkBZ38SFC_FE9gl7KV8iMHxOl0RxP8iaERnFExiRHhMrgdBdoOp0nWPbd5aj3-VotVwOUehTHNpKuBp3y_AYYj_afDn6-ERm4zQ0b2Jfd7i23SHPHjt9eIrZ_yLmVbOVxmjVVBsxpSdhEXzrAHNruDNI0owtjXAO23MH4R7hiEH-el2q3WEPyAg6D2LPUsyUBnp4-wTksG12jjZflCe3xCyy8qW2SnRbujXfJ1%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcubdomain.com%2F$0;xdt=0;crlt=EP794zlcxa;gcsr=m;stc=1;chaa=1;sttr=140;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 20:16:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
53779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Mar 2023 20:16:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA59 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N744234.4292204YAHOODSPVERIZON/B29114034.359433600;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=402488621;ord=f2ut5f;click=https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cfa27200dc%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9691ba01777792dbf7a67b952001f3%26grp%3D%253F%253F%253F%26type%3D2%26hbp%3D84%26nl%3D1677496357930%26rts%3D1677496357876%26ari%3D2a9502103d464418979c7e6f1d4cbb8e%26b%3DMTMyMjI7Ozs7Ozs7MzE2NTQ0NTg7Ozs7Ozs7Ozs7MTs.%26a%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82~979~1%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2F2IYT4wtnSgkYeW9kHgLcCDyPaBg_nwZTvt890-IKEg-MnRPMgXX7GhOGtQFkBZ38SFC_FE9gl7KV8iMHxOl0RxP8iaERnFExiRHhMrgdBdoOp0nWPbd5aj3-VotVwOUehTHNpKuBp3y_AYYj_afDn6-ERm4zQ0b2Jfd7i23SHPHjt9eIrZ_yLmVbOVxmjVVBsxpSdhEXzrAHNruDNI0owtjXAO23MH4R7hiEH-el2q3WEPyAg6D2LPUsyUBnp4-wTksG12jjZflCe3xCyy8qW2SnRbujXfJ1%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcubdomain.com%2F$0;xdt=0;crlt=EP794zlcxa;gcsr=m;stc=1;chaa=1;sttr=140;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677104061356577"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Feb 2023 11:12:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CA59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpT4m3V8w74TFgw4epogfaDk26fg-a_i-DZcYddy_ruyBORjFKDpJh9PL7PxiGKhe7QqsmpnZT86Y1pwDyIl2-aZGCadcSeJr80aJZm70817JKljk3_SCAcZAY4BguclZrRBxhDT--lhzc4NiBYROPoOeGQT5aEYj1rUGmWxCi18zADqVWK9k&sai=AMfl-YTjDO9MO4aOlOgngXC55eEx9QA0rW1uw-QFzIqYFqmGXxVUqO0VBkn4wwhmY8gyr4ePOMV2pp14bQECWGRryIAs4bdYbp_7MOCrDg&sig=Cg0ArKJSzKibNwn9Yf-tEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230222.00944&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N744234.4292204YAHOODSPVERIZON/B29114034.359433600;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=402488621;ord=f2ut5f;click=https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cfa27200dc%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9691ba01777792dbf7a67b952001f3%26grp%3D%253F%253F%253F%26type%3D2%26hbp%3D84%26nl%3D1677496357930%26rts%3D1677496357876%26ari%3D2a9502103d464418979c7e6f1d4cbb8e%26b%3DMTMyMjI7Ozs7Ozs7MzE2NTQ0NTg7Ozs7Ozs7Ozs7MTs.%26a%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82~979~1%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2F2IYT4wtnSgkYeW9kHgLcCDyPaBg_nwZTvt890-IKEg-MnRPMgXX7GhOGtQFkBZ38SFC_FE9gl7KV8iMHxOl0RxP8iaERnFExiRHhMrgdBdoOp0nWPbd5aj3-VotVwOUehTHNpKuBp3y_AYYj_afDn6-ERm4zQ0b2Jfd7i23SHPHjt9eIrZ_yLmVbOVxmjVVBsxpSdhEXzrAHNruDNI0owtjXAO23MH4R7hiEH-el2q3WEPyAg6D2LPUsyUBnp4-wTksG12jjZflCe3xCyy8qW2SnRbujXfJ1%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcubdomain.com%2F$0;xdt=0;crlt=EP794zlcxa;gcsr=m;stc=1;chaa=1;sttr=140;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 27 Feb 2023 11:12:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CA59 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N744234.4292204YAHOODSPVERIZON/B29114034.359433600;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=402488621;ord=f2ut5f;click=https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cfa27200dc%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9691ba01777792dbf7a67b952001f3%26grp%3D%253F%253F%253F%26type%3D2%26hbp%3D84%26nl%3D1677496357930%26rts%3D1677496357876%26ari%3D2a9502103d464418979c7e6f1d4cbb8e%26b%3DMTMyMjI7Ozs7Ozs7MzE2NTQ0NTg7Ozs7Ozs7Ozs7MTs.%26a%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82~979~1%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2F2IYT4wtnSgkYeW9kHgLcCDyPaBg_nwZTvt890-IKEg-MnRPMgXX7GhOGtQFkBZ38SFC_FE9gl7KV8iMHxOl0RxP8iaERnFExiRHhMrgdBdoOp0nWPbd5aj3-VotVwOUehTHNpKuBp3y_AYYj_afDn6-ERm4zQ0b2Jfd7i23SHPHjt9eIrZ_yLmVbOVxmjVVBsxpSdhEXzrAHNruDNI0owtjXAO23MH4R7hiEH-el2q3WEPyAg6D2LPUsyUBnp4-wTksG12jjZflCe3xCyy8qW2SnRbujXfJ1%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcubdomain.com%2F$0;xdt=0;crlt=EP794zlcxa;gcsr=m;stc=1;chaa=1;sttr=140;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 11:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Feb 2024 11:13:13 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CA59 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a3f18816535e8b889942eac6653aba5538ae7a9cc98881fa473b0ca4fc3d1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5639
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6972 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
268768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Feb 2023 08:33:11 GMT
expires
Sat, 24 Feb 2024 08:33:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
SAFEFRAME.js
contextual.media.net/sr/2722522032/ Frame A53E 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.js?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU2F14C6&cpcd=HMB3LfM9xQgrFODbYmgwbg%3D%3D&crid=719842512&size=728x90&cc=US&sc=FL&chnm=HARMONY&pid=8POV72K7L&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fcubdomain.com&nse=5&vi=1677496359849975951&lw=1&ugd=4&adt1=8CURC8I25&adt2=174849124&itid=17&bae=B4xxNa4aza&bcpf=B4xxNa8fOnRrolnfOur84aza&bdrId=319&ntv=0&matchstring=bcat%3D14h%2C7%7Ccsh%3D1&sff=0&katpre=1&katbid=-102&pgid=p11994457902t202302271112&essld=f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~sT~OmeJL&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&isid=319&allsc=FL
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU2F14C6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.220.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1c7c57142dd7f57fe7bc81cd9efd19162bb668b2346a4eb7e85821e59833afb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-mv5t
timing-allow-origin
*
content-length
28804
expires
Mon, 27 Feb 2023 11:12:40 GMT
bping.php
lg3.media.net/ Frame A53E 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=734&&vgd_cdv=880&vgd_cage=3&gdpr=0&prid=8PRVCXX19&cid=8CU2F14C6&crid=719842512&vi=1677496359849975951&ugd=4&lf=6&cc=US&sc=FL&vsid=3204979571524164&lper=100&wsip=170785065&r=1677496359892&requrl=https%3A%2F%2Fcubdomain.com&ssld=%7B%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22sT%22%2C%22QQN75%22%3A%22OmeJL%22%7D&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1677496359197501205&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CURC8I25&vgd_hb_audit_2=174849124&vgd_itype_id=17&vgd_pgid=p11994457902t202302271112&vgd_pgids=1&vgd_uspa=0&hvsid=00001677496359888006462152412966&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Mon, 27 Feb 2023 11:12:39 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 27 Feb 2023 11:12:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CA59 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpT4m3V8w74TFgw4epogfaDk26fg-a_i-DZcYddy_ruyBORjFKDpJh9PL7PxiGKhe7QqsmpnZT86Y1pwDyIl2-aZGCadcSeJr80aJZm70817JKljk3_SCAcZAY4BguclZrRBxhDT--lhzc4NiBYROPoOeGQT5aEYj1rUGmWxCi18zADqVWK9k&sai=AMfl-YTjDO9MO4aOlOgngXC55eEx9QA0rW1uw-QFzIqYFqmGXxVUqO0VBkn4wwhmY8gyr4ePOMV2pp14bQECWGRryIAs4bdYbp_7MOCrDg&sig=Cg0ArKJSzKibNwn9Yf-tEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=254&vt=11&dtpt=253&dett=2&cstd=0&cisv=r20230222.00944&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N744234.4292204YAHOODSPVERIZON/B29114034.359433600;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=402488621;ord=f2ut5f;click=https%3A%2F%2Fprod-m-node-1213.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969c9e01777792d6e5a677d55001c6%26n%3DYahoo%2BSSP%26id%3D6cdcc24597fe4893a7f2705e60b46602%26tid%3D8a9694960177778d68fb92cfa27200dc%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9691ba01777792dbf7a67b952001f3%26grp%3D%253F%253F%253F%26type%3D2%26hbp%3D84%26nl%3D1677496357930%26rts%3D1677496357876%26ari%3D2a9502103d464418979c7e6f1d4cbb8e%26b%3DMTMyMjI7Ozs7Ozs7MzE2NTQ0NTg7Ozs7Ozs7Ozs7MTs.%26a%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82~979~1%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpn.ybp.yahoo.com%2Fcj%2Fcd%2F2IYT4wtnSgkYeW9kHgLcCDyPaBg_nwZTvt890-IKEg-MnRPMgXX7GhOGtQFkBZ38SFC_FE9gl7KV8iMHxOl0RxP8iaERnFExiRHhMrgdBdoOp0nWPbd5aj3-VotVwOUehTHNpKuBp3y_AYYj_afDn6-ERm4zQ0b2Jfd7i23SHPHjt9eIrZ_yLmVbOVxmjVVBsxpSdhEXzrAHNruDNI0owtjXAO23MH4R7hiEH-el2q3WEPyAg6D2LPUsyUBnp4-wTksG12jjZflCe3xCyy8qW2SnRbujXfJ1%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcubdomain.com%2F$0;xdt=0;crlt=EP794zlcxa;gcsr=m;stc=1;chaa=1;sttr=140;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 27 Feb 2023 11:12:39 GMT
checksync.php
contextual.media.net/ Frame 5A7E 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CURC8I25&prvid=2033%2C294%2C3018%2C313%2C238%2C359%2C459%2C319%2C77%2C99%2C20000%2C184%2C262%2C460%2C241%2C461%2C462%2C188%2C246%2C4%2C10000%2C229%2C9%2C307&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.220.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c2c9388cd875c17ebd3b79f77dca87859903413cd01bc6fb746b6ee7e4167eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9713
content-type
text/html; charset=UTF-8
date
Mon, 27 Feb 2023 11:12:40 GMT
expires
Wed, 01 Mar 2023 11:12:40 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame A53E 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5431&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CURC8I25&reqid=m0afNNW3D2uUVmw4jCJrXw&vid=m0afNNW3D2uUVmw4jCJrXw&dn=cubdomain.com&rawDn=cubdomain.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fcubdomain.com&cliIPV6=2001%3A0550%3A1d05%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=FL&ct=dover&pubid=pub-ADX-101639958875&tgtval=pub-ADX-101639958875&csip=rtb-appnexus-745f5fc68-fx745.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=202&sckfl=1&suid=CAESEOEN22ClgZPumkQMjje7HYo&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AGJvddeo9dpe0jexm94jm-v7zdXSDK5FOPonH4dP3falL0LS8NOpt-3RlDbcnAIajNjbsInp&pexid=ADX-pub-6373315980741255&geoll=false&is_ortb=false&s_ip=172.217.36.133&s_city=atlanta&commit_id=9ad974a0&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-02-24+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&rtttime=35&pvid=319&prvAccId=719842512&prvApiId=8CU2F14C6&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=174849124&prspt=headerBid&prvReqId=2553496081198_540940741_17484912413191&reqsize=728x90&size=728x90&chnl=HARMONY&bdp=0.080&cbdp=0.042&og_cbdp=0.080&ogbdp=0.08&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dfpBd=0.042&dt=O&dbf=1&epc=719842512&s=1&snm=SUCCESS&pcrid=8CU2F14C6-719842512-9-4&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=22&slotVisibility=2&adpos=3&iframingState=0&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=319&brsrclk=0&bidrestime=1677496359226&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080812610100728009000000500&strg=HARMONY&vls=0&scrid=1700080812610100728009000000500&mang=1&pvdTmax=253&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CU2F14C6&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CURC8I25&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_crsw_exp=cd1&mx_tgs=728x90&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_crsw_bckt=A1&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=bca7e990d9&acid=9db63445eda0429a89e89b005ad3196a&rtime=5.0&wsip=mowx-lite-59cc94fc87-wgsmk&ltime=30.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=1445061518&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=fail&mowxReqId=9db63445eda0429a89e89b005ad3196a_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=-1.0&rfc=-1&feedback_id=m0afNNW3D2uUVmw4jCJrXw&supplyTagId=1445061518&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=31&debug_ts=2023-02-27+11%3A12%3A39&__expireat=1677496959479&mview=1&sc_pvid=294&sc_ogbdp=0.05&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&sc_prspt=headerBid&sc_bdp=0.050&sc_cbdp=0.050&sc_cat=IAB-3&sc_advUrl=https%3A%2F%2Fsearch.yahoo.com&rme=adm&bdata=~bx_len%3D1353~bhp%3D0~bid%3D0.080~bx_abtest%3DPatternMulBiz~bx_agl2a_l%3D0~bx_asn%3D202~bx_cs%3D0~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_l2as%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0010010~bx_size%3D728x90~bx_tmax%3D250~bx_tml_suffix%3D%2F~city%3DDOVER~ck_fl%3D2~dc%3Dgcp-us-east1-d~dmm_d1%3D0~dmm_d10%3D0~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D15~dmm_d19%3D0000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.02~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D00~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d5%3D0~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d53%3D0000~dmm_d56%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_d9%3D0~dmm_l%3D0.028~dmm_m1%3D0.064~dmm_m10%3D1.000~dmm_m11%3D0.898~dmm_m12%3D0.315~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.000~dmm_m16%3D0.213~dmm_m17%3D1.000~dmm_m2%3D0.089~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m27%3D1~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m34%3D1.000~dmm_m35%3D317.000~dmm_m36%3D317.000~dmm_m39%3D1300.000~dmm_m40%3D1300.000~dmm_m43%3D4.204~dmm_m44%3D1.000~dmm_m47%3D19369.000~dmm_m48%3D4868445.000~dmm_m5%3D1.061~dmm_m51%3D317.000~dmm_m52%3D0.220~dmm_m6%3D1.000~dmm_m7%3D0.297~dmm_m9%3D1.000~dmm_r%3D0.229~e_rpm%3D0.064~erpm%3D0.064~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_cc%3DUS~r_ip%3D2001-0550-1d05-0000-0000-0000-0000-0000~r_sc%3DFL~rbo%3D5_3~ref_cnt%3D0~sgmt%3Dempty~std%3Dna~vbr%3D0~visibility%3D2~supply_tag_id%3D%7Eviewability%3D0.22%7Eamp%3D1%7Ecbdp%3D0.042%7Edmm%3Dharmony%7Esuid%3DCAESEOEN22ClgZPumkQMjje7HYo%7Esd%3D1%7Edtc%3Deast_sc%7Exid%3DADX-pub-6373315980741255%7Edalg%3Dunison12%7Ehtml%3D1%7Eadblk%3D1445061518%7Esobp%3D0.05%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.080%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D50%7Edogb%3D0-1~ibc%3D1~~mxe%3Dcd1~mxbn%3DA1&utime=728&sf=0&cpr=0.8637841263700243
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
max-age=3600
date
Mon, 27 Feb 2023 11:12:39 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Mon, 27 Feb 2023 17:12:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CFD9 		1 KB
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68610
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 Feb 2023 16:09:10 GMT
etag
48472445140208031
expires
Mon, 27 Feb 2023 16:09:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A53E 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f95c7de3e34bd5f528ccefd2c80f9d35767e10a96193dbd72e64c93e6b99681e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CA59 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230222/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Feb 2023 11:12:40 GMT
7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
pagead2.googlesyndication.com/bg/ Frame 6972 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 20:16:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
226580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14233
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 24 Feb 2024 20:16:20 GMT
cksync
cs.media.net/ Frame 5A7E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIwNDk3OTU3MTUyNDE2NDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEI1FTLw3BJsh4OhcWpcsjZU&google_cver=1
237 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEI1FTLw3BJsh4OhcWpcsjZU&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CURC8I25&prvid=2033%2C294%2C3018%2C313%2C238%2C359%2C459%2C319%2C77%2C99%2C20000%2C184%2C262%2C460%2C241%2C461%2C462%2C188%2C246%2C4%2C10000%2C229%2C9%2C307&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Mon, 27 Feb 2023 11:12:40 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEI1FTLw3BJsh4OhcWpcsjZU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 5A7E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c
237 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CURC8I25&prvid=2033%2C294%2C3018%2C313%2C238%2C359%2C459%2C319%2C77%2C99%2C20000%2C184%2C262%2C460%2C241%2C461%2C462%2C188%2C246%2C4%2C10000%2C229%2C9%2C307&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Feb 2023 11:12:40 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
237
X-MNET-HL2
E
Expires
Mon, 27 Feb 2023 11:12:40 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
cksync.php
contextual.media.net/ Frame 5A7E
Redirect Chain
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop
  • https://contextual.media.net/cksync.php?cs=1&ovsid=b8579d86-bf52-40e5-877d-327e64f26f54&type=loop&gdpr_consent=null&gdpr=0
237 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=b8579d86-bf52-40e5-877d-327e64f26f54&type=loop&gdpr_consent=null&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CURC8I25&prvid=2033%2C294%2C3018%2C313%2C238%2C359%2C459%2C319%2C77%2C99%2C20000%2C184%2C262%2C460%2C241%2C461%2C462%2C188%2C246%2C4%2C10000%2C229%2C9%2C307&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.77.220.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-220-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 27 Feb 2023 11:12:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Mon, 27 Feb 2023 11:12:40 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&ovsid=b8579d86-bf52-40e5-877d-327e64f26f54&type=loop&gdpr_consent=null&gdpr=0
date
Mon, 27 Feb 2023 11:12:40 GMT
server
_
content-length
0
sync
ups.analytics.yahoo.com/ups/58222/ Frame 5A7E
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=1&type=vzn&ovsid={{APID}}&redirect=https%3A%2F%2Fpixel.advertising.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%24UID
  • https://pixel.advertising.com/ups/58222/sync?_origin=1&uid=3204979571524164000V10
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3204979571524164000V10
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3204979571524164000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CURC8I25&prvid=2033%2C294%2C3018%2C313%2C238%2C359%2C459%2C319%2C77%2C99%2C20000%2C184%2C262%2C460%2C241%2C461%2C462%2C188%2C246%2C4%2C10000%2C229%2C9%2C307&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3204979571524164000V10
date
Mon, 27 Feb 2023 11:12:40 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.25
content-length
365
content-language
en
pixel
cm.g.doubleclick.net/ Frame CFD9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKQ4aah-zHYF0JbrGUgi2F8&google_cver=1&google_push=Aa02lx_cIHx1gpcUG4wYD3d87LtCBG2z3NUm9eSQco4328ZFGeqKxTnatBEIPO5v81Kklcj4zmpOKzPFywJwxJUw...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=S6hj_JAmTwC6ED99QJmHBA&google_push=Aa02lx_cIHx1gpcUG4wYD3d87LtCBG2z3NUm9eSQco4328ZFGeqKxTnatBEIPO5v81Kklcj4zmpOKzPFywJwxJUw9y2w1ywr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=S6hj_JAmTwC6ED99QJmHBA&google_push=Aa02lx_cIHx1gpcUG4wYD3d87LtCBG2z3NUm9eSQco4328ZFGeqKxTnatBEIPO5v81Kklcj4zmpOKzPFywJwxJUw9y2w1ywr4K2T
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 27 Feb 2023 11:12:40 GMT
Server
MT3 530 4e92630 master ord-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=S6hj_JAmTwC6ED99QJmHBA&google_push=Aa02lx_cIHx1gpcUG4wYD3d87LtCBG2z3NUm9eSQco4328ZFGeqKxTnatBEIPO5v81Kklcj4zmpOKzPFywJwxJUw9y2w1ywr4K2T
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 27 Feb 2023 11:12:39 GMT
pixel
cm.g.doubleclick.net/ Frame CFD9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJJcs1wk6HGiuI8UHVh8oH0&google_cver=1&google_push=Aa02lx9mTAP6cB3px_WXlah7zELX2-83WH9yNH-FBKu9g18FvdxCbzpN_UkLbBcAga8MBO9iiBo1hqAIWFB-e8RY5NkMiY7VRRiD
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F36A4DC47814133B9133D3750DF1F20&google_push=Aa02lx9mTAP6cB3px_WXlah7zELX2-83WH9yNH-FBKu9g18FvdxCbzpN_UkLbBcAga8MBO9iiBo1hqAIWFB-e8R...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F36A4DC47814133B9133D3750DF1F20&google_push=Aa02lx9mTAP6cB3px_WXlah7zELX2-83WH9yNH-FBKu9g18FvdxCbzpN_UkLbBcAga8MBO9iiBo1hqAIWFB-e8RY5NkMiY7VRRiD
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 27 Feb 2023 11:12:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2F36A4DC47814133B9133D3750DF1F20&google_push=Aa02lx9mTAP6cB3px_WXlah7zELX2-83WH9yNH-FBKu9g18FvdxCbzpN_UkLbBcAga8MBO9iiBo1hqAIWFB-e8RY5NkMiY7VRRiD
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 26 Feb 2023 11:12:40 GMT
pixel
cm.g.doubleclick.net/ Frame CFD9
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEHcHv1Gf9hsK3-YGQX0BTys&c_param1=Aa02lx-w2cM-3eyptvhk_235ptBtm5MInoZgrd-2M5MF6PB92Bd0w4uTBTeV1O1oyOsIbWay38uAjEqyE7idbj_em9Avs5roo7k&gdpr=%%GDPR%%&a...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aa02lx-w2cM-3eyptvhk_235ptBtm5MInoZgrd-2M5MF6PB92Bd0w4uTBTeV1O1oyOsIbWay38uAjEqyE7idbj_em9Avs5roo7k
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aa02lx-w2cM-3eyptvhk_235ptBtm5MInoZgrd-2M5MF6PB92Bd0w4uTBTeV1O1oyOsIbWay38uAjEqyE7idbj_em9Avs5roo7k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aa02lx-w2cM-3eyptvhk_235ptBtm5MInoZgrd-2M5MF6PB92Bd0w4uTBTeV1O1oyOsIbWay38uAjEqyE7idbj_em9Avs5roo7k
date
Mon, 27 Feb 2023 11:12:40 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame CFD9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECsPfuMlzDJz0sZYakq8bAY&google_cver=1&google_push=Aa02lx9MwosDPLKx2m7YhziCo75nmfPp6tDm6ecsPfIyf7I4TJlnOf8umjCMyezNqUb1Bl6gi_wqXiPd...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk0NzY1MjA3OTYxMzE4NzMyNA&google_push=Aa02lx9MwosDPLKx2m7YhziCo75nmfPp6tDm6ecsPfIyf7I4TJlnOf8umjCMyezNqUb1Bl6gi_wqXi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk0NzY1MjA3OTYxMzE4NzMyNA&google_push=Aa02lx9MwosDPLKx2m7YhziCo75nmfPp6tDm6ecsPfIyf7I4TJlnOf8umjCMyezNqUb1Bl6gi_wqXiPdy_CxIXhcUCkMK1hOGyoV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk0NzY1MjA3OTYxMzE4NzMyNA&google_push=Aa02lx9MwosDPLKx2m7YhziCo75nmfPp6tDm6ecsPfIyf7I4TJlnOf8umjCMyezNqUb1Bl6gi_wqXiPdy_CxIXhcUCkMK1hOGyoV
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame CFD9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEA-APGgQn97Om1w9y7bf9yA&google_cver=1&google_push=Aa02lx9OwV-fo7c4LwGDgbAMXANOvQsJNVUcZboKgnPHmI9aOKvpFRvY3DweSLQCGDcKqPMVyoJ6koH3lVGimzu...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=L1ZOYqHQQcRqpmXCogLXkSaEdkk&google_push=Aa02lx9OwV-fo7c4LwGDgbAMXANOvQsJNVUcZboKgnPHmI9aOKvpFRvY3DweSLQCGDcKqPMVyoJ6koH3lVGimz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=L1ZOYqHQQcRqpmXCogLXkSaEdkk&google_push=Aa02lx9OwV-fo7c4LwGDgbAMXANOvQsJNVUcZboKgnPHmI9aOKvpFRvY3DweSLQCGDcKqPMVyoJ6koH3lVGimzueJjY4GsTxk3LY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=L1ZOYqHQQcRqpmXCogLXkSaEdkk&google_push=Aa02lx9OwV-fo7c4LwGDgbAMXANOvQsJNVUcZboKgnPHmI9aOKvpFRvY3DweSLQCGDcKqPMVyoJ6koH3lVGimzueJjY4GsTxk3LY
Date
Mon, 27 Feb 2023 11:12:40 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame CFD9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFo-23L0TXQXfWlBBFDT-fU&google_cver=1&google_push=Aa02lx95J1rRRLgFFOgw-dv1yY3jeBSxWR-c1MR2PDvdpP44gWtWnhDWpjH7PA-T-8r2eZoWBGLHo93Mmb_...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx95J1rRRLgFFOgw-dv1yY3jeBSxWR-c1MR2PDvdpP44gWtWnhDWpjH7PA-T-8r2eZoWBGLHo93Mmb_dmTE2RiZQaRXaZ3anTA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H2
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame CFD9
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHy3IR1a6I9KeoZrIRJQKNo&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MmM3YmVhZDUtNWU4Zi00NzJhLTkyZmYtNjA3MDVlN2JmN2M4&google_push=Aa02lx8PhUcntfw6M4_qvEANKODjlnLhO-XbXJ_TPcKRlLwic3wsP9vQrOvJiYlNMO7GT...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H2
Server
23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-197-46.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Mon, 27 Feb 2023 11:12:40 GMT
pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CFD9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LfMqFEqJCNuMVKZDC-3uZE6kN12lxnlbi14ylkYlkIvqE-Zkmon4itJynZGU68MZmcwuzCuw4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6373315980741255&output=html&h=90&slotname=2794737922&adk=1445061518&adf=3279755402&pi=t.ma~as.2794737922&w=728&rdp=false&format=728x90&url=https%3A%2F%2Fcubdomain.com%2F&ea=0&alternate_ad_url=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsrh%2Fadx%3FhookId%3DIL_IN_CONTENT0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677496358747&bpp=4&bdt=300&idt=309&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&correlator=7342740357682&frm=23&ife=1&pv=2&ga_vid=1043153677.1677496359&ga_sid=1677496359&ga_hid=1728994796&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2571&biw=1600&bih=1200&isw=728&ish=90&ifk=3179687124&scr_x=0&scr_y=0&eid=31071869&oid=2&pvsid=3271707492014693&tmod=413393231&uas=0&nvt=1&loc=https%3A%2F%2Fcubdomain.com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cci75ejogn5h&btvi=1&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 8091 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8091 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8091 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 8091 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5510&&vgd_canary=0&vgd_l2type=scs_newfl&fp=GPCt1_S8YXfxeDEuBFkvfwCsSRRQoW1_hJjNijo0S3XN0xwJ2IgGW6hvPVDaNYDcQcL8gy0aHzdxgpNTnyDOKCv_Um0IQXUdOVIrtb03PrGw9vUs8cddBfVd_5Xk_E2-LnbPrgqJukQ%3D&cme=qQaYv8U0gWSbRlvb7849ZDCMUj55ZeGw-uFue9cdYzbu6Bo6aMZu0y6Jyl0hFiOuer8q3FwfEJR3nYr5_GeLjU_wejSkgZEGi-w1uImyRgkZcD8e2Cxj4fFrCpK_60xTsUplW7qhOolnsDai1rYFiF4DKff4TMkJVxqBF0ri2s3FtjbpQWRY2b18V939DNDaEoBbdpDIDHvQnI9Mg82yaz6JY8vLZMDw%7C%7Cu8A6SM53vAd2pdaw5_ORWTZZ6ChSAbUM%7CCePz_l27-C960ZyDDhSEsvVn7GPNtaJt%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD59owGV7ORzBFVZkcTw8_CL9blKToTRvk0%3D%7CYneT2kY-0RcpLY4TJdCqwXWSJnscJuS6-3QksbWNqqV1TdB1FXsm6zSeYY2EZFRYrxz9XDkpqFqXHo8iwDxN88XDLXkyITAn2vq--rGZVyziq_yHSX956-0VNcIvlXkj3k_Vfnt2w1pfAqE7CQ3Ameai0-QWMghgqayLgQePGhsBulev15rfdWEYxJm-dLUbpTQE-tMeEZSIGp0yfDM_xajdJhPYP6sjVCcbKPlI59pc700Q5GzMcjhHjQFwFCEgLKYpBy9NS98%3D%7C&subBdr=99&bdrid=319&ksu=224&fdkt=265&vgde_kbbh=ffoyxQJuO&kwd[]=Trace+IP+Address&kwt[]=265&kbc[]=40980&kwp[]=1&kid[]=28775092&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.07%7C63%3D0.05%7C60%3D1.06%7C12%3D1.66%7C10%3D4.25%7C66%3D1.61%7C1%3D1.64%7C2%3D4.08%7Cps%3D0.960%7C3%3D0.61%7C4%3D4.29&ktd[]=274911592704&ktrkt[]=Trace+IP+Address&kwd[]=Trace+an+Email+Address&kwt[]=265&kbc[]=41043&kwp[]=2&kid[]=28774764&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.73%7C63%3D0.05%7C60%3D2.22%7C12%3D2.58%7C10%3D4.25%7C66%3D3.10%7C1%3D2.31%7C2%3D5.27%7Cps%3D0.960%7C3%3D0.55%7C4%3D3.62&ktd[]=274894815488&ktrkt[]=Trace+an+Email+Address&kwd[]=Find+Home+Address+by+Name&kwt[]=265&kbc[]=41043&kwp[]=3&kid[]=273373833&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.35%7C63%3D0.05%7C60%3D0.48%7C12%3D0.30%7C10%3D4.25%7C66%3D0.82%7C1%3D0.48%7C2%3D1.72%7Cps%3D0.960%7C3%3D0.35%7C4%3D3.38&ktd[]=274894815488&ktrkt[]=Find+Home+Address+by+Name&kwd[]=Check+Domain+Names&kwt[]=375&kbc[]=4128&kwp[]=4&kid[]=5696079&kbc2[]=%23c%3A2707641%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.02%7C63%3D0.05%7C60%3D0.68%7C12%3D1.53%7C10%3D4.25%7C66%3D1.61%7C1%3D1.37%7C2%3D3.44%7Cps%3D0.994%7C3%3D0.73%7C4%3D2.92&ktd[]=274894684416&ktrkt[]=Check+Domain+Names&v=1&geo=40.8%7C-73.97&dlper=20&lper=100&lpid=&tsid=4&hint=&cc=US&wsip=170774594&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22sT%22%2C%22QQN75%22%3A%22OmeJL%22%7D&cid=8CU2F14C6&vi=1677496359849975951&vsid=3204979571524164&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_implt=3&vgd_cage=0&vgd_l3_sc=FL&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CURC8I25&vgd_hb_audit_2=174849124&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=81303&vgd_nrrmf=1001c80a&vgd_nrrsf=scrr&vgd_cty=new+york&tdAdd[]=%7C%40%7Cfsap%3D0&vgd_ifrmode=11&vgd_l1rakh=1677496359197501205&tsrc=entity&sttm=1677496359888&upk=1677496360.11049&hvsid=00001677496359888006462152412966&verid=3111299&vgd_matchstr=bcat%3D14h%2C7%7Ccsh%3D1&sbdrId=99&vgd_vsidtv=000V10&vgd_ecrid=1700080812610100728009000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POV72K7L&abpl=2&kbbq=%26asn%3D9009&vgd_vstrid=3204979571524164&vgde_bdata=~G-MjJzvuAXA~GwEv9~G8Ov9.9W9~G-M1G7JQ7v0177JLzcxjR8l~G-M1yjf1Mjv9~G-M1Qzvf9f~G-MNQv9~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-Mjf1Qv9~G-MLwvHhr4gEdWqR~G-MLENv99u99u9~G-MQ8lJvhfW-i9~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vra%2F4D~NUMkjvf~ONvyNEoxQoJ1Q7uoO~OYYMOuv9~OYYMOu9v9~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvuX~OYYMOuiv9999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9f~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfFv9~OYYMOfhv9~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfv9.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWv9~OYYMOiv9~OYYMjv9.9fW~OYYMYuv9.9FH~OYYMYu9vu.999~OYYMYuuv9.WiW~OYYMYufv9.AuX~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.fuA~OYYMYuhvu.999~OYYMYfv9.9Wi~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvu~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAXvAuh.999~OYYMYAFvAuh.999~OYYMYAivuA99.999~OYYMYH9vuA99.999~OYYMYHAvH.f9H~OYYMYHHvu.999~OYYMYHhvuiAFi.999~OYYMYHWvHWFWHHX.999~OYYMYXvu.9Fu~OYYMYXuvAuh.999~OYYMYXfv9.ff9~OYYMYFvu.999~OYYMYhv9.fih~OYYMYivu.999~OYYMLv9.ffi~JMLEYv9.9FH~JLEYv9.9FH~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNvPb~LM8Evf99uo9XX9ouO9Xo9999o9999o9999o9999o9999~LMQNvsT~LGmvXMA~LJkMNz7v9~QyY7vJYE75~Q7Ovz1~eGLv9~e8Q8G8j875vf~QxEEj5M71yM8Ov~e8JB1G8j875v9.ff~1YEvu~NGOEv9.9Hf~OYYvw1LYmz5~Qx8Ov%3DK4b4a4Iff%3Djy20xYUgcddJhq3m~QOvu~O7NvJ1Q7MQN~-8OvKrtoExGoFAhAAuXiW9hHufXX~O1jyvxz8Qmzuf~w7Yjvu~1OGjUvuHHX9FuXuW~QmGEv9.9X~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9W9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vX9~OmyGv9ou~8GNvu~~Y-JvNOu~Y-GzvKu&vgd_bhv_kbb=1&vgd_cfud=220331&vgd_scsver=411&vgd_optout=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=528&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&vgd_uspa=0&vgd_sc=FL&vgd_l1rhst=contextual.media.net&hvsid=00001677496359888006462152412966&rc=0&rand=1677496360144&acid=9db63445eda0429a89e89b005ad3196a&matm=1677496360145&requrl=https%3A%2F%2Fcubdomain.com&vgd_ltimesrc=1&vgd_ltime=681&vgd_rtime=669&vgd_etm=18&vgd_l1hcsd=O7zm4%7C1290&vgd_l1ch=1&vgd_lhl=3593&vgd_pgid=p11994457902t202302271112&vgd_csip=rtb-appnexus-745f5fc68-fx745.SC&vgd_sbSup=1&vgd_vsidv=10&vgd_nrrs=81303&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1
Requested by
Host: cubdomain.com
URL: https://cubdomain.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Mon, 27 Feb 2023 11:12:40 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Mon, 27 Feb 2023 11:12:40 GMT
tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
pagead2.googlesyndication.com/bg/ Frame 2D04 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 18:19:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
406373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14406
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 18:19:47 GMT
yv
beap-bc.yahoo.com/ Frame 3536 		43 B
767 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=8498034918941822651:1677496357901&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=HM0L2rfGZFu3hvYY_1XLLvAfI8tOm-68RU0DWrT3HqktTGrYp1kph0kpF0itBGcLiG8nUx5K68o1RqD_6Ke1E-HZ3l2RNgDqwF8UsSZt339COnY4kAx1Dn7IjqmYyoMwh0HsmBePvPKk1s9hH0JaF4QkFou_jwJsmzoXZmIlalFhEweXAXgsJNY-YxD6-5RxYab9pHO3pxEhslawD79PDo2vMH9LSdiN6fh-WV-L3Bew1w7HOa6WmP9iimGWiLkxNrr0tcCHGM-gKxRQzd5UctrspYTbXTHn&iv=100&v=1&m=2&r=1677496360328&im=1&b=5&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7
Requested by
Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside-5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:40 GMT
strict-transport-security
max-age=31536000
accept-charset
utf-8
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, private
content-length
43
x-xss-protection
1; mode=block
collect
t.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c-sc/s/0.7.2/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://cubdomain.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
https://cubdomain.com
date
Mon, 27 Feb 2023 11:12:39 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
activeview
pagead2.googlesyndication.com/pcs/ Frame F7FD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuimG3n9x_fmuPNDK0pvM_KbPbQWDdYEgjmqWmnj216LrVmFvAtGEzXA4gKjr8R3gdBSM0Q6CU34kc4_bo1gr5W1hxhGu-1BOhGbGWmTcEqID_M9ccePGd3fnHEpqAdW0zkY24&sai=AMfl-YSQqgsydFeGoUY5XShau_Su7jTP429a5GP4py0n_GyBCp-t32gJENtRrn6ISQvbzG4hVPxwRIggswoX&sig=Cg0ArKJSzN72Fr9YWHVxEAE&cid=CAQSGwDUE5ymZnPup4DB6NPUCedJ35fEsT0JT20LPxgB&id=lidar2&mcvt=1015&p=0,0,280,1200&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677496357390&rpt=2074&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6972 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJz38J5D8Y8z8HIOnoga0yq64AwAAAAA4AeAEAg&bg=!srGlseXNAAZYlHKzeJQ7ADkAdvg8WiVx2faLZdb_KkjthCA_lwx16pjvV0DP6xbV3LcKrlTGjzuth1HfEBfevGv11IyjajSFwpACAAAA81IAAAAEaAEHCgC2cvdEmi_OVcxOwOGrSYoZf7oLM7CuU1iCd-OJPNVUedIcj0cWHhzR3AsWtvMQ7stH_uhZiLMkrNscmkO617jp5AOans7sogqOK0NKy3wLReVYZgokEW82ltsB19bmH82eIY_STXBkEJuHGPhX2a7L6ILfPxjeIlrP2jSM6p4eQcpIKGlppKEwgAz3luHZYPkg1LhjmdTJNinsFkdU6l9Mj2FzvyY2YwTEQ9A5tJobe10olDxzo26ZAtPtKGCuo4xexB2PsvoiN8AaonVEPkff3YKQ5sRw6Ft8BAX4n3Fu94EUGzm7_3Ew9KyIlak0bclA2ZNyPvch7ipE4j2qbPeu8EMeq0mTzQJ-mCMYZsrCIWGVwj5oqHyVt4C4FkFD7gQUFxOGUzNqBU0qWsHzAeGoFsbi3qUt_Nprn16BLdlmlMdOJ0y0mY8KSj6V9DAteA7TEle6x0Xlb55zv51u_MWNUgYQzZs8elDY_qIQpT53Qv4JyZ_7IzAuPPQ_0wPcbQXgJmYggSmhR5DQMrgpB7qjeSX-8_Yp-9KOL4zl49a_hRTEREQa9EGv_zVFlQ4lZBGFzVnm7JD28Wq4iZoLRMwnhk7rFjxbuCfWh-_wEDcqbx6hn0b-RH85m3IryNPiJU0ziJ0j1Gm-GthHuClpGde4KoiTZxSOME5KENbNpIxUoqTF9g70p6IKmKk6YPRwyxV3pjwkfxwPTFzRPjk1Jrh3iz3dlL6vGL0kz-PbHxFQkS1nywD-rKvjx5rGoziZl_hTFnIxInUVk6uV5Ps1d8PME4EgsOA1G6G12xLtOXiWDSpSkH1M0nTwfhHzVaOg715o0vTYz9MgILfzHdMdUTnb0jho00ahxQaFh2NkSgiPuxsgeo4Bd5N7BV5Vx7Z__8zEczCJ8vZl2ewdeTHa3oLBZgFAaoCmgQTx83I8j7lTZb50raCD7DEzzWj55ZKLRwFmtyPoJeInLsNE4FLOiBDN8vvUjXc6svC-hTgu-y2FSD877dk_H2i3LMhqiTKFPdbX_HcyUxzfigf1yLpDZkn-3hqDd2HmTFPtOLh0_c8Y0oP_O16lDcG8bwyw_AZfbET0p0ELxt67DE1mcGyi2YNx7o1szkOCKLFYG2xY4H3CMT6E_d54aJi3GS86BWlQggejs9ElEKwwEwenPwFT4_BT9huk02WTzn8z8je5BbllRChqQd5QQx94TUqGV_M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5E51 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d22ff0537126ca8a66a1dc27ed17f9e3901f275848f50461dff2e77e9fdd3d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11214
x-xss-protection
0
adp-ads-IzCBkz4l.css
ir.ebaystatic.com/rs/c/ Frame F5E5 		38 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ir.ebaystatic.com/rs/c/adp-ads-IzCBkz4l.css
Requested by
Host: www.ebay.com
URL: https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ebay server /
Resource Hash
ca3816a017b006e27cd4fdcb77443bcf2a28079f79d1e76e9f6247ea5027726a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Thu, 25 Jan 2024 23:29:32 GMT
x-ebay-client-tls-version
TLSv1.2, 157.52.120.32
content-encoding
gzip
via
1.1 include-cache-1 (squid), 1.1 varnish
x-cache-lookup
HIT from include-cache-1:80
x-cdn
Fastly
date
Mon, 27 Feb 2023 11:12:40 GMT
age
2806988
strict-transport-security
max-age=31557600
x-cache
HIT from include-cache-1, HIT
x-ebay-c-version
1.0.0
content-length
6672
x-served-by
cache-fty21368-FTY
last-modified
Wed, 25 Jan 2023 23:19:16 GMT
server
ebay server
x-timer
S1677496361.991167,VS0,VE0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dpieufvuq%60%28%3Fuwrh*w%60ut3522-185eb43deec-0xe6
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
2
s-l225.jpg
i.ebayimg.com/images/g/lvIAAOSwCHNj-asj/ Frame F5E5 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ebayimg.com/images/g/lvIAAOSwCHNj-asj/s-l225.jpg
Requested by
Host: www.ebay.com
URL: https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.77.221.103 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-221-103.deploy.static.akamaitechnologies.com
Software
ebay-proxy-server /
Resource Hash
f177e60e1b425e919f88c358779504e1cb33c2e67db079a9f184082b237a5b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:41 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 24 Feb 2023 18:30:56 GMT
server
ebay-proxy-server
x-ebay-pop-id
UFES2-EWR-zoe-anycast
akamai-grn
, 0.a4794668.1677496361.2deab7c
x-cdn
AKAMAI
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-envoy-upstream-service-time
52
rlogid
t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*sulk6%28rbpv6775-186874a70c2-0x118
x-ebay-c-version
1.0.0
content-length
23344
expires
Sun, 25 Feb 2024 06:37:28 GMT
s-l225.jpg
i.ebayimg.com/images/g/nF8AAOSwK~hj0b6K/ Frame F5E5 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ebayimg.com/images/g/nF8AAOSwK~hj0b6K/s-l225.jpg
Requested by
Host: www.ebay.com
URL: https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.77.221.103 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-221-103.deploy.static.akamaitechnologies.com
Software
ebay-proxy-server /
Resource Hash
119157a999f125ea38bc5e30f47475455ec7edf4393acc30ab532d4a4f7bbde5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:41 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 25 Jan 2023 11:43:06 GMT
server
ebay-proxy-server
x-ebay-pop-id
UFES2-EWR-zoe-anycast
akamai-grn
, , 0.a4794668.1677496361.2deab7d
x-cdn
AKAMAI
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-envoy-upstream-service-time
72
rlogid
t6q4%7Cjfaofpse%3D9iptq4%7Cjfaofpse*wr%7Ect%28rbpv6601-185eb9e6b9c-0x111
x-ebay-c-version
1.0.0
content-length
7586
expires
Fri, 26 Jan 2024 01:08:26 GMT
s-l225.jpg
i.ebayimg.com/images/g/CvQAAOSw1R5jmNlM/ Frame F5E5 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ebayimg.com/images/g/CvQAAOSw1R5jmNlM/s-l225.jpg
Requested by
Host: www.ebay.com
URL: https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.77.221.103 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-221-103.deploy.static.akamaitechnologies.com
Software
ebay-proxy-server /
Resource Hash
d6f3c2b1b7d74f310fd8436933dee559687b0475979c2496bfc85f5530509de0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:41 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 13 Dec 2022 07:58:04 GMT
server
ebay-proxy-server
x-ebay-pop-id
UFES2-EWR-zoe-anycast
akamai-grn
, , 0.a4794668.1677496361.2deab80
x-cdn
AKAMAI
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-envoy-upstream-service-time
61
rlogid
t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*5g%605%60%28rbpv6602-1850d21fe77-0x113
x-ebay-c-version
1.0.0
content-length
20733
expires
Wed, 13 Dec 2023 20:16:49 GMT
s-l225.jpg
i.ebayimg.com/images/g/D68AAOSwIZJeMKsf/ Frame F5E5 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ebayimg.com/images/g/D68AAOSwIZJeMKsf/s-l225.jpg
Requested by
Host: www.ebay.com
URL: https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.77.221.103 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-221-103.deploy.static.akamaitechnologies.com
Software
ebay-proxy-server /
Resource Hash
8633cdb86cb5f6b014d374779d23d7b4b06f5d3d069a195b7bae97be190927bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:41 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Jan 2020 09:43:58 GMT
server
ebay-proxy-server
x-ebay-pop-id
UFES2-EWR-zoe-anycast
akamai-grn
0.a4794668.1677496361.2deab7e
x-cdn
AKAMAI
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-envoy-upstream-service-time
84
rlogid
t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*1imdr%28rbpv6775-1833c96a16d-0x12a
x-ebay-c-version
1.0.0
content-length
14417
expires
Thu, 14 Sep 2023 15:20:48 GMT
s-l225.jpg
i.ebayimg.com/images/g/TDQAAOSww3VjSsAX/ Frame F5E5 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ebayimg.com/images/g/TDQAAOSww3VjSsAX/s-l225.jpg
Requested by
Host: www.ebay.com
URL: https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.77.221.103 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-221-103.deploy.static.akamaitechnologies.com
Software
ebay-proxy-server /
Resource Hash
954cfb54767ba49c2cc5f3e9cdfd5282d56e157a665334d00e10d1e6e9f8c8f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:41 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 15 Oct 2022 14:13:43 GMT
server
ebay-proxy-server
x-ebay-pop-id
UFES2-EWR-zoe-anycast
akamai-grn
, , , , 0.a4794668.1677496361.2deab7f
x-cdn
AKAMAI
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-envoy-upstream-service-time
74
rlogid
t6q4%7Cjfaofpse%3D9iptq4%7Cjfaofpse*1qkeq%28rbpv6601-183e069a3f1-0x10b
x-ebay-c-version
1.0.0
content-length
8980
expires
Mon, 16 Oct 2023 10:49:23 GMT
s-l225.jpg
i.ebayimg.com/images/g/rOEAAOSw9GhYdF~Y/ Frame F5E5 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ebayimg.com/images/g/rOEAAOSw9GhYdF~Y/s-l225.jpg
Requested by
Host: www.ebay.com
URL: https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.77.221.103 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-221-103.deploy.static.akamaitechnologies.com
Software
ebay-proxy-server /
Resource Hash
b8f75386721b668b52938947328666e296858840b17c05f9bca2994b72c1575b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:41 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 09 Jan 2017 16:15:20 GMT
server
ebay-proxy-server
x-ebay-pop-id
UFES2-EWR-zoe-anycast
akamai-grn
, , 0.a4794668.1677496361.2deab81
x-cdn
AKAMAI
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-envoy-upstream-service-time
63
rlogid
t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*onp%3Fa%28rbpv6612-1839677cc47-0x110
x-ebay-c-version
1.0.0
content-length
11321
expires
Mon, 02 Oct 2023 02:12:57 GMT
s-l225.jpg
i.ebayimg.com/images/g/J8sAAOSwfcxjyDKc/ Frame F5E5 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ebayimg.com/images/g/J8sAAOSwfcxjyDKc/s-l225.jpg
Requested by
Host: www.ebay.com
URL: https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.77.221.103 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-221-103.deploy.static.akamaitechnologies.com
Software
ebay-proxy-server /
Resource Hash
83a31f37b9b9351056df11a97b569fd5a18d626f59ce41d820ed7a4f8c667d63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:41 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Jan 2023 17:55:39 GMT
server
ebay-proxy-server
x-ebay-pop-id
UFES2-EWR-zoe-anycast
akamai-grn
, , 0.a4794668.1677496361.2deac3e
x-cdn
AKAMAI
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-envoy-upstream-service-time
61
rlogid
t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*k%7Drt7%28rbpv6770-185c618d474-0x115
x-ebay-c-version
1.0.0
content-length
14023
expires
Thu, 18 Jan 2024 18:16:34 GMT
s-l225.jpg
i.ebayimg.com/images/g/hgIAAOSw9V1j4~3d/ Frame F5E5 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ebayimg.com/images/g/hgIAAOSw9V1j4~3d/s-l225.jpg
Requested by
Host: www.ebay.com
URL: https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.77.221.103 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-221-103.deploy.static.akamaitechnologies.com
Software
ebay-proxy-server /
Resource Hash
ec66a405039002e4f5413d950cd5e484dc53855020ff2fe1245ef8a494516e7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:41 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 08 Feb 2023 07:54:04 GMT
server
ebay-proxy-server
x-ebay-pop-id
UFES2-EWR-zoe-anycast
akamai-grn
, , , 0.a4794668.1677496361.2deacca
x-cdn
AKAMAI
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-envoy-upstream-service-time
52
rlogid
t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*wmm%3Eu%28rbpv6770-18632a17284-0x133
x-ebay-c-version
1.0.0
content-length
14091
expires
Thu, 08 Feb 2024 20:04:46 GMT
s-l225.jpg
i.ebayimg.com/images/g/iesAAOSwR-FjwpNt/ Frame F5E5 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ebayimg.com/images/g/iesAAOSwR-FjwpNt/s-l225.jpg
Requested by
Host: www.ebay.com
URL: https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.77.221.103 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-221-103.deploy.static.akamaitechnologies.com
Software
ebay-proxy-server /
Resource Hash
fae96988029dd427f9062a05c62749d14d8ec5a770a3007d951e4333a4a3f5ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:41 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 14 Jan 2023 11:35:08 GMT
server
ebay-proxy-server
x-ebay-pop-id
UFES2-EWR-zoe-anycast
akamai-grn
, 0.a4794668.1677496361.2deacf1
x-cdn
AKAMAI
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-envoy-upstream-service-time
78
rlogid
t6q4%7Cjfaofpse%3D9iptq4%7Cjfaofpse*4%3D%7C%7Di%28rbpv6601-1862f039b63-0x113
x-ebay-c-version
1.0.0
content-length
10158
expires
Thu, 08 Feb 2024 03:13:31 GMT
s-l225.jpg
i.ebayimg.com/images/g/OO8AAOSwHLRj~Gv4/ Frame F5E5 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ebayimg.com/images/g/OO8AAOSwHLRj~Gv4/s-l225.jpg
Requested by
Host: www.ebay.com
URL: https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.77.221.103 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-221-103.deploy.static.akamaitechnologies.com
Software
ebay-proxy-server /
Resource Hash
e18bad4db691992d0a5204f30f895f8d4b740b7ea25893696876512f7d0c5363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:41 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 27 Feb 2023 08:38:16 GMT
server
ebay-proxy-server
x-ebay-pop-id
UFES2-EWR-zoe-anycast
akamai-grn
0.a4794668.1677496361.2dead1e
x-cdn
AKAMAI
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-envoy-upstream-service-time
58
rlogid
t6q4%7Cjfaofpse%3D9iptq4%7Cjfaofpse*%3Bo2ur%28rbpv674%3C-186920a1f83-0x10c
x-ebay-c-version
1.0.0
content-length
9366
expires
Tue, 27 Feb 2024 08:43:02 GMT
adp-ads-_BRmimfC.js
ir.ebaystatic.com/rs/c/ Frame F5E5 		210 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ir.ebaystatic.com/rs/c/adp-ads-_BRmimfC.js
Requested by
Host: www.ebay.com
URL: https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ebay server /
Resource Hash
3510b5959b6ed6aa6365b408b73c1e941e37462e74cf21835582e15ee1a36331
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.ebay.com/gum/v1/stick?q=month&pid=101491&ctrk=https%3A%2F%2Frt3019.infolinks.com%2Faction%2Fclk.htm%3Frid%3D4beacbef-7e1c-4999-8cec-9ceccc6fcd82%26bdc%3D3%26midx%3D0%26rts%3D1677496359483%26vt%3D0%26clk_t%3DonWin%26jsv%3D1849.013-3.025%26prod_t%3Da%26cv%3D0%26sdata%3Dmonth%26scs%3DMEqj_DrGDX%26rsd%3DZQuZYoIXgHbKZcMeYNBA8NqyFIROIF8j3xlhroYQiJfyGoZ0PGnDGRwPyEQQTtN9IO2DBSKsKbh_mKPE0BVZhqNDU7LZSiKvloGJUHf1AyU6-auDITQApy08RcfhHiB_KTfkMuhWFqSgHs24L4-m-TtWV1RwSKoB%26rsk%3D76%26rcs%3D7mi0N8Tk2wFTiNll69cR2A%26rurl%3D&ctrk_param=rurl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
2
date
Mon, 27 Feb 2023 11:12:40 GMT
content-encoding
gzip
via
1.1 include-cache-0 (squid), 1.1 varnish
x-cache-lookup
HIT from include-cache-0:80
x-cdn
Fastly
strict-transport-security
max-age=31557600
age
2211578
x-cache
HIT from include-cache-0, HIT
x-ebay-c-version
1.0.0
content-length
51522
x-served-by
cache-fty21368-FTY
last-modified
Wed, 01 Feb 2023 20:41:00 GMT
server
ebay server
x-timer
S1677496361.991148,VS0,VE0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dpieufvuq%60%28h5qq1*w%60ut3527-1860ec11b42-0xcd
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 01 Feb 2024 20:53:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5E51 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 27 Feb 2023 11:12:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 400D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
20855
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 05:25:06 GMT
expires
Tue, 27 Feb 2024 05:25:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EF93 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0e92eb0695ce794dbea7fc0d63260285bbf2d216ae5ec294068a1ab6f7560111
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6jzZ9VisvoZ1jykFynCDHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-6jzZ9VisvoZ1jykFynCDHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 11:12:41 GMT
expires
Mon, 27 Feb 2023 11:12:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame CA59 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuocZpeEU1dKzIAvUUk0cYuYrr9_av4CvTwu9bULA4PudWJXDYhy8I5X1c6uczSwCFxu2D5b2fwNzfHEesQP7EpG8BwLLSunXs&sig=Cg0ArKJSzFr-eKmJL4pLEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=33&adk=402488621&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677496359270&rpt=673&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MarketSans-SemiBold-WebS.woff2
ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/ Frame F5E5 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/MarketSans-SemiBold-WebS.woff2
Requested by
Host: ir.ebaystatic.com
URL: https://ir.ebaystatic.com/rs/c/adp-ads-IzCBkz4l.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ebay server /
Resource Hash
d1de97533f8c973f9eb1162098eee749715f058edb650efd69e9d6ac62b056b6
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ir.ebaystatic.com/rs/c/adp-ads-IzCBkz4l.css
Origin
https://www.ebay.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-lookup
HIT from include-cache-0:80
via
1.1 include-cache-0 (squid), 1.1 varnish
x-cdn
Fastly
strict-transport-security
max-age=31557600
age
15999646
x-cache
HIT from include-cache-0, HIT
content-length
22468
x-xss-protection
1; mode=block
x-served-by
cache-fty21321-FTY
server
ebay server
x-timer
S1677496361.168518,VS0,VE0
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60uebwh%3D9vjdq%60uebwh*%60qlwa%28rbpv6775-182d8ebeee2-0xdf
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
23665
tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
pagead2.googlesyndication.com/bg/ Frame 400D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 18:19:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
406374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14406
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 18:19:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EF93 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=3271707492014693&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 400D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gZ0nCA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5E51 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=3271707492014693&bg=!5-Sl5LDNAAZYlHKzeJQ7ADkAdvg8Wuu-22QblIfBR9m9PlRtj4m9QB4HNkTuvXidfzmy6sC32p8yQELA80dqLC-g-3avdm38V_MCAAAAdVIAAAAEaAEHmQKztGq0O7ec6n1UIRh_gFY9dfkRBSYj_85nNWzG1eHCKMsl8YmBMvi5KfBolnrQO_vXpnsHgOz_GN4mtyHXHiyJp6XeIhszKuGP_kK7rtTGdUm52RA9EyA3z8HeXKB201pYBN4CWhOsn-zXlQ4fNcOjqr4bQ1T9FY6gXYd58pC4pIFou6LtsW-MBc_NaVA5QA9SzbNLDiRHq2TecXzd2WTbW8tWCs1jpviAP9QfY4zvnaeK07PggcqtgxL8ejyjAqvXNqK88A9Bcdc-eI__WeZI29GNfSBo8S1e_FPhCObOpxWRaQm-8EfCwtQBlVXcyHlAvNFYsoKJRcZgKABou-_Asp7NC0C13UoQN-KNJGxGoRcIUR1yFVD-8JHXSYrNyFAvQt_IUHZfymkXnb8UYOHRDI2ECMTX2FfMT5uZrXljK0gGfFDqinPZqS7_8n0RzQXvw3apCgtY42P1OzVwN0ZvnHrYt0XDNfg3nh2poC4UYJGG8j8Q3tAJyMNzg9GUch9JCAsJUMNHfV_BW1Q_W8F22R1cI57WWZQ4ec9pWiYrr3AEo8rniiWCf6G5SytVPzRNv3aIdpGHid2w8AtQCGIpgfNtz0piTc0mIeNTw5xqQijnTfcfUMBJ7mkyBpelwZXEp6E8eLo9E7kG-P9X7EuHTykdHuHinqTZ_hsZoXf8Zqrjf-eu3X6jOqI_CSCOuHNV95r8FaOaHwbp4S_CkBjZCtqOwvMPr35ELW7jAtrVVBoURNWPjWTb3sCDTT6dNf6jWtEXCuRdcQNRBR0GjovkUKDT1ZVEbDcOmT4n70rTKCdZTWz1uGBEHbUUuGE8hg0_UVKmnWRZdLscM5WZ2KwufMw-thidpmzQ3LG3n4lJMC1wpjHy93WgHOXHqahsn7cIpO40XzbIW89Pa-gXUYKCjSanHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
collect
t.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c-sc/s/0.7.2/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://cubdomain.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
https://cubdomain.com
date
Mon, 27 Feb 2023 11:12:42 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
dcl.htm
rt3019.infolinks.com/action/ 		0
59 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3019.infolinks.com/action/dcl.htm?rid=4beacbef-7e1c-4999-8cec-9ceccc6fcd82&prod_t=d&sdata=homes&bdc=1&midx=0&capara=%7B%22vast-opportunityReached%22%3Atrue%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7a007cbcafaf02dc-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cubdomain.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
csi
csi.gstatic.com/ Frame 98F2 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lemq0qh2&c=7342740357682&slotId=3671370178841&eee=missing-element&bi=missing-id&vast_v=2.0&vmfc=1&vhc=0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c05::78 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 98F2 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lemq0vlc&c=7342740357682&slotId=3671370178841&fb=ima_html5-lima&sdkv=h.3.557.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&ghmsh_eids=44748969%2C44765701%2C44770824%2C44777649%2C44781753%2C44782991
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c05::78 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader21.html
tpc.googlesyndication.com/pagead/js/ Frame DFD5 		52 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/loader21.html?https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js%3fadTagUrl=https%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-video-pub-1463455084986126%2526slotname%253D345364575467565%2526ad_type%253Dvideo%2526description_url%253Dhttps%25253A%25252F%25252Fcubdomain.com%2526max_ad_duration%253D30000%2526videoad_start_delay%253D0&type=js&vpmute=1&vpa=1&rdp=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
789c309db6cd9d6d31cbe19ae0adf1ceb07fc8b4f485f45bf3e444dd0de457ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
18189
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 11:12:45 GMT
etag
7287664291636797308
expires
Tue, 28 Feb 2023 11:12:45 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dcl.htm
rt3019.infolinks.com/action/ 		0
36 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3019.infolinks.com/action/dcl.htm?rid=4beacbef-7e1c-4999-8cec-9ceccc6fcd82&prod_t=d&sdata=homes&bdc=1&midx=0&capara=%7B%22vast-adLoadTime%22%3A69%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1849.013-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7a007cbd181202dc-MIA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://cubdomain.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame DFD5 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-video-pub-1463455084986126%26slotname%3D345364575467565%26ad_type%3Dvideo%26description_url%3Dhttps%253A%252F%252Fcubdomain.com%26max_ad_duration%3D30000%26videoad_start_delay%3D0&type=js&vpmute=1&vpa=1&rdp=0
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader21.html?https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js%3fadTagUrl=https%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-video-pub-1463455084986126%2526slotname%253D345364575467565%2526ad_type%253Dvideo%2526description_url%253Dhttps%25253A%25252F%25252Fcubdomain.com%2526max_ad_duration%253D30000%2526videoad_start_delay%253D0&type=js&vpmute=1&vpa=1&rdp=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
851058e3faaab0c3490ffe59ed8dde67d70c10debe5258f65dd5732b93009035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15808
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 14:30:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Mon, 27 Feb 2023 11:27:45 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DFD5 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-video-pub-1463455084986126%26slotname%3D345364575467565%26ad_type%3Dvideo%26description_url%3Dhttps%253A%252F%252Fcubdomain.com%26max_ad_duration%3D30000%26videoad_start_delay%3D0&type=js&vpmute=1&vpa=1&rdp=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ca69c8dc0ab18c0a31c2b04b837bc181aeb875a2f592fb1d48a1638c4358952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123572
x-xss-protection
0
expires
Mon, 27 Feb 2023 11:12:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DFD5 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.7870163932937528&wt=1677496365782&sdkv=h.3.557.0&xai=undefined&url=2,https%3A%2F%2Fcubdomain.com$2,https%3A%2F%2Fimasdk.googleapis.com%2F$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-video-pub-1463455084986126%26slotname%3D345364575467565%26ad_type%3Dvideo%26description_url%3Dhttps%253A%252F%252Fcubdomain.com%26max_ad_duration%3D30000%26videoad_start_delay%3D0&type=js&vpmute=1&vpa=1&rdp=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 11:12:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.557.0_en.html
imasdk.googleapis.com/js/core/ Frame 6FCA 		694 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ed1c1634d9f96286eecd6bfe892542a2cd46f4e46d437210fa99e4c8482966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
25905
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227119
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 04:01:01 GMT
expires
Tue, 27 Feb 2024 04:01:01 GMT
last-modified
Tue, 21 Feb 2023 14:27:34 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame DFD5 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Feb 2023 11:12:46 GMT
integrator.js
adservice.google.com/adsid/ Frame DFD5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tpc.googlesyndication.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6FCA 		156 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-1463455084986126&slotname=345364575467565&ad_type=video&description_url=https%3A%2F%2Fcubdomain.com&max_ad_duration=33000&videoad_start_delay=0&channel=vpaidadp_html5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&vpa=auto&vpmute=1&sdkv=h.3.557.0%2Fvpaid_adapter&video_product_type=0&min_ad_duration=0&sz=400x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=2&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&sdki=445&ptt=20&adk=2224058162&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.557.0&eid=44731965%2C44748969%2C44765701%2C44777649%2C44781753%2C44782991&ref=https%3A%2F%2Fimasdk.googleapis.com%2F&url=https%3A%2F%2Fcubdomain.com&dt=1677496366328&correlator=3629363302482086&ad_block=1&ged=ve4_td0_tt0_pd0_la0_er0.0.154.300_vi0.0.300.400_vp100_eb24427
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
csi
csi.gstatic.com/ Frame 6FCA 		0
0
csi
csi.gstatic.com/ Frame 6FCA 		0
0
dcl.htm
rt3019.infolinks.com/action/ 		0
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cubdomain.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cubdomain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 11:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
csi
csi.gstatic.com/ Frame 98F2 		0
0
loader21.html
tpc.googlesyndication.com/pagead/js/ Frame AB87 		0
0
dcl.htm
rt3019.infolinks.com/action/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
resources.infolinks.com
URL
https://resources.infolinks.com/static/vid-content/infolinks_feel_better.mp4
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lemq0w5a&c=5562256273474&slotId=2781128136737&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lemq0wlz&c=5562256273474&slotId=2781128136737&uet=2&ghmsh_eids=44731965%2C44748969%2C44765701%2C44777649%2C44781753%2C44782991
Domain
rt3019.infolinks.com
URL
https://rt3019.infolinks.com/action/dcl.htm?rid=4beacbef-7e1c-4999-8cec-9ceccc6fcd82&prod_t=d&sdata=homes&bdc=1&midx=0&capara=%7B%22vast-adError%22%3A901%2C%22vast-adErrorMessage%22%3A%22An%20unexpected%20error%20occurred%20within%20the%20VPAID%20creative.%20Refer%20to%20the%20inner%20error%20for%20more%20info.%22%7D
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lemq0vlp&c=7342740357682&slotId=3671370178841&fb=ima_html5-lima&sdkv=h.3.557.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&met.4=err.lemq0wm7&aec=901
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/loader21.html?https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js%3fadTagUrl=https%253A%252F%252Fgoogleads.g.doubleclick.net%252Fpagead%252Fads%253Fclient%253Dca-video-pub-6373315980741255%2526slotname%253D463849%2526ad_type%253Dvideo%2526description_url%253Dhttps%25253A%25252F%25252Fcubdomain.com%2526max_ad_duration%253D30000%2526videoad_start_delay%253D0&type=js&vpmute=1&vpa=1&rdp=0
Domain
rt3019.infolinks.com
URL
https://rt3019.infolinks.com/action/dcl.htm?rid=4beacbef-7e1c-4999-8cec-9ceccc6fcd82&prod_t=d&sdata=homes&bdc=1&midx=2&capara=%7B%22vast-adLoadTime%22%3A33%7D

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 boolean| credentialless object| __cfQR object| __cfBeacon function| $ function| jQuery number| uidEvent object| bootstrap function| Chart function| moment object| leaflet object| L object| dates object| COM object| ORG object| NET object| INFO object| ONLINE object| BIZ object| TECH object| labelsName object| labelsData function| getSubscription function| UnixTimeStamp function| TwoDecimalPlace function| toggleHandler function| calculationForPopup function| timeDifference function| dateDiff function| checkBot function| setCookie function| getCookie function| deleteCookie function| bytesToSize function| isUrlValid function| getHostName function| getDomain function| isValidEmailAddress function| addZero function| getRandomNumber function| SpaceHyphen function| copyToClipboard function| downloadFile function| HEXtoRGB function| HEXtoHSL function| HEXToCMYK function| RGBtoHSV function| RGBtoHEX function| CMYKToRGB function| CSVtoHTML function| tag function| toHTML function| HTMLFormater function| CSVtoJSON function| CSVtoXML function| SQLtoCSV object| visitor object| website object| static object| common function| subscribeSuccessCallBack string| applicationServerPublicKey string| applicationServerPrivateKey string| serviceWorker boolean| isSubscribed object| helloBarHTML object| helloBarLink undefined| messageBox string| timeFormat object| toggles object| toggle boolean| chromeExtensionInstalled undefined| img object| monthNames undefined| data undefined| ad undefined| adsSuccessCallBack object| ctx1 object| myChart1 object| ctx2 object| myChart2 object| resizeEvent object| chartColors number| infolinks_pid number| infolinks_wsid boolean| IL_INIT object| $iceboot object| INFOLINKS object| dataLayer boolean| __cfRLUnblockHandlers object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| _typeof function| _defineProperty number| $iceId object| iqscript function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager object| $jscomp function| getIfbip string| GoogleAnalyticsObject function| ga function| clarity function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent object| iiq_object_array object| GoogleGcLKhOms function| onYouTubeIframeAPIReady function| _33AcrossIdMappingsProvider object| bubble object| skins object| gaplugins object| gaData function| hb_iceChunk object| hb_ice object| _pbjsGlobals object| $ICE_HB object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent function| ILVideo string| w function| WebVTT object| google_llp object| google_image_requests object| closure_lm_30620 object| vttjs object| googletag object| closure_lm_692393 object| googDdmPs

116 Cookies

Domain/Path Name / Value
cubdomain.com/ Name: logglytrackingsession
Value: 23c4070a-d082-462a-a8ff-df562b559a14
.infolinks.com/ Name: cuid
Value: 792a2bfe-ceb5-4d9a-84e8-969f30b991aa
.casalemedia.com/ Name: CMID
Value: Y-yQJZMVii9y9ywf1whDfAAA
.casalemedia.com/ Name: CMPS
Value: 415
.casalemedia.com/ Name: CMPRO
Value: 415
.openx.net/ Name: i
Value: 6df9b73d-cf49-4ce3-85fb-c4b07a095c2f|1677496357
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.yahoo.com/ Name: A3
Value: d=AQABBCWQ_GMCEKNK59bZ7shU0IoZuxb4hNkFEgEBAQHh_WMGZAAAAAAA_eMAAA&S=AQAAAgBFUA_OfGpiQrtzOXkibGo
.advertising.com/ Name: A3
Value: d=AQABBCWQ_GMCEIU6tN7topPV3N9ZI6yYREgFEgEBAQHh_WMGZAAAAAAA_eMAAA&S=AQAAAjvXbDbiwBbiTXtv9boqLH8
.tynt.com/ Name: uid
Value: FoIhl2P8kCWdzEdWTWjkwA==
.adnxs.com/ Name: uuid2
Value: 3536526977433063810
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 07070837-B4A5-4DBC-9184-35B09260FCDB
.zemanta.com/ Name: zuid
Value: 4DttiO1g2cKjJjyTXxBw
.360yield.com/ Name: tuuid
Value: 0443a9dc-4194-45f8-8e89-ed394c1dc14f
.360yield.com/ Name: tuuid_lu
Value: 1677496357
.go.sonobi.com/ Name: __uis
Value: db31c910-5a7c-4fd8-80e1-a65a20682c2c
.go.sonobi.com/ Name: HAPLB8S
Value: s85142|Y/yQK
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1677496357532%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1677496357532%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1677496357532%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1677496357532%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1677496357532%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1677496357532%7D%5D
.infolinks.com/ Name: OXUSERCOOKIE
Value: 95c2aaf5-751a-4498-9ee2-3baae689ca47
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQCDate
Value: 1677496357623
.infolinks.com/ Name: IXUSERCOOKIE
Value: Y-yQJZMVii9y9ywf1whDfAAA&415
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-4fSiImlE2uH5oe3TYae.Aml0KBMVJx6HqiNZdKU-~A
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-TKbLVsxE2uH04VogSxOMR7z2BgbLOmFX~A
.infolinks.com/ Name: SONOBIUSERCOOKIE
Value: db31c910-5a7c-4fd8-80e1-a65a20682c2c
.cubdomain.com/ Name: _ga_M2DR8J2TD3
Value: GS1.1.1677496357.1.0.1677496357.0.0.0
.intentiq.com/ Name: intentIQ
Value: FvY3C8eyD0
.adsrvr.org/ Name: TDID
Value: 7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c
.turn.com/ Name: uid
Value: 2904119884902318991
.cubdomain.com/ Name: __gads
Value: ID=aaa46ea670ab4257-22cbb65f84de0061:T=1677496357:RT=1677496357:S=ALNI_MYEzUfIwVd9wzsZ2yqhOyMIsWteYw
.cubdomain.com/ Name: __gpi
Value: UID=000009c309c85f1d:T=1677496357:RT=1677496357:S=ALNI_MYRYeu_MYNwa7c7UC0Ebmz2e_IM3Q
.cubdomain.com/ Name: _ga
Value: GA1.2.1180126012.1677496357
.cubdomain.com/ Name: _gid
Value: GA1.2.2012391706.1677496358
.infolinks.com/ Name: ANUSERCOOKIE
Value: 3536526977433063810
.cubdomain.com/ Name: _gat_UA-101202427-1
Value: 1
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 7f8e9ceb-6511-487e-8c35-63edb5b48f37
beacon.lynx.cognitivlabs.com/ Name: ss
Value: kg3BrSkO%2FUexTOWi%2B8dTjnVJVe3M8ADnl2XCJDigHnEsFQQXLaCNdsegSYCnFmpufr8ETyO87LOQS8I%2Fl9iyDQ%3D%3D
.adform.net/ Name: C
Value: 1
.infolinks.com/ Name: IMDUSERCOOKIE
Value: 0443a9dc-4194-45f8-8e89-ed394c1dc14f
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005%22%2C%22nxtrdr%22%3Afalse%7D
.33across.com/ Name: 33x_ps
Value: u%3D212088524569228%3As1%3D1677496357837%3Ats%3D1677496357837
.tapad.com/ Name: TapAd_TS
Value: 1677496357870
.tapad.com/ Name: TapAd_DID
Value: eb644950-4fc1-4c1e-9446-9a6dcaa5c51c
.adform.net/ Name: uid
Value: 1947652079613187324
.lijit.com/ Name: ljt_reader
Value: GOfACLZHW2bggVphS0qDYIgo
.doubleclick.net/ Name: IDE
Value: AHWqTUnX17e-n71s0qZzPkjb6_Ekx95XdIJSMAR0d3afPFDsfYqoGpRbKbxjUvJsUFU
.amazon-adsystem.com/ Name: ad-id
Value: A2AfMObSbEP4pjf6pAzT59I
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bluekai.com/ Name: bku
Value: ikG99YVxds1YstDF
.bluekai.com/ Name: bkpa
Value: KJyWyBNmQp9D9mY73j5q5QgeZXD/lukdq5NmC5/fhGi0wXNQDUhbFIDTEw6uIYob4CZmZ6O16tOVc29Pody6Vdzqdpp5IIByllhm6d4/IYLej/YcNEM4rLP44tNFDfFGF3T1Xect2lsI5xpyzc768ljQQaNfrHpSfLy9szzMT6ncAsSOLs7ZSmtaBPPBWcOD0A7jkajCnx+KG+3dN6koCx8gVMKzEaUq5zBNsP/3Q0Euu9JDfgSKlvfCZD/7Mz2eMD8ZFZ0t7+yrasC0JhmKHvq05HaxoJWWbsHg2ieJIg6vFJEWip0FD33u8itmDd1d9mfnPCR=
.bidswitch.net/ Name: tuuid
Value: 95399994-aff6-43ee-92ed-ddbfaedd92c3
.bidswitch.net/ Name: c
Value: 1677496357
.33across.com/ Name: check
Value: true
.3lift.com/ Name: tluid
Value: 2069069278710581256250
.quantserve.com/ Name: mc
Value: 63fc9025-ea910-61992-f2783
.media.net/ Name: visitor-id
Value: 3204979571524164000V10
.media.net/ Name: data-inf
Value: setstatuscode~~41
.intentiq.com/ Name: ASDT
Value: 0
.infolinks.com/ Name: TPLSERCOOKIE
Value: 2800704551102332073957
.infolinks.com/ Name: KADUSERCOOKIE
Value: 07070837-B4A5-4DBC-9184-35B09260FCDB~1677504133995
.bidswitch.net/ Name: tuuid_lu
Value: 1677496358
.dotomi.com/ Name: DotomiTest
Value: 7f00194e9dec06a3
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzNDE3MDI0tDQzMLYwMTI0E-Iz1A1OjCjyLitwiU_KywAAGNGpOSQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzNDE3MDI0tDQzMLYwMTI0E-Iz1A1OjCjyLitwiU_KywAAGNGpOSQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1slzmtoZm5uYmlmbGphYGwOAJoZNwUQAAAA
.infolinks.com/ Name: MNETUSERCOOKIE
Value: 3204979571524164000V10
.infolinks.com/ Name: QCUSERCOOKIE
Value: 5dz7sOrfr-b-ivzq4t-w5eLWpOH-ia_k69x_7oAn
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005%22%7D
.quantserve.com/ Name: d
Value: EGUBFAGyKP7KwQzs_hA
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: 4DttiO1g2cKjJjyTXxBw
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 969470211960384216
.infolinks.com/ Name: URUSERCOOKIE
Value: RX-f9c8a977-3eac-4520-9328-a23b4443e8b0-005
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: GOfACLZHW2bggVphS0qDYIgo
.mathtag.com/ Name: uuid
Value: 4ba863fc-9026-4f00-ba10-3f7d40998704
.infolinks.com/ Name: 33AUSERCOOKIE
Value: 212088524569228
.intentiq.com/ Name: CSDT
Value: UEQ6MTUwMTlfMCZUWDNybFNCIzE1MzI0XzAmVFgzcmxPVg
.intentiq.com/ Name: IQPData
Value: 646215237#1677496358198#0#1677496357969
.infolinks.com/ Name: TAUSERCOOKIE
Value: eb644950-4fc1-4c1e-9446-9a6dcaa5c51c
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: 07070837-B4A5-4DBC-9184-35B09260FCDB
.rubiconproject.com/ Name: khaos
Value: LEMQ0Q12-G-4PGH
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-aefe1d9d-5cb9-390d-b220-8eb7a3e11275
.infolinks.com/ Name: DISUSERCOOKIE
Value: ua-aefe1d9d-5cb9-390d-b220-8eb7a3e11275
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!1403-2!1403
.rubiconproject.com/ Name: audit
Value: 1|Peh4fYwyXC6MGNeqw80XJcBeZVex1eBZY+CH50yseYg8fCYmOTvXg2jgshoy64tEhvcvBIvH8CDLv0ZnN1+t0Vm3DUAyuHnL
.linkedin.com/ Name: bcookie
Value: "v=2&965598c2-1e15-4a37-80e1-f65b22dbbc9d"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2859:u=1:x=1:i=1677496359:t=1677582759:v=2:sig=AQF_C4uYCPOwLmRjE07q5_4AxVNzN0d0"
.pubmatic.com/ Name: pi
Value: 156078:3
.bing.com/ Name: MUID
Value: 37DE24F61C8E6E260F8636331D306FB2
.c.bing.com/ Name: MR
Value: 0
.adnxs.com/ Name: anj
Value: dTM7k!M4.FD>6NRF']wIg2E?kcr#c_!]tbP6j2F-.o$Rg@Gn3HZ/F:JiS6br8O53SjC*mf2BSlh^Ndf-f$yzw4y-gSB_aH`?136S>a69g*qF1`*b^j_+@d($
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ2ZXJpem9ubWVkaWEiOnsidWlkIjoieS1QeUxjSG9kRTJ1RndWVlR2ZC50RFRMR1ZaNWlEanctLX5BIiwiZXhwaXJlcyI6IjIwMjMtMDUtMjhUMTE6MTI6MzlaIn19LCJiaXJ0aGRheSI6IjIwMjMtMDItMjdUMTE6MTI6MzlaIn0=
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y-yQJwAAATRbfgAF
.simpli.fi/ Name: suid
Value: 2F36A4DC47814133B9133D3750DF1F20
.doubleclick.net/ Name: DSID
Value: NO_DATA
.w55c.net/ Name: wfivefivec
Value: UJnLVlTO1PwBqT5
.uplynk.com/ Name: COMBOID
Value: "comboid=y-AMNfBrlE2uGlGBmpsYOk4aFkkBz9MmXQ~A|expires_at=1685272359"
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESENU0Ui_GMfE_A761sz0EL6k&KRTB&22987-CAESENU0Ui_GMfE_A761sz0EL6k&KRTB&23025-CAESENU0Ui_GMfE_A761sz0EL6k&KRTB&23386-CAESENU0Ui_GMfE_A761sz0EL6k
.pubmatic.com/ Name: SyncRTB3
Value: 1678665600%3A220_21_13
.w55c.net/ Name: matchonemobile
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:2F36A4DC47814133B9133D3750DF1F20
.pubmatic.com/ Name: PugT
Value: 1677496359
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.pubmatic.com/ Name: SPugT
Value: 1677496359
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI2oqik7KvzDsQBRIUCgV0YXBhZBILCKDVvZWyr8w7EAUSFgoHcnViaWNvbhILCNLC35qyr8w7EAUYASABKAIyCwjGvYvWyK_MOxAFOAFaBzhtMzN6azRgAg..
.mathtag.com/ Name: mt_mop
Value: 4:1677496360
.media.net/ Name: data-v
Value: {{APID}}~~1
.media.net/ Name: data-ttd
Value: 7b54b8b1-d6ce-4bfb-b906-4df2d9d9e31c~~1
.media.net/ Name: data-g
Value: CAESEI1FTLw3BJsh4OhcWpcsjZU~~6
.analytics.yahoo.com/ Name: IDSYNC
Value: "18xp~2a8b:190u~2a8b:18z8~2a8b:1776~2a8b:176k~2a8b:175v~2a8b:17my~2a8b:18zh~2a8b:18qt~2a8b:18yl~2a8b:18vj~2a8b:190j~2a8b:1769~2a8b:18xn~2a8b:17kh~2a8b:18xa~2a8b"
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2f564e62-a1d0-41c4-6aa6-65c2a202d791.egKRJWH7i4x%2BNDIr5O12seONdh91xBishbBTd43%2FDkE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AL1ZOYqHQQcRqpmXCogLXkSaEdkk.ctnolQy6vSt3NFAIcTGxfV9YP%2Bsnql6jxdMp18t6AQE
.teads.tv/ Name: tt_viewer
Value: 2c7bead5-5e8f-472a-92ff-60705e7bf7c8
.uuidksinc.net/ Name: jcsuuid
Value: X9cvYqiIJov7pYO4Eqsc
.csync.loopme.me/ Name: viewer_token
Value: b8579d86-bf52-40e5-877d-327e64f26f54
.media.net/ Name: data-lop
Value: b8579d86-bf52-40e5-877d-327e64f26f54~~1

7 Console Messages

Source Level URL
Text
security warning URL: https://resources.infolinks.com/js/1849.013-3.025/intag_incontent.js(Line 1172)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://resources.infolinks.com/js/1849.013-3.025/in_search.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 467)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 109)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
adservice.google.com
ap.lijit.com
api.intentiq.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
beap-bc.yahoo.com
c.bing.com
c1.adform.net
cdn-ima.33across.com
cdn.js7k.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cs.media.net
csi.gstatic.com
csync.loopme.me
cubdomain.com
de.tynt.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hblg.media.net
hde.tynt.com
i.ebayimg.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ir.ebaystatic.com
lexicon.33across.com
lg3.media.net
match.adsrvr.org
onetag-sys.com
onevideosync.uplynk.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pn.ybp.yahoo.com
pr-bh.ybp.yahoo.com
prod-m-node-1213.ssp.yahoo.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
resources.infolinks.com
router.infolinks.com
rt3019.infolinks.com
s.amazon-adsystem.com
s.uuidksinc.net
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
service.idsync.analytics.yahoo.com
ssc-cms.33across.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.intentiq.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync1.intentiq.com
t.clarity.ms
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
vjs.zencdn.net
warp.media.net
www.clarity.ms
www.cubdomain.com
www.ebay.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
csi.gstatic.com
resources.infolinks.com
rt3019.infolinks.com
tpc.googlesyndication.com
104.127.172.242
104.18.24.185
104.18.25.185
104.18.35.34
104.77.220.25
104.77.221.103
13.226.39.8
13.248.245.213
142.250.176.194
142.251.35.162
142.251.40.134
151.101.130.49
172.66.41.9
18.164.96.113
18.235.247.121
185.167.164.39
185.196.197.130
192.40.39.223
199.127.204.171
199.38.167.130
20.114.189.70
2001:4998:124:1407::d000
2001:4998:1c:800::1001
209.191.163.208
216.200.232.249
23.198.216.24
23.200.197.46
23.205.6.178
23.44.133.30
2600:1901:0:8344::
2600:1f18:4e9:5a01:b6b9:22a8:c0af:3d60
2600:9000:2510:b000:1b:6b7d:2300:93a1
2606:4700:20::681a:5b5
2606:4700::6810:3965
2606:4700::6811:190e
2606:ae80:1471:1a::1370
2607:f8b0:4004:c0b::9a
2607:f8b0:4006:808::200e
2607:f8b0:4006:80a::2004
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::200a
2607:f8b0:4006:817::2006
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2008
2607:f8b0:4006:821::2003
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::200a
2620:100:a001::1d
2620:112:f002:bbbb::21
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2620:1ec:4e:1::40
2620:1ec:c11::200
2a00:1450:4010:c05::78
2a04:4e42:400::718
2a04:4e42::485
2a04:4e42::729
3.218.90.66
34.111.113.62
34.117.239.71
34.150.170.96
34.193.58.159
34.199.247.221
34.98.64.218
35.211.178.172
35.214.223.115
44.193.124.55
51.222.39.185
52.223.40.198
52.46.130.91
52.9.91.27
54.208.243.98
54.88.103.18
64.202.112.127
67.202.105.22
67.202.105.32
67.220.228.202
68.67.160.114
68.67.181.211
69.166.1.10
69.173.151.100
74.119.119.150
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.97
02d30af89e689b202bbe46caffa50312ba5ffd209dd2ced87de71f582eadb703
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e92eb0695ce794dbea7fc0d63260285bbf2d216ae5ec294068a1ab6f7560111
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
119157a999f125ea38bc5e30f47475455ec7edf4393acc30ab532d4a4f7bbde5
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
125920c62731ed3aaf1b7a3ee0d304ac5cab2d83381a012022bd207486460fb0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
187616f8eb5502e776504cbb8117a768a15e38154007b6e22e5150a10191b9e6
18ed1c1634d9f96286eecd6bfe892542a2cd46f4e46d437210fa99e4c8482966
19aed7d310d8bf5f137d0273df387b2d5b023e7c8eda1d30c1f7a8459d5a3bb9
1c7c57142dd7f57fe7bc81cd9efd19162bb668b2346a4eb7e85821e59833afb7
1c9d3caa3957f429c885951d1ddc50f270e93802b6f77b6e1cae9cb029e5e80b
1e9503b9419cb154bf2bc1b74c239523425098fbcc42e5da5be77e20a4289d3e
1f42b6c9dab0b73174621c0daba5d82d4f2d841fed05a3784952e660b13fb78b
21e0a0270ab26a8e101db6854997c80c58acc882ae46216732c247dd2ffb7761
250154aaeb73807135d81c49d02c5729d258ae19f7d22bc24ce017ccc0ee2893
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
314424498540c8a6be07bb2fa6c58b8fbfde7734374b52a1af8c48df8de654ed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3510b5959b6ed6aa6365b408b73c1e941e37462e74cf21835582e15ee1a36331
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3870100cd42756d2731a2cc67f0e7ac14e9ca449caf10d4669259bffde8f50cf
3e61555a96ac4ab8ae4dea5f023e55baa382e08caea5342d95ac727fc73b65aa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
453ff51e85f2424386b5678071561a4ec69a2aaf84bb5078f95217af4b8db8de
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f159576b549002fa4592353877fb6a9352b68f55439d5ec88e54f6fe9e16a0
53e6457b5c17de96b796b245329fb9cc366ac189b5ae125ab7d2feefb6ea2033
54ec5d49fd3dbb498c6f9fb4746bb071d87b86ae802c77b238b3eace00999e14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a36011812516a45305217c2fc2d0a0b2fcf9e66e4c84708cc1b6818066024fc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
661712cc67306e9cf1b385985e9c3fb900acc13c34e23ee89fdaf9723206ae7a
68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1
7560742c44ea24b691ef049a0005069451550e1aaed824ad1099c47dbdeabc58
789c309db6cd9d6d31cbe19ae0adf1ceb07fc8b4f485f45bf3e444dd0de457ac
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7bb23de30daa7e81e2fafc5d2fbcada4b6fefc10c3251661952a341d6864aa8e
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
7c877407826f69e8ce67c34e5d32f39660263412adade653ac0ab1214484517d
7ca69c8dc0ab18c0a31c2b04b837bc181aeb875a2f592fb1d48a1638c4358952
7cc86861c8349bf926ab5460a0cbd3ed9196006f30160a29e86f23061ab10fa7
7ec2a1a9f6170536cd113af787259b36aa15df7dcde243207ef0776d7842425f
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
83a31f37b9b9351056df11a97b569fd5a18d626f59ce41d820ed7a4f8c667d63
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
851058e3faaab0c3490ffe59ed8dde67d70c10debe5258f65dd5732b93009035
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
8633cdb86cb5f6b014d374779d23d7b4b06f5d3d069a195b7bae97be190927bc
87668d5e2a485f0f503da6e87ae30b8ac218985583c7862035cb6bf1f190e90a
87a9bb2c0d13183c255aa63e939708206dc2a91d6f0dc97b5ee4a76a2aefd95b
8a3f18816535e8b889942eac6653aba5538ae7a9cc98881fa473b0ca4fc3d1e9
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d22ff0537126ca8a66a1dc27ed17f9e3901f275848f50461dff2e77e9fdd3d1
8e9ada2895b99605f44e4b301b8490ae5ae54646646411c5958daf428271f5f9
9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858
94dbc2b8c346e21c33acc3282ad347f68547a5c36db412853677a264389e63e9
954cfb54767ba49c2cc5f3e9cdfd5282d56e157a665334d00e10d1e6e9f8c8f1
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b
976021ffdea6b4b2d2696bb52429baed6d49ff320bf3c38fbd07159107ca822c
99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a04105cc96823158c335004dc7c4480f70424711517aa81cd753a29c2417279b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e2feb1c86511dd8ae06b0f37731b3b44bf0c601fefd78d3c88e41756d5ea1f
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
b72ca4da1c91950c05d19d69b666b5bfb900212b7376b15d63d782f5ab6fa62b
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
b8f75386721b668b52938947328666e296858840b17c05f9bca2994b72c1575b
ba6f2500c10df5ef58130163b914ccdc6432e05e4fc09523e273a796a75c5aab
bc9c4e8af7e8cd21e77fef4dc6e94a70e2344a30753ef52f1b155703cd435f77
bd7349aae312bc35faad727443a7f8203fc98603c8ee34acf5847bfe974e5252
bf8676faa0ff47dfbe6fbc792c2a06f37ea12d5176a2dbf35b404e8270d0e146
bfaa39ed033e1ffc75d6836a262e185c70c7b0a0154448a0e38aca11f0db7471
c17497c704b79b84614b5319952fd19919e6649b959ecff2eacb77283f348d5c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2c9388cd875c17ebd3b79f77dca87859903413cd01bc6fb746b6ee7e4167eaf
c341fb0279a57b07355442b158ab9aabadc74b573991db0c5f07c534d7172520
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff
c6f246a4b7046c8b5717872c7cb37e57f3db3e619e79bf1c8a4b07a557036211
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c8089495c7dd4f2030ed449649d4cc8271eda9e0566d11112d55cc22b7170316
c885ec1530556254f332ebcc5cdc91fc5972e010c676aeccfdc908ea1a3197b7
ca3816a017b006e27cd4fdcb77443bcf2a28079f79d1e76e9f6247ea5027726a
ca91149285e8b41f34a6ad7bd23ce45e905acd6d191e7582a77b65793cfa7136
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdef8ba28a5e3388b3badb8033a822d8ee556009f2a459eda35d548c53d8b0e6
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1de97533f8c973f9eb1162098eee749715f058edb650efd69e9d6ac62b056b6
d406c2499361ef01cef5ec8080cc790dc40b652a6d5c7bf8394ed4d181c27300
d4113df6a4b5fe797e44b461909177ba92ddaa8dff65d498e41e9b4ae1901465
d6aa46624952dfb4770ded49db06e2e6971ed23667d5d68b00ca4e52e2318f29
d6b9d8feb6346acdb05f81d57511a1c05142be2578de16319e2023ac35e078a1
d6f3c2b1b7d74f310fd8436933dee559687b0475979c2496bfc85f5530509de0
d6f40a6f78af38a98a64ac5f86f8c5e584960ebcbca8e7d26cd1af85fd61fbda
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7e24f5c06a55071ace58890ae968f2437d29f0332718689b5e086e55db291c1
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dbf3c9f12e3bbaa1284086ff1fdd9de54a01c11e5276059d5f56c6233cc7b5a2
de1f922c82af83f464ccd6829ab99c2837edddafc3d107a7d1aae8629e6ffd53
de698f771f908f6249a14b16e6c5e46c7bb7fd7477be0d48253a6c27481eb7e6
df4bfd6c256cf83ea7eac1b74ecf751d3c58a24712c3f256ebd066c441faa338
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e05965fdb8bf7540aee38cc02360bd6379bdbc3f09e7150b477427b57d4d5fc5
e18bad4db691992d0a5204f30f895f8d4b740b7ea25893696876512f7d0c5363
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b
e52250e8324836d5c9182ee9946de5f2e4d43dc69bebf32c8eddb5dcc15275dd
e73f40619326967e092705365f3fa80dc873c49c44383ad8d1bb63ad576dbf19
ec66a405039002e4f5413d950cd5e484dc53855020ff2fe1245ef8a494516e7f
ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f177e60e1b425e919f88c358779504e1cb33c2e67db079a9f184082b237a5b08
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
f95c7de3e34bd5f528ccefd2c80f9d35767e10a96193dbd72e64c93e6b99681e
fae96988029dd427f9062a05c62749d14d8ec5a770a3007d951e4333a4a3f5ec
fc76673400a898b78026dbb1e2cadd1652416487841d44b354a22ff322639870
fda429d756b94c06bc7d1fb1dbf0db55c787d5fa9fe964337b7cfc182f994d78
fea59b05b79ae05d4e63bd254de222aa63437d978c1d49d9a0c1108d593b8931