corona.filelinkdown.xyz Open in urlscan Pro
162.215.252.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://corona.filelinkdown.xyz/
Submission: On January 15 via manual (January 15th 2021, 5:58:25 am UTC) from IN

Summary HTTP 45 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 20 IPs in 10 countries across 23 domains to perform 45 HTTP transactions. The main IP is 162.215.252.35, located in Provo, United States and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is corona.filelinkdown.xyz.

This is the only time corona.filelinkdown.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	162.215.252.35 162.215.252.35	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
13	151.101.37.44 151.101.37.44	54113 (FASTLY) (FASTLY)
1 3	95.101.55.60 95.101.55.60	16625 (AKAMAI-AS) (AKAMAI-AS)
6	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
2 2	18.193.136.159 18.193.136.159	16509 (AMAZON-02) (AMAZON-02)
2 6	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	54.171.98.69 54.171.98.69	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	161.117.111.214 161.117.111.214	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	172.104.70.67 172.104.70.67	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
45	20

2 162.215.252.35 (Provo, United States)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: md-86.webhostbox.net

corona.filelinkdown.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.37.44 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.55.60 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-55-60.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.232.137.44 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.136.159 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-136-159.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.91 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.98.69 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-98-69.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.117.111.214 (Singapore, Singapore)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.70.67 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1680-67.members.linode.com

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	taboola.com 2 redirects cdn.taboola.com trc.taboola.com sync.taboola.com match.taboola.com sync-t1.taboola.com cds.taboola.com images.taboola.com trc-events.taboola.com	232 KB
3	doubleclick.net 2 redirects cm.g.doubleclick.net	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	adsrvr.org 2 redirects match.adsrvr.org	918 B
2	contextweb.com 1 redirects bh.contextweb.com	826 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	filelinkdown.xyz corona.filelinkdown.xyz	6 KB
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	360 B
1	criteo.com 1 redirects dis.criteo.com	525 B
1	emxdgt.com e1.emxdgt.com	124 B
1	adkernel.com dsp.adkernel.com	233 B
1	smartadserver.com rtb-csync.smartadserver.com	500 B
1	pubmatic.com simage2.pubmatic.com	885 B
1	adnxs.com ib.adnxs.com	690 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	googlesyndication.com pagead2.googlesyndication.com	47 KB
1	blogspot.com 1.bp.blogspot.com	53 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
0	4finance.com Failed rtb.4finance.com Failed
0	tapad.com Failed pixel.tapad.com Failed
45	23

	Domain	Requested by
7	cdn.taboola.com	corona.filelinkdown.xyz cdn.taboola.com
6	images.taboola.com	corona.filelinkdown.xyz
5	trc.taboola.com	cdn.taboola.com
4	sync.taboola.com	2 redirects
3	cm.g.doubleclick.net	2 redirects
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com corona.filelinkdown.xyz
2	ce.lijit.com	1 redirects
2	match.adsrvr.org	2 redirects
2	bh.contextweb.com	1 redirects
2	rtb.mfadsrvr.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	corona.filelinkdown.xyz	corona.filelinkdown.xyz
1	trc-events.taboola.com	cdn.taboola.com
1	cds.taboola.com
1	bttrack.com
1	s.c.appier.net	1 redirects
1	sync-t1.taboola.com
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com
1	dsp.adkernel.com
1	rtb-csync.smartadserver.com
1	simage2.pubmatic.com
1	ib.adnxs.com
1	pixel.rubiconproject.com
1	match.taboola.com
1	pagead2.googlesyndication.com	corona.filelinkdown.xyz
1	1.bp.blogspot.com	corona.filelinkdown.xyz
1	www.googletagmanager.com	corona.filelinkdown.xyz
0	rtb.4finance.com Failed
0	pixel.tapad.com Failed
45	30

This site contains links to these domains. Also see Links.

Domain
popup.taboola.com
rfvtgb.sizzlfy.com
www.bedtimez.com
www.dailyforest.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh

This page contains 2 frames:

Primary Page: http://corona.filelinkdown.xyz/
Frame ID: 166E4A42E2A15250D43224B2AF995C25
Requests: 26 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e15e1720-9fca-46ca-8981-e66e54fb4957&tbid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&query=taboola_hm%3De15e1720-9fca-46ca-8981-e66e54fb4957&isDirect=0
Frame ID: A571627B73D83B526A7CA8A3F7ADBCE3
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

45
Requests

84 %
HTTPS

17 %
IPv6

23
Domains

30
Subdomains

20
IPs

10
Countries

399 kB
Transfer

1031 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=openmagic-techcubenow&utm_medium=referral&utm_content=thumbnails-a-mid:Mid%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: http://rfvtgb.sizzlfy.com/worldwide/dogs-insurance?utm_campaign=t-sf-insurance-dogs-d-ww-220620&utm_medium=taboola&utm_source=taboola&utm_term=openmagic-techcubenow
Title: Sizzlfy

Search URL Search Domain Scan URL

URL: https://www.bedtimez.com/worldwide/woman-stunned-necklace-ta?utm_campaign=t-bt-necklace-s-d-ww-221220&utm_medium=taboola&utm_source=taboola&utm_term=openmagic-techcubenow
Title: Bedtimez

Search URL Search Domain Scan URL

URL: https://www.dailyforest.com/worldwide/dad-peculiar-mark-son-ta?utm_campaign=t-df-hungry-boy-s-d-ww-280920&utm_medium=taboola&utm_source=taboola&utm_term=openmagic-techcubenow
Title: Dailyforest

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1610690288619&ns_c=UTF-8&cv=3.5&c8=Corona%20Quiz%20Question&c7=http%3A%2F%2Fcorona.filelinkdown.xyz%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1610690288619&ns_c=UTF-8&cv=3.5&c8=Corona%20Quiz%20Question&c7=http%3A%2F%2Fcorona.filelinkdown.xyz%2F&c9=&cs_ak_ss=1

Request Chain 15

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e15e1720-9fca-46ca-8981-e66e54fb4957 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e15e1720-9fca-46ca-8981-e66e54fb4957&tbid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&query=taboola_hm%3De15e1720-9fca-46ca-8981-e66e54fb4957&isDirect=0

Request Chain 17

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=6SvXGNLMbBmC&ev=1&orig=trc&pid=562107

Request Chain 19

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKvPCkjPlTLM3Q_gK3bvNAM&google_cver=1

Request Chain 21

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470

Request Chain 22

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8b544c77-5a09-4663-92ca-65314190ef7a

Request Chain 23

https://ce.lijit.com/merge?pid=42&3pid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 28

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=dbae79ee-a0a5-440a-83de-ca8b59b20fa7

Request Chain 29

https://id5-sync.com/s/464/9.gif?puid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOwGYpUgkio139FHjc9wNk_zIh8RgpuNTQkwX-A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOwGYpUgkio139FHjc9wNk_zIh8RgpuNTQkwX-A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=6e9120e8-6ff7-47a7-9c54-b28527cca6b5&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESED3ONpaHoxkn6Raa0ROb9UA&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESED3ONpaHoxkn6Raa0ROb9UA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESED3ONpaHoxkn6Raa0ROb9UA%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5678505999341240206&opid=apx&ops=&utidl=tech:goo:CAESED3ONpaHoxkn6Raa0ROb9UA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A10884501409&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/4/4.gif?puid=e4be6359ade27c79e1cdc059689a0353&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/3/5.gif?puid=87bd00d5-b50f-4d21-abfe-84a2dbd4f245&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Request Chain 30

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=VuVaFfoID1O8WK-98i4BYA

Request Chain 33

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://rtb.4finance.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=d67e055e-dcde-4116-8ef9-be8b19cabadf&bsw_param=d67e055e-dcde-4116-8ef9-be8b19cabadf

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
corona.filelinkdown.xyz/ 5 KB
2 KB 348ms
317ms Document
text/html 162.215.252.35
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://corona.filelinkdown.xyz/
Protocol: HTTP/1.1
Server: 162.215.252.35 Provo, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-86.webhostbox.net
Software: Apache /
Resource Hash: bad4904b6b20b727353e5d9b79db5619e8b5a689d84da793d0f76fedd071e1b0

Request headers

Host: corona.filelinkdown.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 05:58:08 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 14 Jan 2021 06:09:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2103
Keep-Alive: timeout=5, max=75
Content-Type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-180178833-1

Requested by

Host: corona.filelinkdown.xyz
URL: http://corona.filelinkdown.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

112721dc5074274380e6eb27c8155ef04bb4c8af2304e000473b0b4aa9b7c75b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:58:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38970
x-xss-protection: 0
last-modified: Fri, 15 Jan 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jan 2021 05:58:08 GMT

GET
H/1.1 200
OK style.min.css
corona.filelinkdown.xyz/ 10 KB
3 KB 172ms
172ms Stylesheet
text/css 162.215.252.35
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to

Full URL: http://corona.filelinkdown.xyz/style.min.css
Requested by: Host: corona.filelinkdown.xyz
URL: http://corona.filelinkdown.xyz/
Protocol: HTTP/1.1
Server: 162.215.252.35 Provo, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: md-86.webhostbox.net
Software: Apache /
Resource Hash: beebff79994339b4c59ac99ba07ce12b375b2ea4da1c9425e6bf62e0844051d2

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 05:58:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Nov 2020 15:48:03 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 3160

GET
H2 200 red2.png
1.bp.blogspot.com/-LWqlhQFDy1I/X__fhsCvujI/AAAAAAAAAIE/qfHlyNFomLobIhvuMaRpDTpKhyJSbNZaACLcBGAsYHQ/s320/ 52 KB
53 KB 26ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-LWqlhQFDy1I/X__fhsCvujI/AAAAAAAAAIE/qfHlyNFomLobIhvuMaRpDTpKhyJSbNZaACLcBGAsYHQ/s320/red2.png

Requested by

Host: corona.filelinkdown.xyz
URL: http://corona.filelinkdown.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cf538d6d47f335c53eeb42f926076494f6227e803bf71524cff266504d6693ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:57:02 GMT
x-content-type-options: nosniff
age: 66
content-disposition: inline;filename="red2.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53562
x-xss-protection: 0
server: fife
etag: "v82"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 16 Jan 2021 05:57:02 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: corona.filelinkdown.xyz
URL: http://corona.filelinkdown.xyz/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91fafa20d57fc14c9a0c122f28cc8cbfda1c18dc7facc93110a53efc036a83b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 15 Jan 2021 05:58:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12044669215877344396
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 47528
X-XSS-Protection: 0
Expires: Fri, 15 Jan 2021 05:58:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-180178833-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2316
date: Fri, 15 Jan 2021 05:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 15 Jan 2021 07:19:32 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
392 B 46ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=323948414&t=pageview&_s=1&dl=http%3A%2F%2Fcorona.filelinkdown.xyz%2F&ul=en-us&de=UTF-8&dt=Corona%20Quiz%20Question&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1176859266&gjid=1161782048&cid=907145865.1610690288&tid=UA-180178833-1&_gid=440565864.1610690288&_r=1&gtm=2ou161&z=823605135

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:58:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://corona.filelinkdown.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/openmagic-techcubenow/ 111 KB
22 KB 108ms
82ms Script
application/javascript 151.101.37.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/openmagic-techcubenow/loader.js
Requested by: Host: corona.filelinkdown.xyz
URL: http://corona.filelinkdown.xyz/
Protocol: HTTP/1.1
Server: 151.101.37.44 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.93.1.2-11.12.6 /
Resource Hash: e7b7265fd3f0f0785ee719dffc8566e3d61ea32e3692caaa1b0031d89de1febf

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Amz-Version-Id: Xp5txYuxH5hmPzS0DE26inS5sbOsAqCe
Content-Encoding: gzip
Etag: "640bf6fe4451291d38df7f03ba6cf2c7f69f12fe"
Age: 0
Via: 1.1 varnish
X-Cache: MISS
X-From-Cache: 1
Connection: keep-alive
Content-Length: 22133
X-Amz-Id-2: WGcmmZUUpw7jWDNseMscV581jIvyQ3XXX8/psm48gXhlx1SRUGHzKdPmVVcCvg29eDSannZRIEs=
X-Served-By: cache-ams21025-AMS
Last-Modified: Thu, 14 Jan 2021 20:16:01 UTC
Server: obaker.93.1.2-11.12.6
X-Timer: S1610690288.406493,VS0,VE12
Date: Fri, 15 Jan 2021 05:58:08 GMT
Vary: Accept-Encoding, Accept-Encoding
X-Amz-Request-Id: 338364F1ACAB6793
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=14400
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 13
X-Cache-Hits: 0

GET
H2 200 impl.20210105-27-RELEASE.js Show response
cdn.taboola.com/libtrc/ 450 KB
104 KB 146ms
49ms Script
application/javascript 151.101.37.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210105-27-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/openmagic-techcubenow/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.37.44 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 285b39e59f40be6646b765442bb3e6d41152efb785dae07b834b624b42a1bd11

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 04ItyRfkF35vtPGjEcGVefCmpsqCpp11
content-encoding: br
etag: "bda2d0034c71e628cdd2de929975f8ac"
age: 14018
x-cache: HIT
content-length: 106040
x-amz-id-2: DP6Z2fJ0lRpi1+bZ2Qhqh9FZzcT2rnAI+HEpSvcPsy5qoNQ6yeb8BTgSqWDNah3KwnEuqsFV4w8=
x-served-by: cache-ams21030-AMS
last-modified: Wed, 06 Jan 2021 01:44:39 GMT
server: AmazonS3-br
x-timer: S1610690289.601565,VS0,VE0
date: Fri, 15 Jan 2021 05:58:08 GMT
vary: Accept-Encoding
x-amz-request-id: 3Q8P0Y0K6J5N1SEJ
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 24
x-cache-hits: 256

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 131ms
43ms Script
application/x-javascript 95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/openmagic-techcubenow/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 15 Jan 2021 05:58:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 16 Jan 2021 05:58:08 GMT

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
179 B 145ms
48ms Image
text/html 151.101.37.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=feed_view_on_widget_ctrl
Requested by: Host: corona.filelinkdown.xyz
URL: http://corona.filelinkdown.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.37.44 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:58:08 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1610690289.601540,VS0,VE0
x-served-by: cache-ams21030-AMS
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1610690288619&ns_c=UTF-8&cv=3.5&c8=Corona%20Quiz%20Question&c7=http%3A%2F%2Fcorona.filelinkdown.xyz%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1610690288619&ns_c=UTF-8&cv=3.5&c8=Corona%20Quiz%20Question&c7=http%3A%2F%2Fcorona.filelinkdown.xyz%2F&c9=&cs_ak_ss=1

0
528 B

43ms
43ms

Image
text/plain

95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1610690288619&ns_c=UTF-8&cv=3.5&c8=Corona%20Quiz%20Question&c7=http%3A%2F%2Fcorona.filelinkdown.xyz%2F&c9=&cs_ak_ss=1
Requested by: Host: corona.filelinkdown.xyz
URL: http://corona.filelinkdown.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 05:58:08 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1610690288619&ns_c=UTF-8&cv=3.5&c8=Corona%20Quiz%20Question&c7=http%3A%2F%2Fcorona.filelinkdown.xyz%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 15 Jan 2021 05:58:08 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/openmagic-techcubenow/trc/3/ 7 KB
4 KB 267ms
174ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/openmagic-techcubenow/trc/3/json?tim=06%3A58%3A08.733&lti=feed_view_on_widget_ctrl&data=%7B%22id%22%3A600%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1610462963256%2C%22vi%22%3A1610690288730%2C%22cv%22%3A%2220210105-27-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22%E0%A4%95%E0%A5%8B%E0%A4%B0%E0%A5%8B%E0%A4%A8-%E0%A4%B0%E0%A4%BE%E0%A4%B6%E0%A4%BF%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22pev%22%3A4446%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1200%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a-mid%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22cd%22%3A744%2C%22mw%22%3A540%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2CMid%20Article%20Thumbnails%3Dthumbnails-a-mid%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22feed_view_on_widget_ctrl%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210105-27-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d2d8c107210862c346da7ed5b19a28340d925f29befdfe1e09ef30b391472fb

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 128
date: Fri, 15 Jan 2021 05:58:08 GMT
content-encoding: gzip
server: nginx
x-timer: S1610690289.846719,VS0,VE128
x-served-by: cache-hhn11540-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://corona.filelinkdown.xyz
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 9 KB
3 KB 49ms
48ms Script
application/javascript 151.101.37.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210105-27-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.37.44 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d21b365aa7968435db31dedd0bf05c3042b07705d57bd5fa67445e1b0ea4d52f

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: wKr49QAntPaS84oe_qTozXfrvXHXa3pl
content-encoding: gzip
etag: "ae079525eca1b4210b376960bba03b00"
age: 21472
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3121
x-amz-id-2: 1iQstw+/OXYGMDw0i5ggV4vHlcWvmzZxDkjic8pRak7MJWXUIIptuVWDjMVkoRFgvild7r8rqlc=
x-served-by: cache-ams21030-AMS
last-modified: Tue, 29 Dec 2020 14:04:13 GMT
server: AmazonS3
x-timer: S1610690289.027704,VS0,VE0
date: Fri, 15 Jan 2021 05:58:09 GMT
vary: Accept-Encoding
x-amz-request-id: A36B3D801274936E
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 82
x-cache-hits: 60942

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 3 KB
1 KB 48ms
48ms Stylesheet
text/css 151.101.37.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210105-27-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.37.44 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding: gzip
etag: "9e155136143a96e23a99757df9aa3cc8"
age: 21539
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 728
x-amz-id-2: KFZ1G8YJpQ2erCz1FHveGckP+XuvHkzl4b3QaTc0UK3WXAupb0utSJ9NvDWDYJv7Y+WZ9a6uYuU=
x-served-by: cache-ams21030-AMS
last-modified: Sun, 15 Nov 2020 09:20:35 GMT
server: AmazonS3
x-timer: S1610690289.027255,VS0,VE0
date: Fri, 15 Jan 2021 05:58:09 GMT
vary: Accept-Encoding
x-amz-request-id: 4DE7CEAB077B16E7
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 82
x-cache-hits: 59173

GET
H2 200 userx.20210105-27-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 49ms
48ms Script
application/javascript 151.101.37.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210105-27-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/openmagic-techcubenow/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.37.44 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 082e1c7817124b4153601dbf7cd589f3467dc5dbcd8032ced7bda890c5cd6e46

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ZZTkOw1bT9mmmVlIU2oGraz63rLyf9JY
content-encoding: gzip
etag: "1eaa097151405b8e81b265d1e7a3135b"
age: 121
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7878
x-amz-id-2: 4ymgfPeVD0IruZtK794sodKtvtsJtmPGLHVYFZoamJgc4/mCWRXDxKz1LhukGGYFj8AyfRvk4Ng=
x-served-by: cache-ams21030-AMS
last-modified: Wed, 06 Jan 2021 02:35:03 GMT
server: AmazonS3
x-timer: S1610690289.039053,VS0,VE1
date: Fri, 15 Jan 2021 05:58:09 GMT
vary: Accept-Encoding
x-amz-request-id: 70E76A2FC8B2824F
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 82
x-cache-hits: 1

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame A571
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e15e1720-9fca-46ca-8981-e66e54fb4957
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e15e1720-9fca-46ca-8981-e66e54fb4957&tbid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&query=taboola_hm%3De15e1720-9fca-...

0
53 B

55ms
54ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e15e1720-9fca-46ca-8981-e66e54fb4957&tbid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&query=taboola_hm%3De15e1720-9fca-46ca-8981-e66e54fb4957&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:58:09 GMT
via: 1.1 varnish
server: nginx
x-timer: S1610690289.369031,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11540-HHN

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e15e1720-9fca-46ca-8981-e66e54fb4957&tbid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&query=taboola_hm%3De15e1720-9fca-46ca-8981-e66e54fb4957&isDirect=0
tbl-x-upstream: 10.41.22.181:10213
date: Fri, 15 Jan 2021 05:58:09 GMT
server: nginx
x-fastly-to-nlb-rtt: 22454

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame A571 0
239 B 203ms
48ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame A571
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=6SvXGNLMbBmC&ev=1&orig=trc&pid=562107

0
218 B

49ms
48ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=6SvXGNLMbBmC&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Fri, 15 Jan 2021 05:58:09 GMT
server: nginx
x-fastly-to-nlb-rtt: 22452

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=6SvXGNLMbBmC&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7458d5554-54whc
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame A571 43 B
690 B 151ms
48ms Image
image/gif 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 05:58:09 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.85:80
AN-X-Request-Uuid: 68dff7ae-cf60-4943-9efb-23964a3ef9fb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame A571
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKvPCkjPlTLM3Q_gK3bvNAM&google_cver=1

0
206 B

105ms
104ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKvPCkjPlTLM3Q_gK3bvNAM&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 59
date: Fri, 15 Jan 2021 05:58:09 GMT
via: 1.1 varnish
server: nginx
x-timer: S1610690289.232545,VS0,VE59
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11540-HHN

Redirect headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:58:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEKvPCkjPlTLM3Q_gK3bvNAM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame A571 42 B
885 B 235ms
55ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470:$UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 15 Jan 2021 05:58:09 GMT
X-lat: Pug22070:0:347
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame A571
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470

170 B
201 B

36ms
23ms

Image
image/png

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:58:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470
tbl-x-upstream: 10.41.22.84:10213
date: Fri, 15 Jan 2021 05:58:09 GMT
server: nginx
x-fastly-to-nlb-rtt: 22453

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame A571
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8b544c77-5a09-4663-92ca-65314190ef7a

0
59 B

145ms
145ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8b544c77-5a09-4663-92ca-65314190ef7a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 60
date: Fri, 15 Jan 2021 05:58:09 GMT
via: 1.1 varnish
server: nginx
x-timer: S1610690289.337539,VS0,VE60
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11540-HHN

Redirect headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:58:09 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8b544c77-5a09-4663-92ca-65314190ef7a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame A571
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

66ms
66ms

Image
text/plain

216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 05:58:09 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 05:58:09 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame A571 49 B
405 B 369ms
122ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-7458d5554-wr29k
expires: -1

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame A571 43 B
500 B 934ms
305ms Image
image/gif 161.117.111.214
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 161.117.111.214 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:58:09 GMT
cache-control: no-cache,no-store
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame A571 42 B
233 B 371ms
124ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Jan 2021 05:58:09 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 200 put
e1.emxdgt.com/ Frame A571 43 B
124 B 280ms
55ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 05:58:08 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A571
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=dbae79ee-a0a5-440a-83de-ca8b59b20fa7

0
227 B

50ms
48ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=dbae79ee-a0a5-440a-83de-ca8b59b20fa7
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.199:10213
date: Fri, 15 Jan 2021 05:58:09 GMT
server: nginx
x-fastly-to-nlb-rtt: 24406

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=dbae79ee-a0a5-440a-83de-ca8b59b20fa7
cache-control: no-cache
date: Fri, 15 Jan 2021 05:58:09 GMT
server-processing-duration-in-ticks: 2350
content-type: text/html; charset=utf-8
content-length: 222
expires: Fri, 15 Jan 2021 00:00:00 GMT

GET

check
pixel.tapad.com/idsync/ex/push/ Frame A571
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOwGYpUgkio139FHjc9wNk_zIh8RgpuNTQkwX-A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOOwGYpUgkio139FHjc9wNk_zIh8RgpuNTQkwX-A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=6e9120e8-6ff7-47a7-9c54-b28527cca6b5&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESED3ONpaHoxkn6Raa0ROb9UA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESED3ONpaHoxkn6Raa0ROb9...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5678505999341240206&opid=apx&ops=&utidl=tech:goo:CAESED3ONpaHoxkn6Raa0ROb9UA&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A10884501409&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/4/4.gif?puid=e4be6359ade27c79e1cdc059689a0353&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/3/5.gif?puid=87bd00d5-b50f-4d21-abfe-84a2dbd4f245&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame A571
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=VuVaFfoID1O8WK-98i4BYA

0
218 B

48ms
48ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=VuVaFfoID1O8WK-98i4BYA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Fri, 15 Jan 2021 05:58:10 GMT
server: nginx
x-fastly-to-nlb-rtt: 30166

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=VuVaFfoID1O8WK-98i4BYA
date: Fri, 15 Jan 2021 05:58:10 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame A571 35 B
380 B 526ms
132ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Fri, 15 Jan 2021 05:57:57 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame A571 0
155 B 364ms
120ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=7baac3f2-ad6a-47bf-af6e-cdb17187f891-tuct6fab470&_r=8125885
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 15 Jan 2021 05:58:09 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET

sync
rtb.4finance.com/ Frame A571
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://rtb.4finance.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=d67e055e-dcde-4116-8ef9-be8b19cabadf&bsw_param=d67e055e-dcde-4116-8ef9-be8b19cabadf

0
0

GET
H2 200 1ce84382bb97a7fdfd7804735030217a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 50ms
49ms Image
image/jpeg 151.101.37.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ce84382bb97a7fdfd7804735030217a.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.37.44 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 85decc883654a8ad3047d637aea16cf97817f499036a56d7e45c0c1851888829

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 15 Jan 2021 05:58:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 569272
edge-cache-tag: 521506763909245425875228162691108281324,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Mon, 08 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ce84382bb97a7fdfd7804735030217a.jpeg
content-length: 7862
x-served-by: cache-dca17756-DCA, cache-dca17759-DCA, cache-ams21030-AMS
last-modified: Fri, 08 Jan 2021 08:55:07 GMT
server: cloudinary
x-timer: S1610690289.483622,VS0,VE1
etag: "dfb71c1f5b977e76968b5ce36c6efcfe"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 1a69001c6f3e802fb5775baa498e9772.jpg
images.taboola.com/taboola/image/fetch/h_184,w_220,c_fill,g_xy_center,x_548,y_527/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
18 KB 49ms
49ms Image
image/jpeg 151.101.37.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_184,w_220,c_fill,g_xy_center,x_548,y_527/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1a69001c6f3e802fb5775baa498e9772.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.37.44 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c7f62eac32b39c5911ae93949192c7dca0e6e8cfac6f66489e829ffb6633d8fc

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 15 Jan 2021 05:58:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2060176
edge-cache-tag: 327883565848662739534657449353862376330,362023333678014063822817637915604147237,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_184,w_220,c_fill,g_xy_center,x_548,y_527/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1a69001c6f3e802fb5775baa498e9772.jpg
content-length: 18288
x-request-id: 4f12d3d1578876dbcbe37cfe835974dc
x-served-by: cache-dca17772-DCA, cache-dca17781-DCA, cache-ams21030-AMS
last-modified: Sun, 20 Dec 2020 13:17:33 GMT
server: cloudinary
x-timer: S1610690289.498621,VS0,VE1
etag: "359b7798cc9ce94cbbc9fdfdcffc1014"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 9e1d373178f3f7a1594b6149acbd9122.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
16 KB 49ms
49ms Image
image/jpeg 151.101.37.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e1d373178f3f7a1594b6149acbd9122.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.37.44 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9ac1397b2e8b234ff023199b82c81636f126ff8c4026583d1fe6af41d63cc048

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 15 Jan 2021 05:58:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 317397
edge-cache-tag: 409228639907199641854054161167389107095,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e1d373178f3f7a1594b6149acbd9122.jpg
content-length: 16291
x-request-id: 306f1d70365ef2ef0d1340589c927128
x-served-by: cache-dca17726-DCA, cache-dca17723-DCA, cache-ams21030-AMS
last-modified: Mon, 14 Dec 2020 19:23:12 GMT
server: cloudinary
x-timer: S1610690290.523337,VS0,VE1
etag: "93832c9584e2662656fbe4d141595e00"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H/1.1 200
OK f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
1 KB 48ms
48ms Image
image/png 151.101.37.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: corona.filelinkdown.xyz
URL: http://corona.filelinkdown.xyz/
Protocol: HTTP/1.1
Server: 151.101.37.44 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Via: 1.1 varnish
ETag: "dfa7b52c86e56bd67fa4002f6ed19854"
Age: 22374
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 254
x-amz-id-2: GiPaBCXjoftRWW8ShtAMKqC6LJn/Noi+2J4kpYAEffTfH3z1IaVYgmOoH5JxKrMqPlBEbT7Cczs=
X-Served-By: cache-ams21025-AMS
Last-Modified: Wed, 24 Jun 2015 07:14:11 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer: S1610690289.106231,VS0,VE0
Date: Fri, 15 Jan 2021 05:58:09 GMT
x-amz-request-id: 1247D748B6641016
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: image/png
abp: 24
X-Cache-Hits: 5050

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ce84382bb97a7fdfd7804735030217a.jpeg
Requested by: Host: corona.filelinkdown.xyz
URL: http://corona.filelinkdown.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.37.44 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 85decc883654a8ad3047d637aea16cf97817f499036a56d7e45c0c1851888829

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 15 Jan 2021 05:58:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 569272
edge-cache-tag: 521506763909245425875228162691108281324,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Mon, 08 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ce84382bb97a7fdfd7804735030217a.jpeg
content-length: 7862
x-served-by: cache-dca17756-DCA, cache-dca17759-DCA, cache-ams21030-AMS
last-modified: Fri, 08 Jan 2021 08:55:07 GMT
server: cloudinary
x-timer: S1610690290.550892,VS0,VE0
etag: "dfb71c1f5b977e76968b5ce36c6efcfe"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_184,w_220,c_fill,g_xy_center,x_548,y_527/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1a69001c6f3e802fb5775baa498e9772.jpg
Requested by: Host: corona.filelinkdown.xyz
URL: http://corona.filelinkdown.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.37.44 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c7f62eac32b39c5911ae93949192c7dca0e6e8cfac6f66489e829ffb6633d8fc

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 15 Jan 2021 05:58:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2060176
edge-cache-tag: 327883565848662739534657449353862376330,362023333678014063822817637915604147237,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_184,w_220,c_fill,g_xy_center,x_548,y_527/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1a69001c6f3e802fb5775baa498e9772.jpg
content-length: 18288
x-request-id: 4f12d3d1578876dbcbe37cfe835974dc
x-served-by: cache-dca17772-DCA, cache-dca17781-DCA, cache-ams21030-AMS
last-modified: Sun, 20 Dec 2020 13:17:33 GMT
server: cloudinary
x-timer: S1610690290.567941,VS0,VE0
etag: "359b7798cc9ce94cbbc9fdfdcffc1014"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e1d373178f3f7a1594b6149acbd9122.jpg
Requested by: Host: corona.filelinkdown.xyz
URL: http://corona.filelinkdown.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.37.44 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9ac1397b2e8b234ff023199b82c81636f126ff8c4026583d1fe6af41d63cc048

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 15 Jan 2021 05:58:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 317397
edge-cache-tag: 409228639907199641854054161167389107095,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e1d373178f3f7a1594b6149acbd9122.jpg
content-length: 16291
x-request-id: 306f1d70365ef2ef0d1340589c927128
x-served-by: cache-dca17726-DCA, cache-dca17723-DCA, cache-ams21030-AMS
last-modified: Mon, 14 Dec 2020 19:23:12 GMT
server: cloudinary
x-timer: S1610690290.601318,VS0,VE0
etag: "93832c9584e2662656fbe4d141595e00"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

POST
H2 204 bulk Show response
trc.taboola.com/openmagic-techcubenow/log/3/ 0
236 B 101ms
101ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/openmagic-techcubenow/log/3/bulk?route=IL%3AIL%3AV&lti=feed_view_on_widget_ctrl&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210105-27-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 56
pragma: no-cache
date: Fri, 15 Jan 2021 05:58:10 GMT
via: 1.1 varnish
server: nginx
x-timer: S1610690290.063972,VS0,VE56
x-served-by: cache-hhn11540-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://corona.filelinkdown.xyz
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/openmagic-techcubenow/log/3/ 0
62 B 118ms
118ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/openmagic-techcubenow/log/3/visible?route=IL%3AIL%3AV&lti=feed_view_on_widget_ctrl
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210105-27-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 61
pragma: no-cache
date: Fri, 15 Jan 2021 05:58:10 GMT
via: 1.1 varnish
server: nginx
x-timer: S1610690290.067963,VS0,VE61
x-served-by: cache-hhn11540-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://corona.filelinkdown.xyz
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 perf Show response
trc-events.taboola.com/openmagic-techcubenow/log/3/ 0
429 B 58ms
51ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/openmagic-techcubenow/log/3/perf?route=IL%3AIL%3AV&lti=feed_view_on_widget_ctrl
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210105-27-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://corona.filelinkdown.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 15 Jan 2021 05:58:18 GMT
server: nginx
x-fastly-to-nlb-rtt: 29195
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://corona.filelinkdown.xyz
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.175:10213

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: rtb.4finance.com
URL: https://rtb.4finance.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=d67e055e-dcde-4116-8ef9-be8b19cabadf&bsw_param=d67e055e-dcde-4116-8ef9-be8b19cabadf

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.filelinkdown.xyz/	1970-01-19 15:24:50	Name: _gat_gtag_UA_180178833_1 Value: 1
.filelinkdown.xyz/	1970-01-19 15:26:16	Name: _gid Value: GA1.2.440565864.1610690288
.filelinkdown.xyz/	1970-01-20 08:56:02	Name: _ga Value: GA1.2.907145865.1610690288

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
bh.contextweb.com
bttrack.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
corona.filelinkdown.xyz
dis.criteo.com
dsp.adkernel.com
e1.emxdgt.com
ib.adnxs.com
images.taboola.com
match.adsrvr.org
match.taboola.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
rtb-csync.smartadserver.com
rtb.4finance.com
rtb.mfadsrvr.com
s.c.appier.net
sb.scorecardresearch.com
simage2.pubmatic.com
sync-t1.taboola.com
sync.taboola.com
trc-events.taboola.com
trc.taboola.com
www.google-analytics.com
www.googletagmanager.com
pixel.tapad.com
rtb.4finance.com
141.226.224.32
141.226.228.48
151.101.37.44
161.117.111.214
162.215.252.35
172.104.70.67
174.137.133.49
178.250.2.151
18.193.136.159
18.195.155.181
185.33.221.91
185.64.189.110
192.132.33.46
198.148.27.139
199.232.137.44
216.52.2.19
216.58.212.162
2a00:1450:4001:800::2001
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:81c::2002
54.171.98.69
69.173.144.138
95.101.55.60
082e1c7817124b4153601dbf7cd589f3467dc5dbcd8032ced7bda890c5cd6e46
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
112721dc5074274380e6eb27c8155ef04bb4c8af2304e000473b0b4aa9b7c75b
285b39e59f40be6646b765442bb3e6d41152efb785dae07b834b624b42a1bd11
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7d2d8c107210862c346da7ed5b19a28340d925f29befdfe1e09ef30b391472fb
85decc883654a8ad3047d637aea16cf97817f499036a56d7e45c0c1851888829
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
91fafa20d57fc14c9a0c122f28cc8cbfda1c18dc7facc93110a53efc036a83b4
9ac1397b2e8b234ff023199b82c81636f126ff8c4026583d1fe6af41d63cc048
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835
bad4904b6b20b727353e5d9b79db5619e8b5a689d84da793d0f76fedd071e1b0
beebff79994339b4c59ac99ba07ce12b375b2ea4da1c9425e6bf62e0844051d2
c7f62eac32b39c5911ae93949192c7dca0e6e8cfac6f66489e829ffb6633d8fc
cf538d6d47f335c53eeb42f926076494f6227e803bf71524cff266504d6693ea
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d21b365aa7968435db31dedd0bf05c3042b07705d57bd5fa67445e1b0ea4d52f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e7b7265fd3f0f0785ee719dffc8566e3d61ea32e3692caaa1b0031d89de1febf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

corona.filelinkdown.xyz Open in urlscan Pro 162.215.252.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

45 Requests

84 %HTTPS

17 %IPv6

23 Domains

30 Subdomains

20 IPs

10 Countries

399 kBTransfer

1031 kBSize

3 Cookies

4 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

corona.filelinkdown.xyz Open in urlscan Pro
162.215.252.35 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

84 %
HTTPS

17 %
IPv6

23
Domains

30
Subdomains

20
IPs

10
Countries

399 kB
Transfer

1031 kB
Size

3
Cookies

45 HTTP transactions
0 data transactions