urlscan.io logo urlscan.io
SecurityTrails logo

cdn.adnw.xyz Open in urlscan Pro
2600:9000:20eb:8800:18:9c2c:95c0:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Submission: On December 03 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 8 countries across 20 domains to perform 45 HTTP transactions. The main IP is 2600:9000:20eb:8800:18:9c2c:95c0:93a1, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is cdn.adnw.xyz.
This is the only time cdn.adnw.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2600:9000:20e... 16509 (AMAZON-02)
3 143.204.101.27 16509 (AMAZON-02)
3 202.39.224.68 3462 (HINET Dat...)
2 23.37.60.199 16625 (AKAMAI-AS)
8 202.39.143.233 3462 (HINET Dat...)
1 34.95.67.231 15169 (GOOGLE)
3 178.250.2.130 44788 (ASN-CRITE...)
3 35.186.230.197 15169 (GOOGLE)
4 4 35.227.249.156 15169 (GOOGLE)
1 35.201.76.93 15169 (GOOGLE)
1 35.227.202.26 15169 (GOOGLE)
1 185.33.223.197 29990 (ASN-APPNEXUS)
1 178.250.0.165 44788 (ASN-CRITE...)
1 119.81.183.194 36351 (SOFTLAYER)
1 35.244.167.129 15169 (GOOGLE)
1 103.132.192.30 138552 (RTBHOUSE-...)
3 151.101.14.109 54113 (FASTLY)
1 3 162.210.196.208 30633 (LEASEWEB-...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 216.58.210.2 15169 (GOOGLE)
1 54.186.138.202 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
45 23
1    2600:9000:20eb:8800:18:9c2c:95c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
cdn.adnw.xyz
3    143.204.101.27 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-27.fra50.r.cloudfront.net
cdn.doublemax.net
adx.doublemax.net
3    202.39.224.68 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 202-39-224-68.HINET-IP.hinet.net
t.ssp.hinet.net
2    23.37.60.199 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-60-199.deploy.static.akamaitechnologies.com
static-tagr.gd1.mookie1.com
8    202.39.143.233 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 202-39-143-233.HINET-IP.hinet.net
cdncf-hinetwork.cdn.hinet.net
1    34.95.67.231 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.doublemax.net
3    178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    35.186.230.197 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 197.230.186.35.bc.googleusercontent.com
ad.doublemax.net
4    35.227.249.156 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 156.249.227.35.bc.googleusercontent.com
mt.doublemax.net
m.doublemax.net
1    35.201.76.93 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
1    35.227.202.26 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 26.202.227.35.bc.googleusercontent.com
tw-gmtdmp.mookie1.com
1    185.33.223.197 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    119.81.183.194 (Central, Hong Kong)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: c2.b7.5177.ip4.static.sl-reverse.com
as.innity.com
1    35.244.167.129 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 129.167.244.35.bc.googleusercontent.com
ad2.apx.appier.net
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: unused-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
3    151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
cdn.jsdelivr.net
3    162.210.196.208 (Arlington, United States)

ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US)
agent.aralego.com
ads.aralego.com
sync.aralego.com
2    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.aralego.net
2    216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net
cm.g.doubleclick.net
1    54.186.138.202 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-186-138-202.us-west-2.compute.amazonaws.com
dmp.eland-tech.com
2    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
adservice.google.com
1    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
2    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
www.googletagservices.com
2    2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
Domain Requested by
8 cdncf-hinetwork.cdn.hinet.net cdn.doublemax.net
ad.doublemax.net
cdn.adnw.xyz
3 cdn.jsdelivr.net cdn.adnw.xyz
3 mt.doublemax.net 3 redirects
3 ad.doublemax.net cdn.doublemax.net
cdn.adnw.xyz
cdncf-hinetwork.cdn.hinet.net
3 static.criteo.net cdn.doublemax.net
cdn.adnw.xyz
3 t.ssp.hinet.net cdn.doublemax.net
t.ssp.hinet.net
cdn.adnw.xyz
2 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
2 pagead2.googlesyndication.com cdn.aralego.net
pagead2.googlesyndication.com
2 cm.g.doubleclick.net 2 redirects
2 cdn.aralego.net cdn.adnw.xyz
cdn.aralego.net
2 static-tagr.gd1.mookie1.com cdn.doublemax.net
2 cdn.doublemax.net cdn.adnw.xyz
cdn.doublemax.net
1 www.googletagservices.com pagead2.googlesyndication.com
1 adx.doublemax.net pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 sync.aralego.com cdn.adnw.xyz
1 ads.aralego.com cdn.aralego.net
1 dmp.eland-tech.com cdn.jsdelivr.net
1 m.doublemax.net 1 redirects
1 agent.aralego.com 1 redirects
1 prebid-asia.creativecdn.com cdncf-hinetwork.cdn.hinet.net
1 ad2.apx.appier.net cdncf-hinetwork.cdn.hinet.net
1 as.innity.com cdncf-hinetwork.cdn.hinet.net
1 bidder.criteo.com static.criteo.net
1 ib.adnxs.com static-tagr.gd1.mookie1.com
1 tw-gmtdmp.mookie1.com cdn.adnw.xyz
1 c.holmesmind.com cdn.adnw.xyz
1 fcm.doublemax.net cdn.doublemax.net
1 cdn.adnw.xyz
45 30

This site contains no links.

Subject Issuer Validity Valid
*.ssp.hinet.net
 2017-11-29 -
2020-11-29		 3 years crt.sh
static-tagr.gd1.mookie1.com
DigiCert SHA2 Secure Server CA		 2019-01-29 -
2020-01-30		 a year crt.sh
*.cdn.hinet.net
 2019-05-10 -
2021-08-11		 2 years crt.sh
*.doublemax.net
Go Daddy Secure Certificate Authority - G2		 2019-05-07 -
2020-06-24		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2019-07-17 -
2020-07-17		 a year crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2019-03-28 -
2020-04-01		 a year crt.sh
*.innity.com
AlphaSSL CA - SHA256 - G2		 2018-11-15 -
2020-11-15		 2 years crt.sh
adnw.xyz
COMODO RSA Domain Validation Secure Server CA		 2017-04-23 -
2020-04-22		 3 years crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018		 2019-01-11 -
2021-04-11		 2 years crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2019-03-26 -
2020-03-30		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-29 -
2020-04-23		 a year crt.sh
dmp.eland-tech.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-21 -
2021-04-21		 2 years crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Frame ID: 71CBB2935FB36E642CB8CF897DFA5576
Requests: 14 HTTP requests in this frame

Frame: https://fcm.doublemax.net/cm.php
Frame ID: F5FCA689D12D53B60D0DAF4AE8648C57
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doublemax.net/js/capmapping.htm
Frame ID: 41395E72C930B944465E6E3E30BB7A05
Requests: 1 HTTP requests in this frame

Frame: https://cdncf-hinetwork.cdn.hinet.net/js/innity.js
Frame ID: F1821AC4AADCEFD2138E3D3C45D1EFBB
Requests: 17 HTTP requests in this frame

Frame: http://cdn.aralego.net/ucfad/sdk/us-east/ucfad_min_f1863f5cd8a88c656b5afc807e7acb4e5e63efbe.js
Frame ID: 12F6D14A23AABBF24EAF8B8B5B6B2BBA
Requests: 4 HTTP requests in this frame

Frame: https://dmp.eland-tech.com/dmpreceiver/viewreceiver?log_type=view&DMP_SR=clickforce&url=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2Fmace9ro-%2Fpassback.html&refer_url=&platform=PC&os=MacOS&browser=Chrome&subDomain=pb-&info=6782:8843:23172:cdb7b7dbe99dec9d5b744da5caa44373:2256&cf_uid=undefined&target=ad&ce=1&fp2=138a6e55309095c540fe4df217ed4d08&google_gid=CAESEN-XV2EFAwdAD-y9f2ThSQI&google_cver=1
Frame ID: 928D81BA0A3E1E78FF9FBC0DF115DAD5
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 62AD649D8C28831EB1BD39B3CBE57EBA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/zrt_lookup.html
Frame ID: 3F32DABFB4664CB02EE0873681E5932B
Requests: 1 HTTP requests in this frame

Frame: https://adx.doublemax.net/tos_zone/pb_ads/9096981157.html
Frame ID: 025B65A27A8D52BFD3B2E0AE0A4A32EF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /adnxs\.(?:net|com)/i
Overall confidence: 100%
Detected patterns
  • script /fingerprint(\d)?(?:\.min)?\.js/i

Page Statistics

45
Requests

62 %
HTTPS

24 %
IPv6

20
Domains

30
Subdomains

23
IPs

8
Countries

222 kB
Transfer

591 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://mt.doublemax.net/match?cf_tp=holmesmind HTTP 302
  • https://mt.doublemax.net/match?cf_tc=&cf_tp=holmesmind HTTP 302
  • https://mt.doublemax.net/match?cf_tp=holmesmind& HTTP 302
  • https://c.holmesmind.com/cm?cf_uid=217247-k8rdx51tJ3fygktYQmQNwM6igGQjxzmi&
Request Chain 25
  • http://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/md5.js HTTP 307
  • https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/md5.js
Request Chain 26
  • http://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/eland_fingerprint.js?version=1.0.22 HTTP 307
  • https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/eland_fingerprint.js?version=1.0.22
Request Chain 27
  • http://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/eland_tracker_utils.js?version=1.0.22 HTTP 307
  • https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/eland_tracker_utils.js?version=1.0.22
Request Chain 30
  • http://agent.aralego.com/sdk HTTP 302
  • http://cdn.aralego.net/ucfad/sdk/us-east/ucfad_min_f1863f5cd8a88c656b5afc807e7acb4e5e63efbe.js
Request Chain 32
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&log_type=view&DMP_SR=clickforce&url=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2Fmace9ro-%2Fpassback.html&refer_url=&platform=PC&os=MacOS&browser=Chrome&subDomain=pb-&info=6782:8843:23172:cdb7b7dbe99dec9d5b744da5caa44373:2256&cf_uid=undefined&target=ad&ce=1&fp2=138a6e55309095c540fe4df217ed4d08& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&log_type=view&DMP_SR=clickforce&url=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2Fmace9ro-%2Fpassback.html&refer_url=&platform=PC&os=MacOS&browser=Chrome&subDomain=pb-&info=6782:8843:23172:cdb7b7dbe99dec9d5b744da5caa44373:2256&cf_uid=undefined&target=ad&ce=1&fp2=138a6e55309095c540fe4df217ed4d08&google_tc= HTTP 302
  • https://m.doublemax.net/ml/google?log_type=view&DMP_SR=clickforce&url=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2Fmace9ro-%2Fpassback.html&refer_url=&platform=PC&os=MacOS&browser=Chrome&subDomain=pb-&info=6782:8843:23172:cdb7b7dbe99dec9d5b744da5caa44373:2256&cf_uid=undefined&target=ad&ce=1&fp2=138a6e55309095c540fe4df217ed4d08&google_gid=CAESEN-XV2EFAwdAD-y9f2ThSQI&google_cver=1 HTTP 302
  • https://dmp.eland-tech.com/dmpreceiver/viewreceiver?log_type=view&DMP_SR=clickforce&url=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2Fmace9ro-%2Fpassback.html&refer_url=&platform=PC&os=MacOS&browser=Chrome&subDomain=pb-&info=6782:8843:23172:cdb7b7dbe99dec9d5b744da5caa44373:2256&cf_uid=undefined&target=ad&ce=1&fp2=138a6e55309095c540fe4df217ed4d08&google_gid=CAESEN-XV2EFAwdAD-y9f2ThSQI&google_cver=1
Request Chain 41
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=8239810021&adk=1667307460&adf=1301162737&w=300&lmt=1575373356&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2FmaCe9ro-%2Fpassback.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1575373356402&bpp=21&bdt=281&fdt=51&idt=52&shv=r20191114&cbv=r20190131&saldr=sa&correlator=5141610697636&frm=23&ife=1&pv=2&ga_vid=1600100796.1575373356&ga_sid=1575373356&ga_hid=1248619351&ga_fc=0&iag=63&icsg=170&nhd=3&dssz=5&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&isw=300&ish=250&ifk=896494131&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=208796185310772&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.ckb939a1uuyo&fsb=1&dtd=64 HTTP 302
  • https://adx.doublemax.net/tos_zone/pb_ads/9096981157.html

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request passback.html
cdn.adnw.xyz/pb/maCe9ro-/ 		269 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
HTTP/1.1
Server
2600:9000:20eb:8800:18:9c2c:95c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96961b803bdb7bcd585b7cc5c4939575bfcc2d5e33d2c3061cb84fb185d62d8b

Request headers

Host
cdn.adnw.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Content-Length
269
Connection
keep-alive
Date
Tue, 03 Dec 2019 11:42:33 GMT
Last-Modified
Thu, 01 Mar 2018 09:00:42 GMT
ETag
"4ad04dd6e81829ba56043eaccf4a4ab5"
Cache-Control
max-age=300
Accept-Ranges
bytes
Server
AmazonS3
X-Cache
Miss from cloudfront
Via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
uE5ixzZ16MxnUJHMytZUQg6PGwej18bmOQiarNzgfxIbN7401Rc98Q==
init.js
cdn.doublemax.net/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.doublemax.net/js/init.js
Requested by
Host: cdn.adnw.xyz
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
HTTP/1.1
Server
143.204.101.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-27.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93d49d50b9d459cdac923e0fa723b2772ec4eceffe1c0c6249fc9026cc010c8c

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 11:42:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Nov 2019 08:32:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA50-C1
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
application/javascript
Via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
ihhwUA6PhA-k47-Lgr0KHR6a9mTm4X-v6uaHVHsx67RKAA16hBAtKA==
tag.js
t.ssp.hinet.net/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/tag.js
Requested by
Host: cdn.doublemax.net
URL: http://cdn.doublemax.net/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.39.224.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
202-39-224-68.HINET-IP.hinet.net
Software
nginx /
Resource Hash
6e5fd21b0803ae1563e68df073f26cb339a3d37ac19dd5642070ea84134a9d9a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:34 GMT
content-encoding
gzip
last-modified
Fri, 29 Nov 2019 06:40:38 GMT
server
nginx
etag
W/"5de0bd66-c45"
vary
Accept-Encoding
content-type
application/javascript
status
200
strict-transport-security
max-age=0
tagr_lib_learn_tw_v3.js
static-tagr.gd1.mookie1.com/s1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tagr.gd1.mookie1.com/s1/tagr_lib_learn_tw_v3.js?tagid=V2_98222&id=ClickForce_Learn
Requested by
Host: cdn.doublemax.net
URL: http://cdn.doublemax.net/js/init.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.60.199 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-60-199.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
10407b8212733e00354b330f4e4790764e6bc187a9d2b6b62b27aeb387bc268b

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cteonnt-Length
4435
Date
Tue, 03 Dec 2019 11:42:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jul 2016 05:38:37 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"c40679-1153-538ab8ba59140"
Vary
Accept-Encoding
P3P
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
Cache-Control
private, max-age=49786
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
1274
checkSegmentsNFI.min.js
static-tagr.gd1.mookie1.com/s1/sas/lh1/ 		1 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tagr.gd1.mookie1.com/s1/sas/lh1/checkSegmentsNFI.min.js
Requested by
Host: cdn.doublemax.net
URL: http://cdn.doublemax.net/js/init.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.60.199 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-60-199.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
afc3261eac9e8f5606c513fa7c62f5add4200b8d171d1972f11abe2ec1a0ac41

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 11:42:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Nov 2016 14:26:27 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"c603c6-428-5406657c62ac0"
ntCoent-Length
1064
Vary
Accept-Encoding
P3P
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
554
edmp_init.js
cdncf-hinetwork.cdn.hinet.net/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdncf-hinetwork.cdn.hinet.net/js/edmp_init.js
Requested by
Host: cdn.doublemax.net
URL: http://cdn.doublemax.net/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.39.143.233 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
202-39-143-233.HINET-IP.hinet.net
Software
HiNetCDN/1908 /
Resource Hash
9d01ef4d266d5013966aba9028088df4527041f779756e6a887fb2d4f775bfc2

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:34 GMT
via
1.1 503a7e42fcb73854ab5b5c5a13d97724.cloudfront.net (CloudFront)
last-modified
Tue, 22 Oct 2019 01:47:43 GMT
server
HiNetCDN/1908
x-amz-cf-pop
TPE52-C1
etag
W/"6a626269b2d1a3554ff03e9e1ec2faac"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
content-encoding
br
x-amz-cf-id
LGpA188Lhjhjw-qhMI1kc6CHekQ18D2hL4Q6Pa6LOfQK0BcWQmK5vw==
cm.php
fcm.doublemax.net/ Frame F5FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.doublemax.net/cm.php
Requested by
Host: cdn.doublemax.net
URL: http://cdn.doublemax.net/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.67.231 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash

Request headers

:method
GET
:authority
fcm.doublemax.net
:scheme
https
:path
/cm.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html

Response headers

status
200
server
nginx/1.10.3 (Ubuntu)
date
Tue, 03 Dec 2019 11:42:34 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-encoding
gzip
via
1.1 google
alt-svc
clear
capmapping.htm
cdn.doublemax.net/js/ Frame 4139 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.doublemax.net/js/capmapping.htm
Requested by
Host: cdn.doublemax.net
URL: http://cdn.doublemax.net/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-27.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn.doublemax.net
:scheme
https
:path
/js/capmapping.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html

Response headers

status
200
content-type
text/html
last-modified
Thu, 08 Aug 2019 10:31:34 GMT
server
AmazonS3
content-encoding
gzip
date
Tue, 03 Dec 2019 11:42:35 GMT
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
S2_L4hU63-eBDGhFzCWLnIiKKaPCvrnfM1SFT9_-EOFz7rEdXHtbjQ==
innity.js
cdncf-hinetwork.cdn.hinet.net/js/ Frame F182 		1 KB
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdncf-hinetwork.cdn.hinet.net/js/innity.js
Requested by
Host: cdn.doublemax.net
URL: http://cdn.doublemax.net/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.39.143.233 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
202-39-143-233.HINET-IP.hinet.net
Software
HiNetCDN/1908 /
Resource Hash
14b2d688a0007f7243bc8ee69d79c35a25d6c2be9720b607feb9e91de5bbb8ec

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:34 GMT
via
1.1 42c367fe651656ce4584288ecfc3bed0.cloudfront.net (CloudFront)
last-modified
Wed, 02 May 2018 06:10:27 GMT
server
HiNetCDN/1908
age
43
etag
W/"96e38c2122b0a6509ba8be7450d52924"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
x-amz-cf-pop
TPE50-C1
content-encoding
br
x-amz-cf-id
Fn-O92aP0GN4LA3m_aK0I2i6F-I_Cj9Hb2XpK6iaQYU5KarFP8jo3w==
rtbhouse.js
cdncf-hinetwork.cdn.hinet.net/js/ Frame F182 		933 B
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdncf-hinetwork.cdn.hinet.net/js/rtbhouse.js
Requested by
Host: cdn.doublemax.net
URL: http://cdn.doublemax.net/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.39.143.233 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
202-39-143-233.HINET-IP.hinet.net
Software
HiNetCDN/1908 /
Resource Hash
33da84eddbebf4ad4e95e8214a1c3a86cbd2c1e0e7792cda084e51cf40de2324

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:34 GMT
via
1.1 d2f7e6b0cc7e03594d93de0bbedff602.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jun 2018 06:50:26 GMT
server
HiNetCDN/1908
age
14
etag
W/"4c887d0a9f3094cb28e4beb44836f1bd"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
x-amz-cf-pop
TPE50-C1
content-encoding
br
x-amz-cf-id
0wvio_QpH8ZBb0DkXjWk49JLrXianVFZmtcVA-7SZwBU1MZWRKj0_A==
publishertag.js
static.criteo.net/js/ld/ Frame F182 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.doublemax.net
URL: http://cdn.doublemax.net/js/init.js
Protocol
HTTP/1.1
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
40483fac4e86b90f4d46c4b9ab5b5a25662849de0c9789e571abc23ef1217a6e

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:33 GMT
content-encoding
gzip
last-modified
Fri, 25 Oct 2019 13:44:17 GMT
server
nginx
etag
W/"5db2fc31-15cda"
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Wed, 04 Dec 2019 11:42:33 GMT
crt_new.js
cdncf-hinetwork.cdn.hinet.net/js/ Frame F182 		1 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdncf-hinetwork.cdn.hinet.net/js/crt_new.js
Requested by
Host: cdn.doublemax.net
URL: http://cdn.doublemax.net/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.39.143.233 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
202-39-143-233.HINET-IP.hinet.net
Software
HiNetCDN/1908 /
Resource Hash
184a2e7ea9e67993f184c25ad0736cc0b1317ecb9c56193ed0fdc942c01fefc9

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:34 GMT
via
1.1 f13edda1adc32d70c799e0e29755d1ce.cloudfront.net (CloudFront)
last-modified
Fri, 02 Aug 2019 02:06:47 GMT
server
HiNetCDN/1908
age
45
etag
W/"405e361e782a45ae58cb24d381367ae8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
x-amz-cf-pop
TPE50-C1
content-encoding
br
x-amz-cf-id
Dzde97k-luZjuzkVw9N7X50DkLIl89dbYQqEYUf3IAzORSEjaW8-1g==
appier.js
cdncf-hinetwork.cdn.hinet.net/js/ Frame F182 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdncf-hinetwork.cdn.hinet.net/js/appier.js
Requested by
Host: cdn.doublemax.net
URL: http://cdn.doublemax.net/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.39.143.233 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
202-39-143-233.HINET-IP.hinet.net
Software
HiNetCDN/1908 /
Resource Hash
86bde61327dcf5c5266a4a6f70d5fb4a6f37d90873bacdd87ea61af4674c7d8b

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:34 GMT
via
1.1 503a7e42fcb73854ab5b5c5a13d97724.cloudfront.net (CloudFront)
last-modified
Tue, 15 Oct 2019 08:50:34 GMT
server
HiNetCDN/1908
x-amz-cf-pop
TPE52-C1
etag
W/"b458d227aaf35a566fac58ac99f5d2ea"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
content-encoding
br
x-amz-cf-id
AAoe4i8nGuqXfqdegyk4AB4vGLSeNeBRTpHa4TTV9mpN8S7P-srefA==
bridgewell.js
cdncf-hinetwork.cdn.hinet.net/js/ Frame F182 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdncf-hinetwork.cdn.hinet.net/js/bridgewell.js
Requested by
Host: cdn.doublemax.net
URL: http://cdn.doublemax.net/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.39.143.233 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
202-39-143-233.HINET-IP.hinet.net
Software
HiNetCDN/1908 /
Resource Hash
6614906005e495c5acc8739d7c9f3efc2254a9d0f0222f3277e7844cceed307b

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:34 GMT
via
1.1 a6da6039721453d9bbf56f74dea1a927.cloudfront.net (CloudFront)
last-modified
Mon, 09 Sep 2019 05:43:18 GMT
server
HiNetCDN/1908
x-amz-cf-pop
TPE52-C1
etag
W/"dd5d613ca0256413186d28cb3b475ccd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
content-encoding
br
x-amz-cf-id
vs4Zz-JQMK17rE1WR2uZRYQQyxiVoRKNFtMT9_M1otZyFbfc2bwFnA==
ads.js
ad.doublemax.net/adserver/ Frame F182 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.doublemax.net/adserver/ads.js?z=6782&rf=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2FmaCe9ro-%2Fpassback.html&n=21&o=2&d=1&b=2&ts=1&ii=3
Requested by
Host: cdn.doublemax.net
URL: http://cdn.doublemax.net/js/init.js
Protocol
HTTP/1.1
Server
35.186.230.197 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
197.230.186.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
a7c6030c0a99451a30fdb81d86e8bae30af85052bfa5169a6af0945df40fc66a

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 11:42:34 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
X-Powered-By
PHP/7.0.18-0ubuntu0.17.04.1
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://cdn.adnw.xyz
Access-Control-Allow-Credentials
true
Transfer-Encoding
chunked
Via
1.1 google
cm
c.holmesmind.com/
Redirect Chain
  • https://mt.doublemax.net/match?cf_tp=holmesmind
  • https://mt.doublemax.net/match?cf_tc=&cf_tp=holmesmind
  • https://mt.doublemax.net/match?cf_tp=holmesmind&
  • https://c.holmesmind.com/cm?cf_uid=217247-k8rdx51tJ3fygktYQmQNwM6igGQjxzmi&
0
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?cf_uid=217247-k8rdx51tJ3fygktYQmQNwM6igGQjxzmi&
Requested by
Host: cdn.adnw.xyz
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.76.93 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 03 Dec 2019 11:42:34 GMT
via
1.1 google
alt-svc
clear
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-type
text/html; charset=UTF-8

Redirect headers

date
Tue, 03 Dec 2019 11:42:34 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
location
https://c.holmesmind.com/cm?cf_uid=217247-k8rdx51tJ3fygktYQmQNwM6igGQjxzmi&
content-type
text/html; charset=UTF-8
status
302
alt-svc
clear
learn
tw-gmtdmp.mookie1.com/t/v2/ 		43 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tw-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_98222&src.domain=cdn.adnw.xyz&src.url=%252Fpb%252FmaCe9ro-%252Fpassback.html&src.id=ClickForce_Learn&src.rand=8256561088
Requested by
Host: cdn.adnw.xyz
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
HTTP/1.1
Server
35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
26.202.227.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 11:42:33 GMT
Via
1.1 google
Server
Apache
P3P
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
image/gif;charset=UTF-8
Content-Length
43
X-Application-Context
application
Expires
Thu, 01 Jan 1970 00:00:00 GMT
jpt
ib.adnxs.com/ 		0
659 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/jpt?id=10761225&callback=window.xaxS.auctionResult&cb=1344327873
Requested by
Host: static-tagr.gd1.mookie1.com
URL: https://static-tagr.gd1.mookie1.com/s1/sas/lh1/checkSegmentsNFI.min.js
Protocol
HTTP/1.1
Server
185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 11:42:35 GMT
AN-X-Request-Uuid
eedd3694-7a27-4f26-b85d-09df26696b4b
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
89.38.96.189; 89.38.96.189; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.40:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
t.ssp.hinet.net/ 		36 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js
Protocol
HTTP/1.1
Server
202.39.224.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
202-39-224-68.HINET-IP.hinet.net
Software
nginx /
Resource Hash
b5ce2d8a97017465a2e7af6a93600040b47c9da8a095d328da43694daa1aecd3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Origin
http://cdn.adnw.xyz

Response headers

Date
Tue, 03 Dec 2019 11:42:34 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, Origin
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://cdn.adnw.xyz
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
cdb
bidder.criteo.com/ Frame F182 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=76&profileId=184&cb=78299830573
Requested by
Host: static.criteo.net
URL: http://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Origin
http://cdn.adnw.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

status
204
date
Tue, 03 Dec 2019 11:42:34 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://cdn.adnw.xyz
timing-allow-origin
*
vary
Origin
draw.js
cdncf-hinetwork.cdn.hinet.net/js/ Frame F182 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdncf-hinetwork.cdn.hinet.net/js/draw.js
Requested by
Host: ad.doublemax.net
URL: http://ad.doublemax.net/adserver/ads.js?z=6782&rf=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2FmaCe9ro-%2Fpassback.html&n=21&o=2&d=1&b=2&ts=1&ii=3
Protocol
HTTP/1.1
Server
202.39.143.233 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
202-39-143-233.HINET-IP.hinet.net
Software
HiNetCDN/1908 /
Resource Hash
e72c63a3406aa864c31bc1f74ea4f0ab5022ff63869669531907d810dcf8d10e

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 11:42:35 GMT
Via
1.1 b3f2829423a128e564944f5af75ecda5.cloudfront.net (CloudFront)
Last-Modified
Mon, 19 Aug 2019 03:19:18 GMT
Server
HiNetCDN/1908
X-Amz-Cf-Pop
TPE50-C1
ETag
W/"11e1af63f13f846c3da945cdd3ef655f"
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
X-Amz-Cf-Id
c0qS4okHV5AotvAKppOVKEuBpWi5Dm2iul8jnB1ukcQ56k-qqDQEjQ==
/
as.innity.com/synd/ Frame F182 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1575373354778&ver=2&hb=1&output=js&pub=3754&zone=66999&url=http%253A%252F%252Fcdn.adnw.xyz%252Fpb%252FmaCe9ro-%252Fpassback.html&width=300&height=250&callback=setUpInnity&callback_uid=1575373354778
Requested by
Host: cdncf-hinetwork.cdn.hinet.net
URL: https://cdncf-hinetwork.cdn.hinet.net/js/innity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.183.194 Central, Hong Kong, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
c2.b7.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
cca22c1c79d45cd47ce92574597b90f93c58f4b79c9edd8aa764611cba935258

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 11:42:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Dec 2019 11:42:35 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
close
Content-Type
text/javascript; charset=utf-8
Content-Length
556
Expires
Sat, 03 Sep 1983 02:00:00 GMT
bid
ad2.apx.appier.net/v1/prebid/ Frame F182 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid
Requested by
Host: cdncf-hinetwork.cdn.hinet.net
URL: https://cdncf-hinetwork.cdn.hinet.net/js/appier.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.167.129 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
129.167.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Origin
http://cdn.adnw.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame F182 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdncf-hinetwork.cdn.hinet.net
URL: https://cdncf-hinetwork.cdn.hinet.net/js/rtbhouse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
unused-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Origin
http://cdn.adnw.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
204
date
Tue, 03 Dec 2019 11:42:35 GMT
access-control-allow-credentials
true
access-control-allow-origin
http://cdn.adnw.xyz
access-control-max-age
3600
access-control-allow-methods
POST
pixel.gif
static.criteo.net/images/ Frame F182 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: cdn.adnw.xyz
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:34 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
access-control-allow-origin
*
etag
"493ea254-2b"
content-type
image/gif
status
200
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 27 Nov 2020 11:42:34 GMT
pixel.gif
static.criteo.net/images/ Frame F182 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: cdn.adnw.xyz
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:34 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
access-control-allow-origin
*
etag
"493ea254-2b"
content-type
image/gif
status
200
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 27 Nov 2020 11:42:34 GMT
md5.js
cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/
Redirect Chain
  • http://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/md5.js
  • https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/md5.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/md5.js
Requested by
Host: cdn.adnw.xyz
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
6ea475af3be4ba789dbeef53f7e183a23ad34a24b93ff6f13cdd8b46b75a36cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Tue, 03 Dec 2019 11:42:35 GMT
content-length
1520
x-served-by
cache-ams21028-AMS, cache-fra19142-FRA
etag
W/"e8f-835KkrjMqXOxhgoBH9KCvwMoePI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

Location
https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/md5.js
Non-Authoritative-Reason
HSTS
eland_fingerprint.js
cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/
Redirect Chain
  • http://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/eland_fingerprint.js?version=1.0.22
  • https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/eland_fingerprint.js?version=1.0.22
28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/eland_fingerprint.js?version=1.0.22
Requested by
Host: cdn.adnw.xyz
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
19ba711f9d0c8ed7c6ad740ac3a9727ab3a94a0fde0ebc08b3f3fd65f04ef2c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Tue, 03 Dec 2019 11:42:35 GMT
content-length
10719
x-served-by
cache-ams21020-AMS, cache-fra19142-FRA
etag
W/"7151-vv1bigCWUPhIk0H1K5nISWNaY4M"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

Location
https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/eland_fingerprint.js?version=1.0.22
Non-Authoritative-Reason
HSTS
eland_tracker_utils.js
cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/
Redirect Chain
  • http://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/eland_tracker_utils.js?version=1.0.22
  • https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/eland_tracker_utils.js?version=1.0.22
15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/eland_tracker_utils.js?version=1.0.22
Requested by
Host: cdn.adnw.xyz
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
628135c60aabbebdaecb9bfad9c1f192e6ccada2a1a70d7a1371c0511b2831e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Tue, 03 Dec 2019 11:42:35 GMT
content-length
3384
x-served-by
cache-ams21024-AMS, cache-fra19142-FRA
etag
W/"3be4-3PcRmPCZgDhq3CzaWhXv5LRfMqI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

Location
https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/eland_tracker_utils.js?version=1.0.22
Non-Authoritative-Reason
HSTS
pixel
t.ssp.hinet.net/ 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://t.ssp.hinet.net/pixel?bd=7be3a37c-c90f-4840-a504-39d1850e82a4&t=50ef57
Requested by
Host: cdn.adnw.xyz
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
HTTP/1.1
Server
202.39.224.68 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
202-39-224-68.HINET-IP.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 11:42:35 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
image/png
2.js
cdncf-hinetwork.cdn.hinet.net/js/tmp2/ Frame F182 		857 B
854 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdncf-hinetwork.cdn.hinet.net/js/tmp2/2.js
Requested by
Host: cdn.adnw.xyz
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
HTTP/1.1
Server
202.39.143.233 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
202-39-143-233.HINET-IP.hinet.net
Software
HiNetCDN/1908 /
Resource Hash
24af08111a4eaa7af9b691d2b36e4c2bf2290edba765e02151da03ab7b88c0c3

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 11:42:35 GMT
Via
1.1 0b67eb6a39657fa6d911d85ba56004ed.cloudfront.net (CloudFront)
Last-Modified
Wed, 06 Dec 2017 07:54:25 GMT
Server
HiNetCDN/1908
Age
56
ETag
W/"e24f4884d54f334d7fc409cffb3b15b1"
Vary
Accept-Encoding, Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Transfer-Encoding
chunked
X-Amz-Cf-Pop
TPE50-C1
Connection
keep-alive
Content-Encoding
gzip
X-Amz-Cf-Id
1qWVjnOaxlTde0maCojL7WnsehZ26iz0JnvXe8t7uoDBXbk5piPKpA==
ucfad_min_f1863f5cd8a88c656b5afc807e7acb4e5e63efbe.js
cdn.aralego.net/ucfad/sdk/us-east/ Frame 12F6
Redirect Chain
  • http://agent.aralego.com/sdk
  • http://cdn.aralego.net/ucfad/sdk/us-east/ucfad_min_f1863f5cd8a88c656b5afc807e7acb4e5e63efbe.js
31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.aralego.net/ucfad/sdk/us-east/ucfad_min_f1863f5cd8a88c656b5afc807e7acb4e5e63efbe.js
Requested by
Host: cdn.adnw.xyz
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
HTTP/1.1
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c723da7755ddfb2a04148a7f96ec799390d455b34883f525e8e19f1da7043ced

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 11:42:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 18 Nov 2019 14:34:08 GMT
Server
cloudflare
Age
6234
ETag
W/"5dd2abe0-7ac3"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
CF-RAY
53f54733adfacbb0-VIE
Cf-Bgj
minify

Redirect headers

location
http://cdn.aralego.net/ucfad/sdk/us-east/ucfad_min_f1863f5cd8a88c656b5afc807e7acb4e5e63efbe.js
date
Tue, 03 Dec 2019 11:42:36 GMT
connection
close
content-length
116
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
i
ad.doublemax.net/adserver/ Frame F182 		0
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.doublemax.net/adserver/i?ut=1575373354&p=6782:8843:23172:cdb7b7dbe99dec9d5b744da5caa44373:2256
Requested by
Host: cdn.adnw.xyz
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
HTTP/1.1
Server
35.186.230.197 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
197.230.186.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 11:42:36 GMT
Via
1.1 google
Server
nginx/1.10.3 (Ubuntu)
X-Powered-By
PHP/7.0.18-0ubuntu0.17.04.1
Transfer-Encoding
chunked
Content-Type
image/png
Cookie set viewreceiver
dmp.eland-tech.com/dmpreceiver/ Frame 928D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&log_type=view&DMP_SR=clickforce&url=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2Fmace9ro-%2Fpassback.html&refer_url=&platform=PC&os=MacOS&...
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&log_type=view&DMP_SR=clickforce&url=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2Fmace9ro-%2Fpassback.html&refer_url=&platform=PC&os=MacOS...
  • https://m.doublemax.net/ml/google?log_type=view&DMP_SR=clickforce&url=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2Fmace9ro-%2Fpassback.html&refer_url=&platform=PC&os=MacOS&browser=Chrome&subDomain=pb-&info=678...
  • https://dmp.eland-tech.com/dmpreceiver/viewreceiver?log_type=view&DMP_SR=clickforce&url=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2Fmace9ro-%2Fpassback.html&refer_url=&platform=PC&os=MacOS&browser=Chrome&subD...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://dmp.eland-tech.com/dmpreceiver/viewreceiver?log_type=view&DMP_SR=clickforce&url=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2Fmace9ro-%2Fpassback.html&refer_url=&platform=PC&os=MacOS&browser=Chrome&subDomain=pb-&info=6782:8843:23172:cdb7b7dbe99dec9d5b744da5caa44373:2256&cf_uid=undefined&target=ad&ce=1&fp2=138a6e55309095c540fe4df217ed4d08&google_gid=CAESEN-XV2EFAwdAD-y9f2ThSQI&google_cver=1
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@latest/eland_tracker_utils.js?version=1.0.22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.138.202 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-186-138-202.us-west-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
dmp.eland-tech.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Cache-control
no-cache="set-cookie"
Content-Type
text/html;charset=UTF-8
Date
Tue, 03 Dec 2019 11:42:36 GMT
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Server
Apache-Coyote/1.1
Set-Cookie
JSESSIONID=AE3063FC922BFBCFA938D8B74E2504CB; Path=/dmpreceiver/; HttpOnly edmp_uuid=138A6E55309095C540FE4DF217ED4D08; Domain=.eland-tech.com; Expires=Wed, 02-Dec-2020 11:42:36 GMT; Path=/; HttpOnly edmp_uuid_timestamp=1575373356480; Domain=.eland-tech.com; Expires=Wed, 02-Dec-2020 11:42:36 GMT; Path=/; HttpOnly opt_out=0; Domain=.eland-tech.com; Expires=Wed, 02-Dec-2020 11:42:36 GMT; Path=/; HttpOnly AWSELB=F18B0BC5168B8529F375F860BE0B0658FAD193691A91116B354FFE44F799B1E302EF0BFFEA5B04FC0029EEAB9EC6F339CBB0AEBF59307EE7E3F6461D323CA872A1E48DCD14;PATH=/;MAX-AGE=1800
X-Robots-Tag
noindex, nofollow, noarchive, none
Content-Length
0
Connection
keep-alive

Redirect headers

status
302
server
nginx/1.12.1
date
Tue, 03 Dec 2019 11:42:36 GMT
content-type
text/html
content-length
161
location
https://dmp.eland-tech.com/dmpreceiver/viewreceiver?log_type=view&DMP_SR=clickforce&url=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2Fmace9ro-%2Fpassback.html&refer_url=&platform=PC&os=MacOS&browser=Chrome&subDomain=pb-&info=6782:8843:23172:cdb7b7dbe99dec9d5b744da5caa44373:2256&cf_uid=undefined&target=ad&ce=1&fp2=138a6e55309095c540fe4df217ed4d08&google_gid=CAESEN-XV2EFAwdAD-y9f2ThSQI&google_cver=1
x-frame-options
SAMEORIGIN
via
1.1 google
alt-svc
clear
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 12F6 		975 B
769 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: cdn.aralego.net
URL: http://cdn.aralego.net/ucfad/sdk/us-east/ucfad_min_f1863f5cd8a88c656b5afc807e7acb4e5e63efbe.js
Protocol
HTTP/1.1
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 11:42:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
5708
Cf-Polished
origSize=1191
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 16 Mar 2018 07:19:46 GMT
Server
cloudflare
ETag
W/"5aab7012-4a7"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Access-Control-Allow-Credentials
true
CF-RAY
53f54733ce56cbb0-VIE
Cf-Bgj
minify
ad_request
ads.aralego.com/ Frame 12F6 		476 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=cdn.adnw.xyz&u=http%3A%2F%2Fcdn.adnw.xyz%2Fpb%2FmaCe9ro-%2Fpassback.html&xr=0&adid=ad-4883892AA2738B91EA439B729372738&w=300&h=250&ver=ADGENT_WEB-2017091501&pos=1&seq=0&euconsent=&cb=0.5671696513404483
Requested by
Host: cdn.aralego.net
URL: http://cdn.aralego.net/ucfad/sdk/us-east/ucfad_min_f1863f5cd8a88c656b5afc807e7acb4e5e63efbe.js
Protocol
HTTP/1.1
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
Software
/
Resource Hash
db0c5fffb2dc04e3bbe4c358abc46ac176992356d990a5fd1649dd6973ea45e7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Origin
http://cdn.adnw.xyz

Response headers

date
Tue, 03 Dec 2019 11:42:36 GMT
x-width
300
x-height
250
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
http://cdn.adnw.xyz
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource
x-adsource
PSA
x-adtype
html
connection
close
access-control-allow-credentials
true
content-length
476
x-adstyle
banner
idsync
sync.aralego.com/ Frame 12F6 		35 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sync.aralego.com/idsync
Requested by
Host: cdn.adnw.xyz
URL: http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
Protocol
HTTP/1.1
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:37 GMT
connection
close
content-length
35
content-type
image/gif
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 62AD 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: cdn.aralego.net
URL: http://cdn.aralego.net/ucfad/sdk/us-east/ucfad_min_f1863f5cd8a88c656b5afc807e7acb4e5e63efbe.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
b1292c0acdb4610ac4be95b056684ce98eeecf594f728ac90cffc340fcace05f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 11:42:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
14570833437726855763
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
29027
X-XSS-Protection
0
Expires
Tue, 03 Dec 2019 11:42:36 GMT
integrator.js
adservice.google.de/adsid/ Frame 62AD 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn.adnw.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 62AD 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.adnw.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/ Frame 62AD 		220 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
b198f6c8ffd50a477f7dea4911bcbeb614271d080084eb189c30716ef24af5db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
84789
x-xss-protection
0
server
cafe
etag
6374670274128428363
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Dec 2019 11:42:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/ Frame 3F32 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191114/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm7Z3m9Syo79xiP-Oc7rjp6I9vQZY7w_XoQSskajr8kqo8A2p9zU68_9kur
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 20 Nov 2019 08:19:49 GMT
expires
Wed, 04 Dec 2019 08:19:49 GMT
content-type
text/html; charset=UTF-8
etag
9688732929695215001
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6504
x-xss-protection
0
cache-control
public, max-age=1209600
age
1135367
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
9096981157.html
adx.doublemax.net/tos_zone/pb_ads/ Frame 025B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=8239810021&adk=1667307460&adf=1301162737&w=300&lmt=1575373356&guci=1.2.0.0.2.2.0.0&url=http%...
  • https://adx.doublemax.net/tos_zone/pb_ads/9096981157.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.doublemax.net/tos_zone/pb_ads/9096981157.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-27.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
adx.doublemax.net
:scheme
https
:path
/tos_zone/pb_ads/9096981157.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html

Response headers

status
200
content-type
text/html
content-length
572
date
Tue, 03 Dec 2019 06:52:35 GMT
last-modified
Mon, 07 Aug 2017 02:46:29 GMT
etag
"ce6d9b52995c4e62a4d98d5205e5ba06"
accept-ranges
bytes
server
AmazonS3
x-cache
RefreshHit from cloudfront
via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
nCAQEReMSTQY_6YS-Qyfhwp1Q20j5zEouwPUJrSjitwbS1ETZoAk7w==

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
location
https://adx.doublemax.net/tos_zone/pb_ads/9096981157.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 03 Dec 2019 11:42:36 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/ Frame 62AD 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 11:42:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29338
x-xss-protection
0
expires
Tue, 03 Dec 2019 11:42:36 GMT
av
ad.doublemax.net/adserver/ Frame F182 		0
293 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ad.doublemax.net/adserver/av?p=6782:8843:23172:cdb7b7dbe99dec9d5b744da5caa44373:2256&type=1
Requested by
Host: cdncf-hinetwork.cdn.hinet.net
URL: http://cdncf-hinetwork.cdn.hinet.net/js/draw.js
Protocol
HTTP/1.1
Server
35.186.230.197 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
197.230.186.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cdn.adnw.xyz/pb/maCe9ro-/passback.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 11:42:36 GMT
Via
1.1 google
Server
nginx/1.10.3 (Ubuntu)
X-Powered-By
PHP/7.0.18-0ubuntu0.17.04.1
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Content-Encoding
gzip

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| innity_append_iframe number| edmpvct number| edmpcct function| c_tag_mk number| cftkn function| chktkn object| xaxParams object| xaxS string| hienv object| hitag object| ElandTracker function| dmpSr_view_log function| dmpSr_click_log function| stfpjs function| cookie_mapping function| ElandPromise function| Fingerprint2 object| google_reactive_ads_global_state object| google_jobrunner object| google_ad_modifications number| google_global_correlator object| google_prev_clients

6 Cookies

Domain/Path Name / Value
.eland-tech.com/ Name: opt_out
Value: 0
dmp.eland-tech.com/ Name: AWSELB
Value: F18B0BC5168B8529F375F860BE0B0658FAD193691A91116B354FFE44F799B1E302EF0BFFEA5B04FC0029EEAB9EC6F339CBB0AEBF59307EE7E3F6461D323CA872A1E48DCD14
.doubleclick.net/ Name: IDE
Value: AHWqTUm7Z3m9Syo79xiP-Oc7rjp6I9vQZY7w_XoQSskajr8kqo8A2p9zU68_9kur
dmp.eland-tech.com/dmpreceiver/ Name: JSESSIONID
Value: AE3063FC922BFBCFA938D8B74E2504CB
.eland-tech.com/ Name: edmp_uuid_timestamp
Value: 1575373356480
.eland-tech.com/ Name: edmp_uuid
Value: 138A6E55309095C540FE4DF217ED4D08

1 Console Messages

Source Level URL
Text
console-api log URL: http://cdn.aralego.net/ucfad/sdk/us-east/ucfad_min_f1863f5cd8a88c656b5afc807e7acb4e5e63efbe.js(Line 1)
Message:
Get AD

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doublemax.net
ad2.apx.appier.net
ads.aralego.com
adservice.google.com
adservice.google.de
adx.doublemax.net
agent.aralego.com
as.innity.com
bidder.criteo.com
c.holmesmind.com
cdn.adnw.xyz
cdn.aralego.net
cdn.doublemax.net
cdn.jsdelivr.net
cdncf-hinetwork.cdn.hinet.net
cm.g.doubleclick.net
dmp.eland-tech.com
fcm.doublemax.net
googleads.g.doubleclick.net
ib.adnxs.com
m.doublemax.net
mt.doublemax.net
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
static-tagr.gd1.mookie1.com
static.criteo.net
sync.aralego.com
t.ssp.hinet.net
tw-gmtdmp.mookie1.com
www.googletagservices.com
103.132.192.30
119.81.183.194
143.204.101.27
151.101.14.109
162.210.196.208
178.250.0.165
178.250.2.130
185.33.223.197
202.39.143.233
202.39.224.68
216.58.210.2
23.37.60.199
2600:9000:20eb:8800:18:9c2c:95c0:93a1
2606:4700:20::681a:467
2a00:1450:4001:816::2002
2a00:1450:4001:817::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2002
34.95.67.231
35.186.230.197
35.201.76.93
35.227.202.26
35.227.249.156
35.244.167.129
54.186.138.202
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
10407b8212733e00354b330f4e4790764e6bc187a9d2b6b62b27aeb387bc268b
14b2d688a0007f7243bc8ee69d79c35a25d6c2be9720b607feb9e91de5bbb8ec
184a2e7ea9e67993f184c25ad0736cc0b1317ecb9c56193ed0fdc942c01fefc9
19ba711f9d0c8ed7c6ad740ac3a9727ab3a94a0fde0ebc08b3f3fd65f04ef2c4
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
24af08111a4eaa7af9b691d2b36e4c2bf2290edba765e02151da03ab7b88c0c3
33da84eddbebf4ad4e95e8214a1c3a86cbd2c1e0e7792cda084e51cf40de2324
40483fac4e86b90f4d46c4b9ab5b5a25662849de0c9789e571abc23ef1217a6e
628135c60aabbebdaecb9bfad9c1f192e6ccada2a1a70d7a1371c0511b2831e2
6614906005e495c5acc8739d7c9f3efc2254a9d0f0222f3277e7844cceed307b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e5fd21b0803ae1563e68df073f26cb339a3d37ac19dd5642070ea84134a9d9a
6ea475af3be4ba789dbeef53f7e183a23ad34a24b93ff6f13cdd8b46b75a36cb
86bde61327dcf5c5266a4a6f70d5fb4a6f37d90873bacdd87ea61af4674c7d8b
93d49d50b9d459cdac923e0fa723b2772ec4eceffe1c0c6249fc9026cc010c8c
96961b803bdb7bcd585b7cc5c4939575bfcc2d5e33d2c3061cb84fb185d62d8b
9d01ef4d266d5013966aba9028088df4527041f779756e6a887fb2d4f775bfc2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a7c6030c0a99451a30fdb81d86e8bae30af85052bfa5169a6af0945df40fc66a
afc3261eac9e8f5606c513fa7c62f5add4200b8d171d1972f11abe2ec1a0ac41
b1292c0acdb4610ac4be95b056684ce98eeecf594f728ac90cffc340fcace05f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b198f6c8ffd50a477f7dea4911bcbeb614271d080084eb189c30716ef24af5db
b5ce2d8a97017465a2e7af6a93600040b47c9da8a095d328da43694daa1aecd3
c723da7755ddfb2a04148a7f96ec799390d455b34883f525e8e19f1da7043ced
cca22c1c79d45cd47ce92574597b90f93c58f4b79c9edd8aa764611cba935258
db0c5fffb2dc04e3bbe4c358abc46ac176992356d990a5fd1649dd6973ea45e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72c63a3406aa864c31bc1f74ea4f0ab5022ff63869669531907d810dcf8d10e