shadowshopperss.jigsy.com Open in urlscan Pro
70.33.222.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shadowshopperss.jigsy.com/shadow-shoppers-application
Effective URL:
https://shadowshopperss.jigsy.com/shadow-shoppers-application
Submission Tags: falconsandbox
Submission: On August 30 via api (August 30th 2021, 7:07:57 pm UTC) from US

Summary HTTP 54 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 18 IPs in 7 countries across 31 domains to perform 54 HTTP transactions. The main IP is 70.33.222.6, located in Vancouver, Canada and belongs to COGECO-PEER1, CA. The main domain is shadowshopperss.jigsy.com.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on April 22nd 2021. Valid for: a year.

This is the only time shadowshopperss.jigsy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	70.33.222.6 70.33.222.6	13768 (COGECO-PEER1) (COGECO-PEER1)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	65.39.176.77 65.39.176.77	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
17	104.22.3.144 104.22.3.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	208.100.17.188 208.100.17.188	32748 (STEADFAST) (STEADFAST)
2 8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
4 4	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 5	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
2 3	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1 1	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.30.185.188 52.30.185.188	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	18.159.118.206 18.159.118.206	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.126 38.27.122.126	174 (COGENT-174) (COGENT-174)
2 2	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	67.202.110.21 67.202.110.21	32748 (STEADFAST) (STEADFAST)
1 2	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
1 1	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
54	18

11 70.33.222.6 (Vancouver, Canada) 1 redirects

ASN13768 (COGECO-PEER1, CA)

shadowshopperss.jigsy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.39.176.77 (Vancouver, Canada)

ASN13768 (COGECO-PEER1, CA)
PTR: bnidx.com

assets.bnidx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.22.3.144 (None, )

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.188 (United States)

ASN32748 (STEADFAST, US)
PTR: ip188.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.79 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.22 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.44 (United Kingdom) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.127 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.185.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-185-188.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.118.206 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-118-206.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.126 (Chestertown, United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.177.54 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.38 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	infolinks.com resources.infolinks.com router.infolinks.com	281 KB
11	jigsy.com 1 redirects shadowshopperss.jigsy.com	36 KB
8	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	9 KB
7	pubmatic.com 7 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	2 KB
5	adnxs.com 5 redirects ib.adnxs.com secure.adnxs.com	5 KB
5	doubleclick.net 5 redirects cm.g.doubleclick.net	1 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com	3 KB
3	gstatic.com fonts.gstatic.com	44 KB
3	cloudflare.com cdnjs.cloudflare.com	29 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	37 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	633 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	2 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	676 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
1	quantserve.com 1 redirects pixel.quantserve.com	511 B
1	33across.com ssc-cms.33across.com	89 B
1	rfihub.com 1 redirects p.rfihub.com	755 B
1	bnmla.com match.bnmla.com	114 B
1	adkernel.com dsp.adkernel.com	233 B
1	cpx.to s.cpx.to	945 B
1	sonobi.com 1 redirects sync.go.sonobi.com	724 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	475 B
1	onetag-sys.com onetag-sys.com	823 B
1	tynt.com de.tynt.com	455 B
1	googleapis.com fonts.googleapis.com	1 KB
1	bnidx.com assets.bnidx.com	2 KB
1	jquery.com code.jquery.com	30 KB
54	31

	Domain	Requested by
14	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
11	shadowshopperss.jigsy.com	1 redirects shadowshopperss.jigsy.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	cm.g.doubleclick.net	5 redirects
4	ib.adnxs.com	4 redirects
4	image8.pubmatic.com	4 redirects
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	ups.analytics.yahoo.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	resources.infolinks.com	shadowshopperss.jigsy.com resources.infolinks.com
3	fonts.gstatic.com	fonts.googleapis.com
3	cdnjs.cloudflare.com	shadowshopperss.jigsy.com
3	maxcdn.bootstrapcdn.com	shadowshopperss.jigsy.com
2	sync-tm.everesttech.net	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ap.lijit.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.1rx.io	2 redirects
2	image4.pubmatic.com	2 redirects
1	pixel.quantserve.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ssc-cms.33across.com	router.infolinks.com
1	p.rfihub.com	1 redirects
1	match.bnmla.com	router.infolinks.com
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	de.tynt.com	router.infolinks.com
1	fonts.googleapis.com	shadowshopperss.jigsy.com
1	assets.bnidx.com	shadowshopperss.jigsy.com
1	code.jquery.com	shadowshopperss.jigsy.com
54	36

This site contains links to these domains. Also see Links.

Domain
jigsy.com

Subject Issuer	Validity	Valid
*.jigsy.com Sectigo ECC Domain Validation Secure Server CA	`2021-04-22` - `2022-05-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.bnidx.com Sectigo ECC Domain Validation Secure Server CA	`2021-04-16` - `2022-05-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
onetag-sys.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Frame ID: EEB5F544978EB2044C58664AC81823EA
Requests: 26 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Frame ID: 1CDD058B74AD5F7E501DDE35AC62916D
Requests: 16 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: FE1B1B0DB446DDC0E554C0AFD19A3E80
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 49ADEA2329D3A62F0F1523C4FA2CB6A5
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: FB7AC12A21C271E517E26867CCC335FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Easy Website Builder, it's free! Jigsy.com

Page URL History Show full URLs

http://shadowshopperss.jigsy.com/shadow-shoppers-application HTTP 301
https://shadowshopperss.jigsy.com/shadow-shoppers-application Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

XRegExp (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /xregexp.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

54
Requests

100 %
HTTPS

18 %
IPv6

31
Domains

36
Subdomains

18
IPs

7
Countries

470 kB
Transfer

1366 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://jigsy.com/
Title:

Search URL Search Domain Scan URL

URL: https://jigsy.com/account/signup
Title: sign up

Search URL Search Domain Scan URL

URL: http://jigsy.com/about/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://jigsy.com/about/tos
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shadowshopperss.jigsy.com/shadow-shoppers-application HTTP 301
https://shadowshopperss.jigsy.com/shadow-shoppers-application Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 29

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTZGRDJBNEYtOEQ1NS00MENCLTlBNTgtMDNDREE5RDlDNjE0&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTZGRDJBNEYtOEQ1NS00MENCLTlBNTgtMDNDREE5RDlDNjE0&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D56FD2A4F-8D55-40CB-9A58-03CDA9D9C614 HTTP 302
https://router.infolinks.com/dyn/pbm-usync?uid=56FD2A4F-8D55-40CB-9A58-03CDA9D9C614

Request Chain 30

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=827318601784124744

Request Chain 31

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-1zfJavxE2uFkpcjNftYYdXPk0tug2FHMel6reLs-~A

Request Chain 32

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4776027380 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4776027380 HTTP 302
https://sync.1rx.io/usersync/tradedesk/167d68cb-23df-49ad-a11c-85abf7dbe805 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8944cf27-7c17-4aa7-bded-da440ede803b-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-8944cf27-7c17-4aa7-bded-da440ede803b-003 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-8944cf27-7c17-4aa7-bded-da440ede803b-003

Request Chain 33

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 34

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP 302
https://router.infolinks.com/dyn/sonobi-usync?uid=0ba2fc23-008e-4289-a1e2-d997af90e32e

Request Chain 35

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fshadowshopperss.jigsy.com%252Fshadow-shoppers-application&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fshadowshopperss.jigsy.com%25252Fshadow-shoppers-application%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application&pid=12306&adnxs_uid=1115098312079819609

Request Chain 37

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8bc0fa99-09c5-11ec-b90e-0633f6730210 HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-0Ey6kqBE2uGnTn6NOn5aRe0DiDS5N1OI~A~UP8bc0fa99-09c5-11ec-b90e-0633f6730210

Request Chain 39

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=1acef2b8339323cf5d1f00a2

Request Chain 40

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D56FD2A4F-8D55-40CB-9A58-03CDA9D9C614 HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=56FD2A4F-8D55-40CB-9A58-03CDA9D9C614

Request Chain 42

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=1871597497848871625

Request Chain 44

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS0sewXmhoCcj1A0YqqpXAAABGcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YS0sewXmhoCcj1A0YqqpXAAABGcAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDvOh1NBDxc6O3Ng6njSidc&google_cver=1

Request Chain 46

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS0sewXmhoCcj1A0YqqpXAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGQIBsRH74WkHQQdwp_0C0k&google_cver=1

Request Chain 47

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS0sewXmhoCcj1A0YqqpXAAABGcAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS0sewXmhoCcj1A0YqqpXAAABGcAAAIB&dcc=t

Request Chain 48

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1115098312079819609

Request Chain 49

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YS0sfAAEDfIELwBg HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS0sfAAEDfIELwBg&_test=YS0sfAAEDfIELwBg

Request Chain 50

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=FZzosxHO7bQOnb-1Epj37xWa7-EOybyyFp1ZM-x-

Request Chain 51

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6836368601865497966&uid=Q6836368601865497966&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request shadow-shoppers-application Show response
shadowshopperss.jigsy.com/
Redirect Chain

http://shadowshopperss.jigsy.com/shadow-shoppers-application
https://shadowshopperss.jigsy.com/shadow-shoppers-application

4 KB
5 KB

583ms
215ms

Document
text/html

70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 08265cf948324268750ece35a32a6236ce3437257a6a4b2eb3f2f645fad9937f

Request headers

:method: GET
:authority: shadowshopperss.jigsy.com
:scheme: https
:path: /shadow-shoppers-application
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 19:07:38 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
cache-control: no-cache
x-request-id: a9535e0e26375df520dcdc872288a8ca
x-ua-compatible: IE=Edge
x-runtime: 0.028443
x-rack-cache: miss
x-powered-by: Phusion Passenger 6.0.4
status: 404 Not Found
content-type: text/html; charset=utf-8

Redirect headers

Content-length: 0
Location: https://shadowshopperss.jigsy.com/shadow-shoppers-application

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 25ms
21ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 19:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
age: 581676
cdn-cachedat: 2021-06-08 21:21:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 203451c6c050184245ebe231729b4b5c
cf-ray: 68704d9c9b854e49-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 23ms
20ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 19:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 2243092
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 40b2c5e257c44c41b18e54bb6d5c182e
cf-ray: 68704d9c9b894e49-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-select.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/css/ 6 KB
2 KB 17ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/css/bootstrap-select.min.css

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 19:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2060451
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1315
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-19ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgdvSTAZMgv8U3zuwicA%2BZl%2Blv1u%2Bcerv%2Bo5J%2BcQHDBEKSrre8p8lCBJYOGiwz1GYIQpWC4bUJtGL%2BE5w%2Bjfit7U2UZqQfPG5dlBNxvAth5HpeGA6dA6VkLAjXXtxnuPm6quXuVRbbf8r3GUy2wr0wvc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68704d9c9dd24345-FRA
expires: Sat, 20 Aug 2022 19:07:38 GMT

GET
H2 200 style-1b7c0e119bc58347e850590d5f2f6fd3.css
shadowshopperss.jigsy.com/assets/responsive/ 9 KB
10 KB 201ms
198ms Stylesheet
text/css 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/style-1b7c0e119bc58347e850590d5f2f6fd3.css
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 37dcad0aea3a8073c2a28d1e2f2f5ce73a033ee61c9c961adf056d5fdf9bf5a0

Request headers

:path: /assets/responsive/style-1b7c0e119bc58347e850590d5f2f6fd3.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowshopperss.jigsy.com
referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-runtime: 0.003749
date: Mon, 30 Aug 2021 19:07:38 GMT
x-content-digest: 23ddcdea5b46777aeb49678ccc9281f7dab07c82
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: text/css
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: 745cf2a3ba654f006dbe263ab7fcbe33
content-length: 9444
etag: "1b7c0e119bc58347e850590d5f2f6fd3"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 helper-classes-7f703c796690e15e41571acefd4feed6.css
shadowshopperss.jigsy.com/assets/responsive/ 166 B
612 B 200ms
196ms Stylesheet
text/css 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/helper-classes-7f703c796690e15e41571acefd4feed6.css
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 54829ef6edbc5fb8f6bd00c6e4f677b1093943e47d9d2528e25fbd08533f83e7

Request headers

:path: /assets/responsive/helper-classes-7f703c796690e15e41571acefd4feed6.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowshopperss.jigsy.com
referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-runtime: 0.003486
date: Mon, 30 Aug 2021 19:07:38 GMT
x-content-digest: f4a7c3ef80123f6b5ea85b03de7e1020999de185
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: text/css
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: c0aeeea20bea3567021fc77f9092c7ad
content-length: 166
etag: "7f703c796690e15e41571acefd4feed6"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jigsy-f762e135464f4d07cbaa221229fb49a6.css
shadowshopperss.jigsy.com/assets/responsive/ 3 KB
3 KB 199ms
196ms Stylesheet
text/css 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/jigsy-f762e135464f4d07cbaa221229fb49a6.css
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 477a95228c963cad1c13967a9b3eee0db6f9813cbc3c9a0aa13d00a46e472853

Request headers

:path: /assets/responsive/jigsy-f762e135464f4d07cbaa221229fb49a6.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowshopperss.jigsy.com
referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-runtime: 0.003092
date: Mon, 30 Aug 2021 19:07:38 GMT
x-content-digest: e8ecde58886faae00e94437dce0d2c83e1aa61af
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: text/css
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: a3672b596fa2845d74807c5b3da32c85
content-length: 3106
etag: "f762e135464f4d07cbaa221229fb49a6"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 30ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 19:07:38 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1630350458.dop239.fr8.t,1630350458.cds272.fr8.hc,1630350458.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 21ms
18ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 19:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 13903688
cdn-cachedat: 2021-03-11 11:57:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3033c5b7ea34684b20a8f4234fea378f
cf-ray: 68704d9c9b914e49-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-select.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/js/ 33 KB
9 KB 18ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/js/bootstrap-select.min.js

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7d277ad3ded41d89d82daaa750df136efbe19dec4a0ffda83fd31d651e2d316

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 19:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2084457
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8703
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-8263"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fct%2FTAjDEU%2FK1SYycZmj6nhEkwWzix1ES5bnz9%2FozzwlA3cbcjDw4afq%2BvgrzROa1s0drT%2F5c5ZxYgypEecwMU6vtGp9oE6Qgc9S2IZ3ePp8DgVehYlPY755XyRP3WcCvmbd2v3Mt3NKbtcbrC6XAEKL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68704d9c9dda4345-FRA
expires: Sat, 20 Aug 2022 19:07:38 GMT

GET
H2 200 xregexp-all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/xregexp/3.2.0/ 78 KB
19 KB 16ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/xregexp/3.2.0/xregexp-all.min.js

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16451935f2c828efe085e9e3419bf041c99f38143e720bcec92780379198369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 19:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8292777
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18708
cf-request-id: 0a4bc51883000018e583aed000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:57 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04035-13844"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pUzlWLZjfNg3Ta%2FQJO48k7%2Fq9bDd1y93a8iOjoeLVS4CLPiP1ewkEsrmRouCXACq3JuhkCmuPBjiqJmzJQ%2BcR%2FnQ9D6R8wQfjuWmACgGTFRQqL8YFDeZfhc7Ah5845bxgYfxw%2F%2BDf5cz10%2F%2BFGx7aD8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68704d9c9ddb4345-FRA
expires: Sat, 20 Aug 2022 19:07:38 GMT

GET
H2 200 jigsy-ae828f57d7e73ce8be0baab9815bf39d.js Show response
shadowshopperss.jigsy.com/assets/responsive/ 2 KB
2 KB 195ms
193ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/jigsy-ae828f57d7e73ce8be0baab9815bf39d.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 1d3cc74bdade25c9fd2992964780f06539ea7bf07d03b4da7d0d76afb9b016e9

Request headers

:path: /assets/responsive/jigsy-ae828f57d7e73ce8be0baab9815bf39d.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowshopperss.jigsy.com
referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-runtime: 0.003711
date: Mon, 30 Aug 2021 19:07:38 GMT
x-content-digest: 57cafd7253f2589b7edeea98ff28d3e2513b29fd
last-modified: Wed, 21 Jul 2021 18:27:00 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: 4254d53a2402dab5fce5a4410e38b245
content-length: 1596
etag: "ae828f57d7e73ce8be0baab9815bf39d"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jigsy.countdown-eb7237748346a9b56ca02c5ca99d335b.js Show response
shadowshopperss.jigsy.com/assets/responsive/ 165 B
625 B 198ms
195ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/jigsy.countdown-eb7237748346a9b56ca02c5ca99d335b.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 7b6af6361d1836d3d5864f9a8e42e5201f432a518ff7a73fed6e64af10daeee9

Request headers

:path: /assets/responsive/jigsy.countdown-eb7237748346a9b56ca02c5ca99d335b.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowshopperss.jigsy.com
referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-runtime: 0.003775
date: Mon, 30 Aug 2021 19:07:38 GMT
x-content-digest: 5013b6f831ab2693830c852cdd95becba3932508
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: ca4e2f761af7154924085c00e43b011b
content-length: 165
etag: "eb7237748346a9b56ca02c5ca99d335b"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jigsy.extensions-dd3b6a9aecc8ca06dd6386af6b3293cf.js Show response
shadowshopperss.jigsy.com/assets/responsive/ 462 B
922 B 368ms
365ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/jigsy.extensions-dd3b6a9aecc8ca06dd6386af6b3293cf.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 359836ef917e6a8d43dadfe1a427808c18656f6df8290b4010e2439b43a440b4

Request headers

:path: /assets/responsive/jigsy.extensions-dd3b6a9aecc8ca06dd6386af6b3293cf.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowshopperss.jigsy.com
referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-runtime: 0.004255
date: Mon, 30 Aug 2021 19:07:38 GMT
x-content-digest: 108bde0280e7cd09ab021606962d45f4e46b551f
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: bdbe19408a7ad6fae91de8fc224d617d
content-length: 462
etag: "dd3b6a9aecc8ca06dd6386af6b3293cf"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jigsy.ajaxForms-b02294cb797aa3c7d5e870687ce759c8.js Show response
shadowshopperss.jigsy.com/assets/responsive/ 381 B
841 B 367ms
365ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/responsive/jigsy.ajaxForms-b02294cb797aa3c7d5e870687ce759c8.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: 034267c82673796f2f6fe56a3ef4230b47ddae481fd0d4bdd7a7038a1b332648

Request headers

:path: /assets/responsive/jigsy.ajaxForms-b02294cb797aa3c7d5e870687ce759c8.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowshopperss.jigsy.com
referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-runtime: 0.004943
date: Mon, 30 Aug 2021 19:07:38 GMT
x-content-digest: e6d0302d8fdfbd9dc6ff99f71976697ec1687440
last-modified: Tue, 08 Jun 2021 19:31:48 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: 33da45a44ed43d20c108591786470bd3
content-length: 381
etag: "b02294cb797aa3c7d5e870687ce759c8"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 jquery_ujs-f73e1bd169fae2ec00e76eb32d636a9a.js Show response
shadowshopperss.jigsy.com/assets/ 7 KB
8 KB 197ms
195ms Script
application/javascript 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowshopperss.jigsy.com/assets/jquery_ujs-f73e1bd169fae2ec00e76eb32d636a9a.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 / Phusion Passenger 6.0.4
Resource Hash: b34c0a3651292fe7652a929be7b36f17fcf40d1f0150a01989e0707527d489b2

Request headers

:path: /assets/jquery_ujs-f73e1bd169fae2ec00e76eb32d636a9a.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowshopperss.jigsy.com
referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-runtime: 0.003482
date: Mon, 30 Aug 2021 19:07:38 GMT
x-content-digest: 4e652faa2f2f3b8fafd800dccf62aca27212fc98
last-modified: Sat, 17 Apr 2021 06:36:56 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
age: 0
x-powered-by: Phusion Passenger 6.0.4
content-type: application/javascript
status: 200 OK
cache-control: public, max-age=31536000
x-request-id: 1d6ae256a01507a1ede4218812e5df50
content-length: 7523
etag: "f73e1bd169fae2ec00e76eb32d636a9a"
x-rack-cache: miss, store
x-ua-compatible: IE=Edge

GET
H2 200 logo.png
shadowshopperss.jigsy.com/images/jigsy/ 5 KB
5 KB 184ms
184ms Image
image/png 70.33.222.6
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowshopperss.jigsy.com/images/jigsy/logo.png
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 70.33.222.6 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4 /
Resource Hash: d40000464c06127197135256da45cc0a3a2abda2e34b5d53a0e937c3bd23330f

Request headers

:path: /images/jigsy/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shadowshopperss.jigsy.com
referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 19:07:38 GMT
last-modified: Wed, 18 Aug 2021 19:37:42 GMT
server: Apache/2.4.37 (AlmaLinux) Phusion_Passenger/6.0.4
accept-ranges: bytes
etag: "1322-5c9da9156ed80"
content-length: 4898
content-type: image/png

GET
H2 200 loader.js Show response
assets.bnidx.com/jigsy/js/ 930 B
2 KB 710ms
342ms Script
text/html 65.39.176.77
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bnidx.com/jigsy/js/loader.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.39.176.77 Vancouver, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: bnidx.com
Software: Apache / PHP/7.2.24
Resource Hash: 2740dc691aeb3add71f54034b04fa4adf6f2b544940298d3bf215a62e88da4b8

Request headers

Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 19:07:39 GMT
cache-control: no-cache, private
server: Apache
x-powered-by: PHP/7.2.24
content-length: 930
content-type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 14ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/assets/responsive/jigsy-f762e135464f4d07cbaa221229fb49a6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aabe0a1289af95490826f7c9d04dcdb59736ec069a6c794a82e4f808c69ea70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 18:43:57 GMT
server: ESF
date: Mon, 30 Aug 2021 19:07:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Aug 2021 19:07:38 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shadowshopperss.jigsy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 08:52:43 GMT
x-content-type-options: nosniff
age: 209695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 08:52:43 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shadowshopperss.jigsy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 06:55:21 GMT
x-content-type-options: nosniff
age: 303137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:22:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 06:55:21 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shadowshopperss.jigsy.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 14:28:00 GMT
x-content-type-options: nosniff
age: 535178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 14:28:00 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 59ms
23ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b68afc3215b363d1f586226434ca0412996364874b7669796b95d30f1878f198

Request headers

Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray: 68704da3ada70215-ZRH
date: Mon, 30 Aug 2021 19:07:39 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 30 Aug 2021 07:44:36 GMT
server: cloudflare
age: 12173
etag: W/"d40-5cac20135d64e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
expires: Mon, 30 Aug 2021 16:44:46 GMT

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1755.008-3.025/ 588 KB
188 KB 25ms
25ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js
Requested by: Host: shadowshopperss.jigsy.com
URL: https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44af7fb57e8a9bb73f53a09e86f4868147a1fe66f704021ad6d31a653a9af371

Request headers

Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray: 68704da3cdd80215-ZRH
date: Mon, 30 Aug 2021 19:07:39 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 23 Aug 2021 11:01:07 GMT
server: cloudflare
age: 13105
etag: W/"93152-5ca37ef1ad464"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 29 Sep 2021 15:29:14 GMT

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/3.025/ 279 KB
86 KB 31ms
31ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.025/pbice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b

Request headers

Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray: 68704da47ec20215-ZRH
date: Mon, 30 Aug 2021 19:07:39 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 30 Jun 2021 09:40:59 GMT
server: cloudflare
age: 8565
etag: W/"45adc-5c5f8851c3ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 29 Sep 2021 16:44:54 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 1CDD 8 KB
2 KB 262ms
261ms Document
text/html 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd22c9e3902850da7d9a5b30959e8e4dddcd5382b6b140c66d4877bce73055a

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shadowshopperss.jigsy.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://shadowshopperss.jigsy.com/

Response headers

date: Mon, 30 Aug 2021 19:07:39 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 68704da49eec0215-ZRH
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
52 B 182ms
182ms Script
text/plain 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shadowshopperss.jigsy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 19:07:39 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 68704da49ef50215-ZRH
content-length: 0

GET
H2 200 / Show response
de.tynt.com/deb/ Frame FE1B 75 B
455 B 370ms
120ms Document
text/html 208.100.17.188
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.188 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip188.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires: Sat, 26 Jul 1997 05:00:00 GMT
set-cookie: uid=UC3EKWEtLHxgIb0kKiqG3A==;Version=1;Comment=;SameSite=None;Domain=tynt.com;Path=/;Max-Age=31536000;Secure
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Mon, 30 Aug 2021 19:07:39 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 49AD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

2 KB
3 KB

43ms
43ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ea2ade95c3bbba393d7f05e5ae311971ff5883436fabdab8af4ef52f8b36326e

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YS0sewXmhoCcj1A0YqqpXAAA; CMPS=3200
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|39|45|241|46|88|81|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1748
Expires: Mon, 30 Aug 2021 19:07:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:40 GMT
Connection: keep-alive
Set-Cookie: CMID=YS0sewXmhoCcj1A0YqqpXAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 30 Aug 2022 19:07:40 GMT CMPS=3200;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 28 Nov 2021 19:07:40 GMT CMPRO=1127;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 28 Nov 2021 19:07:40 GMT CMRUM3=58612d2c7c05a0&f1612d2c7c05a0&1f612d2c7c05a00&51612d2c7c05a0&2e612d2c7c05a0&27612d2c7c0b40&2d612d2c7c05a0&e6612d2c7c2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 30 Aug 2022 19:07:40 GMT CMST=YS0sfGEtLHwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 19:07:40 GMT

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 30 Aug 2021 19:07:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:39 GMT
Connection: keep-alive
Set-Cookie: CMID=YS0sewXmhoCcj1A0YqqpXAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 30 Aug 2022 19:07:39 GMT CMPS=3200;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 28 Nov 2021 19:07:39 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame FB7A 2 KB
823 B 71ms
21ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=598ce3ddaee8c90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

pbm-usync
router.infolinks.com/dyn/ Frame 1CDD
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTZGRDJBNEYtOEQ1NS00MENCLTlBNTgtMDNDREE5RDlDNjE0&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTZGRDJBNEYtOEQ1NS00MENCLTlBNTgtMDNDREE5RDlDNjE0&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D56FD2A4F-8D55-40CB-9A58-03CDA9D9C614
https://router.infolinks.com/dyn/pbm-usync?uid=56FD2A4F-8D55-40CB-9A58-03CDA9D9C614

0
255 B

188ms
188ms

Image
text/html

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/pbm-usync?uid=56FD2A4F-8D55-40CB-9A58-03CDA9D9C614
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, private
cf-ray: 68704da9fd6d0215-ZRH
content-length: 0
expires: Sun, 30 Aug 2020 19:07:40 GMT

Redirect headers

location: https://router.infolinks.com/dyn/pbm-usync?uid=56FD2A4F-8D55-40CB-9A58-03CDA9D9C614
date: Mon, 30 Aug 2021 19:07:39 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 1CDD
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=827318601784124744

35 B
187 B

190ms
190ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=827318601784124744
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68704da6e9730215-ZRH
content-length: 35
expires: Sun, 30 Aug 2020 19:07:40 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:39 GMT
X-Proxy-Origin: 185.156.175.110; 185.156.175.110; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: bdad2568-9cdd-4664-81a4-35ed182a9541
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=827318601784124744
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 1CDD
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-1zfJavxE2uFkpcjNftYYdXPk0tug2FHMel6reLs-~A

35 B
209 B

182ms
182ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-1zfJavxE2uFkpcjNftYYdXPk0tug2FHMel6reLs-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68704da709980215-ZRH
content-length: 35
expires: Sun, 30 Aug 2020 19:07:40 GMT

Redirect headers

Date: Mon, 30 Aug 2021 19:07:39 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/VR-usync?uid=y-1zfJavxE2uFkpcjNftYYdXPk0tug2FHMel6reLs-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 1CDD
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4776027380
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4776027380
https://sync.1rx.io/usersync/tradedesk/167d68cb-23df-49ad-a11c-85abf7dbe805
https://sync.targeting.unrulymedia.com/csync/RX-8944cf27-7c17-4aa7-bded-da440ede803b-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-8944cf27-7c17-4aa7-bded-da440ede803b-003
https://router.infolinks.com/dyn/r1-usync?uid=RX-8944cf27-7c17-4aa7-bded-da440ede803b-003

35 B
205 B

160ms
159ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-8944cf27-7c17-4aa7-bded-da440ede803b-003
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68704da94ca10215-ZRH
content-length: 35
expires: Sun, 30 Aug 2020 19:07:40 GMT

Redirect headers

location: https://router.infolinks.com/dyn/r1-usync?uid=RX-8944cf27-7c17-4aa7-bded-da440ede803b-003
date: Mon, 30 Aug 2021 19:07:40 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX8944cf277c174aa7bdedda440ede803b003
content-type: text/html

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 1CDD
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
178 B

247ms
244ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68704da90c5c0215-ZRH
content-length: 35
expires: Sun, 30 Aug 2020 19:07:40 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H2

200

sonobi-usync
router.infolinks.com/dyn/ Frame 1CDD
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
https://router.infolinks.com/dyn/sonobi-usync?uid=0ba2fc23-008e-4289-a1e2-d997af90e32e

35 B
293 B

156ms
156ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sonobi-usync?uid=0ba2fc23-008e-4289-a1e2-d997af90e32e
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68704da7098d0215-ZRH
content-length: 35
expires: Sun, 30 Aug 2020 19:07:40 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:39 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://router.infolinks.com/dyn/sonobi-usync?uid=0ba2fc23-008e-4289-a1e2-d997af90e32e
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 1CDD
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fshadowshopperss.jigsy.com%252Fshadow-shoppers-application&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fshadowshopperss.jigsy.com%25252Fshadow-shoppers-application%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application&pid=12306&adnxs_uid=1115098312079819609

95 B
945 B

181ms
61ms

Image
image/png

52.30.185.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application&pid=12306&adnxs_uid=1115098312079819609

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.185.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-185-188.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 30 Aug 2021 19:07:40 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 30 Aug 2021 19:07:40 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:40 GMT
X-Proxy-Origin: 185.156.175.110; 185.156.175.110; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a0629829-e4a4-41a8-843f-3348553f256b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2Fshadowshopperss.jigsy.com%2Fshadow-shoppers-application&pid=12306&adnxs_uid=1115098312079819609
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 1CDD 42 B
233 B 324ms
103ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:40 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 1CDD
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP8bc0fa99-09c5-11ec-b90e-0633f6730210
https://router.infolinks.com/dyn/outh-usync?uid=y-0Ey6kqBE2uGnTn6NOn5aRe0DiDS5N1OI~A~UP8bc0fa99-09c5-11ec-b90e-0633f6730210

35 B
234 B

196ms
195ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-0Ey6kqBE2uGnTn6NOn5aRe0DiDS5N1OI~A~UP8bc0fa99-09c5-11ec-b90e-0633f6730210
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68704da739cc0215-ZRH
content-length: 35
expires: Sun, 30 Aug 2020 19:07:40 GMT

Redirect headers

Date: Mon, 30 Aug 2021 19:07:40 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/outh-usync?uid=y-0Ey6kqBE2uGnTn6NOn5aRe0DiDS5N1OI~A~UP8bc0fa99-09c5-11ec-b90e-0633f6730210
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usersync
match.bnmla.com/ Frame 1CDD 0
114 B 358ms
112ms Image
text/plain 38.27.122.126
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.126 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 19:07:40 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 1CDD
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=1acef2b8339323cf5d1f00a2

35 B
193 B

188ms
188ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=1acef2b8339323cf5d1f00a2
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68704da97cd60215-ZRH
content-length: 35
expires: Sun, 30 Aug 2020 19:07:40 GMT

Redirect headers

Date: Mon, 30 Aug 2021 19:07:40 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=1acef2b8339323cf5d1f00a2
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 1CDD
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D56FD2A4F-8D55-40CB-9A58-03CDA9D9C614
https://router.infolinks.com/dyn/usersync?pmuservalue=56FD2A4F-8D55-40CB-9A58-03CDA9D9C614

0
157 B

218ms
217ms

Image
text/plain

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=56FD2A4F-8D55-40CB-9A58-03CDA9D9C614
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 19:07:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 68704da9fd6c0215-ZRH
content-length: 0

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=56FD2A4F-8D55-40CB-9A58-03CDA9D9C614
date: Mon, 30 Aug 2021 19:07:38 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame 1CDD 0
35 B 156ms
156ms Image
text/plain 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 19:07:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 68704da81b0b0215-ZRH
content-length: 0

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 1CDD
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=1871597497848871625

35 B
188 B

251ms
251ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=1871597497848871625
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68704da97cea0215-ZRH
content-length: 35
expires: Sun, 30 Aug 2020 19:07:40 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=1871597497848871625
Date: Mon, 30 Aug 2021 19:07:40 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 1CDD 0
89 B 375ms
119ms Image
text/plain 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3235947&wsid=0&pdom=shadowshopperss.jigsy.com&purl=https://shadowshopperss.jigsy.com/shadow-shoppers-application
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-110.static.steadfastdns.net
Software: 33XP005 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-33x-status: 200000000000000002020008
date: Mon, 30 Aug 2021 19:07:39 GMT
server: 33XP005

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 49AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS0sewXmhoCcj1A0YqqpXAAABGcAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YS0sewXmhoCcj1A0YqqpXAAABGcAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDvOh1NBDxc6O3Ng6njSidc&google_cver=1

43 B
315 B

49ms
48ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDvOh1NBDxc6O3Ng6njSidc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 30 Aug 2021 19:07:40 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDvOh1NBDxc6O3Ng6njSidc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 49AD 70 B
265 B 81ms
44ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 49AD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS0sewXmhoCcj1A0YqqpXAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGQIBsRH74WkHQQdwp_0C0k&google_cver=1

43 B
1000 B

40ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGQIBsRH74WkHQQdwp_0C0k&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 30 Aug 2021 19:07:40 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGQIBsRH74WkHQQdwp_0C0k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 49AD
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS0sewXmhoCcj1A0YqqpXAAABGcAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS0sewXmhoCcj1A0YqqpXAAABGcAAAIB&dcc=t

43 B
932 B

134ms
133ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS0sewXmhoCcj1A0YqqpXAAABGcAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:40 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GCK22MC296NXEBR6ZJSB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:40 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: D05GW7E8NXD9YVYQG16B
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YS0sewXmhoCcj1A0YqqpXAAABGcAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 49AD
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1115098312079819609

43 B
992 B

94ms
68ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1115098312079819609
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 30 Aug 2021 19:07:40 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:40 GMT
X-Proxy-Origin: 185.156.175.110; 185.156.175.110; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1d66c1c6-7378-4386-842b-2954ad95e2b6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1115098312079819609
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 49AD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YS0sfAAEDfIELwBg
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS0sfAAEDfIELwBg&_test=YS0sfAAEDfIELwBg

43 B
1016 B

337ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS0sfAAEDfIELwBg&_test=YS0sfAAEDfIELwBg
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 30 Aug 2021 19:07:40 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630350460.225717,VS0,VE0
x-served-by: cache-fra19158-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS0sfAAEDfIELwBg&_test=YS0sfAAEDfIELwBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 49AD
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=FZzosxHO7bQOnb-1Epj37xWa7-EOybyyFp1ZM-x-

43 B
1013 B

104ms
44ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=FZzosxHO7bQOnb-1Epj37xWa7-EOybyyFp1ZM-x-
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Aug 2021 19:07:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 30 Aug 2021 19:07:40 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=FZzosxHO7bQOnb-1Epj37xWa7-EOybyyFp1ZM-x-
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 49AD
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6836368601865497966&uid=Q6836368601865497966&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

32ms
31ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 19:07:40 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Mon, 30 Aug 2021 19:07:40 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame 49AD 35 B
196 B 172ms
171ms Image
image/gif 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YS0sewXmhoCcj1A0YqqpXAAA%261127
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Aug 2021 19:07:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 68704da749de0215-ZRH
content-length: 35
expires: Sun, 30 Aug 2020 19:07:40 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.infolinks.com/	1970-01-19 20:53:56	Name: KADUSERCOOKIE Value: 56FD2A4F-8D55-40CB-9A58-03CDA9D9C614~1630350547013
.infolinks.com/	1970-01-19 20:53:56	Name: PUBMUSERCOOKIE Value: 56FD2A4F-8D55-40CB-9A58-03CDA9D9C614
.infolinks.com/	1970-01-19 20:53:56	Name: ZTUSERCOOKIE Value: 1871597497848871625

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js(Line 1) Message: [object Object]
console-api	log	URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js(Line 1) Message: Failed to log to loggly because of this exception: TypeError: Converting circular structure to JSON --> starting at object with constructor 'Window' --- property 'window' closes the circle
console-api	log	URL: https://resources.infolinks.com/js/1755.008-3.025/ice.js(Line 1) Message: Failed log data: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ap.lijit.com
assets.bnidx.com
b1sync.zemanta.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
match.adsrvr.org
match.bnmla.com
maxcdn.bootstrapcdn.com
onetag-sys.com
p.rfihub.com
pixel.advertising.com
pixel.quantserve.com
px.owneriq.net
resources.infolinks.com
router.infolinks.com
s.amazon-adsystem.com
s.cpx.to
secure.adnxs.com
shadowshopperss.jigsy.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.targeting.unrulymedia.com
ups.analytics.yahoo.com
104.111.242.53
104.22.3.144
142.250.185.226
151.101.14.49
174.137.133.49
178.162.133.149
18.159.118.206
185.64.189.114
185.64.190.79
185.64.190.80
193.0.160.128
2.18.234.21
2001:4de0:ac18::1:a:3b
208.100.17.188
209.54.177.54
213.19.147.44
213.19.147.45
2606:4700::6810:135e
2606:4700::6812:acf
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:802::2003
2a00:1450:4001:813::200a
3.126.56.137
37.252.172.38
37.252.173.22
38.27.122.126
51.89.9.254
52.30.185.188
65.39.176.77
67.202.110.21
70.33.222.6
70.42.32.127
72.251.249.14
76.223.111.131
034267c82673796f2f6fe56a3ef4230b47ddae481fd0d4bdd7a7038a1b332648
08265cf948324268750ece35a32a6236ce3437257a6a4b2eb3f2f645fad9937f
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
1d3cc74bdade25c9fd2992964780f06539ea7bf07d03b4da7d0d76afb9b016e9
2740dc691aeb3add71f54034b04fa4adf6f2b544940298d3bf215a62e88da4b8
359836ef917e6a8d43dadfe1a427808c18656f6df8290b4010e2439b43a440b4
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37dcad0aea3a8073c2a28d1e2f2f5ce73a033ee61c9c961adf056d5fdf9bf5a0
44af7fb57e8a9bb73f53a09e86f4868147a1fe66f704021ad6d31a653a9af371
477a95228c963cad1c13967a9b3eee0db6f9813cbc3c9a0aa13d00a46e472853
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54829ef6edbc5fb8f6bd00c6e4f677b1093943e47d9d2528e25fbd08533f83e7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b6af6361d1836d3d5864f9a8e42e5201f432a518ff7a73fed6e64af10daeee9
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
aabe0a1289af95490826f7c9d04dcdb59736ec069a6c794a82e4f808c69ea70e
acd22c9e3902850da7d9a5b30959e8e4dddcd5382b6b140c66d4877bce73055a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16451935f2c828efe085e9e3419bf041c99f38143e720bcec92780379198369
b34c0a3651292fe7652a929be7b36f17fcf40d1f0150a01989e0707527d489b2
b68afc3215b363d1f586226434ca0412996364874b7669796b95d30f1878f198
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
d40000464c06127197135256da45cc0a3a2abda2e34b5d53a0e937c3bd23330f
d7d277ad3ded41d89d82daaa750df136efbe19dec4a0ffda83fd31d651e2d316
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2ade95c3bbba393d7f05e5ae311971ff5883436fabdab8af4ef52f8b36326e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
feeb377a08b6715a7498491547c727a8bb2e0d8e819ab0eebd33d4b84af51c94

shadowshopperss.jigsy.com Open in urlscan Pro 70.33.222.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

18 %IPv6

31 Domains

36 Subdomains

18 IPs

7 Countries

470 kBTransfer

1366 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shadowshopperss.jigsy.com Open in urlscan Pro
70.33.222.6 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

18 %
IPv6

31
Domains

36
Subdomains

18
IPs

7
Countries

470 kB
Transfer

1366 kB
Size

3
Cookies

54 HTTP transactions
0 data transactions