uhgy.v5-amironetwork.site Open in urlscan Pro
185.143.234.122 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://uhgy.v5-amironetwork.site/
Submission: On June 03 via api (June 3rd 2023, 8:22:36 am UTC) from US — Scanned from US

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 18 domains to perform 73 HTTP transactions. The main IP is 185.143.234.122, located in Iran, Islamic Republic Of and belongs to ARVANCLOUD-CDN-, IR. The main domain is uhgy.v5-amironetwork.site.
TLS certificate: Issued by R3 on March 28th 2023. Valid for: 3 months.

This is the only time uhgy.v5-amironetwork.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.143.234.122 185.143.234.122	205585 (ARVANCLOU...) (ARVANCLOUD-CDN-)
10	207.38.103.240 207.38.103.240	5693 (DATABANK-...) (DATABANK-LATISYS)
3	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
2	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2 5	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:ddb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 21	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.5.231.217 23.5.231.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.18.12.14 104.18.12.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:ae80:145... 2606:ae80:1451:18::1780	25751 (VALUECLICK) (VALUECLICK)
1 1	23.197.21.62 23.197.21.62	() ()
1	69.173.151.100 69.173.151.100	() ()
1 1	142.251.35.162 142.251.35.162	() ()
1	3.85.179.105 3.85.179.105	() ()
73	17

1 185.143.234.122 (Iran, Islamic Republic Of)

ASN205585 (ARVANCLOUD-CDN-, IR)

uhgy.v5-amironetwork.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 207.38.103.240 (Stanton, United States)

ASN5693 (DATABANK-LATISYS, US)

translation2.paralink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:808::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80a::2002 (Flushing, United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:ddb (United States)

ASN13335 (CLOUDFLARENET, US)

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.5.231.217 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-231-217.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.12.14 (None, )

ASN13335 (CLOUDFLARENET, US)

a4.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:18::1780 (United States)

ASN25751 (VALUECLICK, US)

direct.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.21.62 (None, ) 1 redirects

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.162 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.85.179.105 (None, )

ASN- ()

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	tribalfusion.com 2 redirects s.tribalfusion.com — Cisco Umbrella Rank: 2005 a4.tribalfusion.com — Cisco Umbrella Rank: 27863 a.tribalfusion.com Failed	15 KB
10	paralink.com translation2.paralink.com — Cisco Umbrella Rank: 888949	49 KB
6	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net	6 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123	478 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 103	743 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	94 KB
2	dotomi.com direct.ad.cpe.dotomi.com — Cisco Umbrella Rank: 16402 cookie.sync.ad.cpe.dotomi.com Failed	2 KB
2	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1290	8 KB
2	exponential.com tags.expo9.exponential.com — Cisco Umbrella Rank: 13804	28 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 14602 c.statcounter.com — Cisco Umbrella Rank: 9868	15 KB
1	krxd.net beacon.krxd.net	338 B
1	rubiconproject.com pixel.rubiconproject.com	764 B
1	bluekai.com 1 redirects tags.bluekai.com	472 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1056	611 B
1	v5-amironetwork.site uhgy.v5-amironetwork.site	9 KB
0	dmxleo.com Failed public-prod-dspcookiematching.dmxleo.com Failed
0	pubmatic.com Failed simage2.pubmatic.com Failed
73	18

	Domain	Requested by
17	s.tribalfusion.com	tags.expo9.exponential.com translation2.paralink.com
10	translation2.paralink.com	uhgy.v5-amironetwork.site translation2.paralink.com pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	uhgy.v5-amironetwork.site pagead2.googlesyndication.com direct.ad.cpe.dotomi.com
5	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com
4	a.tribalfusion.com	s.tribalfusion.com
3	adservice.google.com	pagead2.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	uhgy.v5-amironetwork.site www.googletagmanager.com
2	direct.ad.cpe.dotomi.com	secure.cdn.fastclick.net
2	a4.tribalfusion.com	translation2.paralink.com
2	secure.cdn.fastclick.net	s.tribalfusion.com
2	tags.expo9.exponential.com	translation2.paralink.com
1	beacon.krxd.net	s.tribalfusion.com
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	s.tribalfusion.com
1	tags.bluekai.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	uhgy.v5-amironetwork.site
1	uhgy.v5-amironetwork.site
0	public-prod-dspcookiematching.dmxleo.com Failed	s.tribalfusion.com
0	simage2.pubmatic.com Failed	s.tribalfusion.com
0	cookie.sync.ad.cpe.dotomi.com Failed	secure.cdn.fastclick.net
73	23

This site contains no links.

Subject Issuer	Validity	Valid
*.v5-amironetwork.site R3	`2023-03-28` - `2023-06-26`	3 months	crt.sh
*.smartlinkcorp.com R3	`2023-04-29` - `2023-07-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
exponential.com Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://uhgy.v5-amironetwork.site/
Frame ID: F3B4BE4921A7CD6F22C1E9CE2C5B4205
Requests: 21 HTTP requests in this frame

Frame: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
Frame ID: 7E2BB319E9245082B6C44128F4B8652F
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5177611512099267&output=html&h=60&slotname=9482378846&adk=2700236837&adf=111965227&pi=t.ma~as.9482378846&w=468&lmt=1685780541&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685780540061&bpp=91&bdt=664&idt=988&shv=r20230531&mjsv=m202305310101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3835126996&correlator=2545124872431&frm=20&pv=2&ga_vid=358966422.1685780541&ga_sid=1685780541&ga_hid=2015430318&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=135&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074990%2C31075004%2C44785294%2C44788441&oid=2&pvsid=1084791093110873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OtqmKiM3m7&p=https%3A//uhgy.v5-amironetwork.site&dtd=1046
Frame ID: 2C46C558C1CA279565D802BC95DFDA0F
Requests: 1 HTTP requests in this frame

Frame: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp
Frame ID: 8B78F98B11442EC210C604931C119B6F
Requests: 11 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a0mW0LpdEx36YR3cvcVsFaUcJlPA3OTdM3Urf23bAuUaQmWTQlPTMZcRs3BPbumPWfcWGr54bevmtit0qmu2HfFPcFB26vHmtayUdQcYrfa1Ube0qZamPrrZbUbBXTtYYoFfxPrjr1EMs3TZbl2qY1naMBXF7dUtB0n6QBnV7mmHnJ3qZbi5tEm4mZbIpbQEYsM0XsM5XsFxmanQ3UJSTFnZcUA7TPrB0ScZaXq9evypiXTdEuv9aG282dprjXxBPmorX8PaQERZcMMAF&mediaDataID=6546596&mediaName=frame.html
Frame ID: 2E4E42C7F4BD330A43CE14BA9F7E8C85
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a1mWRK3A7ZdprMLXsbQXsr5XGBMmarU2FM2VFbCWAMTRTYXPcUMPtfN0WrxVPbw4cJ5XF3DTPau4AU6R6bB2tBr1tnZbptPo3mMY4GjdUsJdUcjkSPvxUdv3UUn25UiwUEjrVTY7PTnFSVfBQbumRWMiVGM54Uyvnt6m0qyy3H3EPsMB56JZbmdAyTHQ60b3kXF7lXTaoSFJCUrB3Wd3TnFJqRFJs1qvy3TUa2a7Ytq7I1mmHqpZayPbfB3S24V8QoZcB79i9&mediaDataID=5578346&mediaName=frame.html
Frame ID: 922061EB9E07F9F51EDEEB29A8058A50
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a2mVwBmdArVWJ7XF3iXrQgXaasSUMBWbvSVt31mrZbxRFJtXE3y4Tfl5EjQmaMB1b39UWjXm67DnVvomHnC3aBh2WAp3PnGpbYEYsfWXsF2XGjvnqjT3rv2VrnFUAn0Rq3QQGUsStjOYt7pTm3w3GB2YbvZbTAPu5mrePmMA4WUO0dBZbpdIN5mQU5sYgUV3jVsFhP6vuTWZbRUrn55b2uUqjvVbjaSTA6sCiZctnjYPAqLsD2lwPeAXdrHZds&mediaDataID=2713736&mediaName=frame.html
Frame ID: 2E754D8DA9BA4416201D95306D12FA1F
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a3mWCZc36YP3sr6TsMaVGBhPPnnTHQRTFFP3bIqWqnvTErcPTYFRVjJQUqwRW7bUGjU4UmxmHyMXamx4dMEQcvG5PvLoWEyVHjhYUf9XFYfXaIsSrnDUrMSVHJ2orBrRbZbNYa3t3Tjk2avYoEFBXFU6TtJVmmUDmcYwoWfD5EU73Hmp3AZbKnbjIYs30XVQV1VBupaFT2bZbSVFMBUA7TREbQQWfsStTPN9EqnamS4m21ymafrFbR0d2ZatbyevGPduCaeMTAJX6Q1pk&mediaDataID=6719746&mediaName=frame.html
Frame ID: 85809FBA56E4FB64C8198EC5A441079E
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a4mW0LprMZb0GnQ1s350GfupTZbS2UnVWFJZcWArXPEvQSsnqPtZbr0tFpWAfm2cB20FFJT6yw4mFgPmbC4WUq0tZbKmHiN5PYY3cQgUVJ6VsMePPvvUtQRTrBP3U2pUqMtTanlQqYZcQVfIRr6oPWYbVcbV5rTrmWIMYTPp2tbFSGjZa4AJKmdioTWZbfXb3kXbZb91qZaqPUrHTbJ2VtFXorQxRUrNYr7t3TTBxm24WPee1o2ZamoE1qtubVD6XWVqQOQeJQEiFTF1eaa&mediaDataID=6530936&mediaName=frame.html
Frame ID: 55DB22CDB1FF26EA3A6E4E94A3626A2A
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a5mW8ZaVWJ80bnbXrQe0a6qPbMCWFv1WHnWmrFtPUfN1Tvr4TZba5a3YnqnLYFU6WWrRmPvBncfuoWnB5EUg3Wyq46JKnFnE0VU0XVF11VvxpTf22UQRVbZbZcWm75REr5SVrMQWZbNYtBoT6Mu4cv2YbZbKUAXq46ngQAFK2HZbrXWYAnW2O36rQ4G36TcMjVVf8SAMxWWvWTFr53bPtUqjvTTJlQbbZcQVPdr7FrrDqZaUQymwQMaYGfHOnJSwo3avCyfwpUy0omNwg&mediaDataID=6347136&mediaName=frame.html
Frame ID: 82C2E0CFE0E8A6D66329491E8B458837
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a6mWgZb3sr9VcQbWcFlSAJxWdMPUbjY2rauWqvrVTUlSEMZaRVJCQrEoSdjlWcbV2UenmtaOXT6n2tMHSGjH4PFZbpHemTdBh0rUkXbYk1qqtPbYBUrrYVdrWmFQmRUbm1qMy5qZbl2aYXoTbD1bj6TtMQnm3Zdns3updQJ3TZbh5teN5mvLpr3LXG3UYGnV1sjnmEBW5bvVWrvBWAj1REbQScZbMQGnNYtu3pqXOxoTr0SXZbmUbRvUfDyb2kwREQ47PCVCZaJ52hHZbT&mediaDataID=5436426&mediaName=frame.html
Frame ID: 0862DBFA2DFD4C580F0140ED9E5C1685
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a7mWgZb0GnS1c35XVfypErW5UrPTUFAWPYTPEn3QcQMSdfy0t7uW6Yu3VZbVXbZbKV6am4A3ePArI2HUtXWYLnHPu4AnU5GQgVsrjVVMlSAFuWdvTUrn22b6uWEjoTTY7SavFSsJJRrApPHvdUG3V5r6onWAnXETn3H3ZdQVrG2mQHoWXnVW7cYFQ71Fj91T6MSrnEWbMYWHBXmr3qRUrN1EFy5bnl2a6tUAAENnAJWAXsQTuZcURrQ4CIjxBEZdYB7yubfM1bfDaH&mediaDataID=7665496&mediaName=frame.html
Frame ID: 801E9D3B62B7F808BBDE374842EA6019
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a8mW8Za0bnd1UBi1EanPUQEWUYYWHY0mr3rRUbtXEUt3T3h4EQXoTZbHYF7gWt7Xm67DnVvomHML5TUh3tmq5mjFnbQIYGrT1cZbYXGFnmqB43FFSWbvHUmU1REnRPcBnSdYr0tfmWmUO4sQ10brDTPqn2Pr8R6bB4Hrs1dBJmWey5PM14VUgTsJdUcb8R6FOWd3WTF7R3berUqQmTTn7QqZbKSGjAQFewSt7iUVb52Fy4mWqOOQQyM8EGtGqWosYZdoqEHEuRRk6&mediaDataID=11409366&mediaName=frame.html
Frame ID: E125CE4761E66C39FFDF43CD5D8C362F
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=acmX1pUcbhPP3wTH3RWbfY5bTnVE3nWTnlQTUJSVZbCRbEmSHviVVYT5biumWqs0a6v2trZdQcMZc46QZdmdAtTt37YFYiXFJ9XqIMSUJATFBYTtrXoFFoRbJNYqFt3TFg2TYRmqbD1rj9WHbSoPQIms7ppt3H3qn92WIN5PvZaprMEXsfW1cZb21sronqZb42bQ2WUJHUm34Qqj4QcBoStUrYtvuVQBu4sAmMBmZdpqv02V29taB7nDAWy8XbT8aYpb6MvpaEPPXlmDjYAblowi&mediaDataID=9148826&mediaName=frame.html
Frame ID: 7F9613DE1AF895D82E54C36D3238C767
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=admV8EXG7upT7U3U35TrFHUA32PaUSPcrMQtBv1tbuTmYw3sYUYUnIUP6v46Zb7RmrA2H3O0tJCntEw36YR5V76UGvlVsB8PAvoTWFPTbM05bZanVabpWqrlQaBZcQVBZaRFAvRdvdUV3U2FumotZasYEew3WQBQsJZc5PnHotXsVWJhXUf91Ube1qArPrMZbTbUSWdn4oFjnQbMnYEJp3TUa2a7RmbYD1rTZamSATWEy7pBP4UCXkuUP1uByF1fh7iZb&mediaDataID=4056396&mediaName=frame.html
Frame ID: 6D1E348D2F1D334FEFF1772C15828593
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aemXLtXaiqPbQEWFQ5VdM4or3nQrJqXqMy5TBe4aMRoEBBXrZbfTHBSn6bCnV7pmW7D3T373Wuy5P7ZcprMZdXcbPXGrT1VBnpEF42bFQWUnEUA32PqY4QGnMQHUNYtfsTP3p2VY40UrJVmqn2Ar7QPMD3dvn0dMCmHao5mBS3srgTVJ6UcnfRPZbyTHn3TFfP2ranUEQpWaB6QTZbKQVQCRruvRsFdUVawxQ3tW9750pUYwoIZbsSTDube83DJ4nR2a2RuKNPXBOrfbmmibYc3es0ZdH7r&mediaDataID=8039566&mediaName=frame.html
Frame ID: 976A8FC5F17EA6BEE4DF9C03A0B35D04
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=afmUCkPP3xWd3WUUJ12banUqYxWaBaQEvFSVFZcPravPW3bVVM55F2mnHuyXEew4tjFQVbZa4PBFotAqVWJ6XFbaXrf71qAMPrrZbTbB4WdJ3orjmQUbpXqvy5aUl2an2oaFIYUZb8WHFRoAnKpVYpptfA2qvl3HZay46BGnbbZc0Gn0YVF1XGZbonaJQ2rn2WrbZcVPY3RqY1PVFoQtYwYtvuT6bp2Hb40UZacnaQsvTXIRdyDMDBEWWwNXB&mediaDataID=6807466&mediaName=frame.html
Frame ID: 6745825E88E9FE6D26D4D959FDDEF384
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html
Frame ID: C046C34FD038264F086390FC08F728D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5177611512099267&output=html&h=280&slotname=9768875965&adk=119334486&adf=3965729264&pi=t.ma~as.9768875965&w=728&fwrn=16&fwrnh=100&rafmt=1&format=728x280&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685780543587&bpp=7&bdt=1239&idt=791&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&correlator=3351807344251&frm=24&ife=1&pv=2&ga_vid=2139838798.1685780544&ga_sid=1685780544&ga_hid=1861089368&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=483911688&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C44788441%2C21065724&oid=2&pvsid=2848423949487195&tmod=1927934151&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.aprtpp4m1ul9&fsb=1&dtd=875
Frame ID: 8E84928BC05E98F2CF447464699A1931
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5177611512099267&output=html&h=250&slotname=9692205016&adk=2440500830&adf=3965729262&pi=t.ma~as.9692205016&w=300&format=300x250&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685780544302&bpp=10&bdt=1950&idt=246&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&correlator=2923761793953&frm=24&ife=1&pv=2&ga_vid=712592041.1685780545&ga_sid=1685780545&ga_hid=134272012&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3123616527&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31071756%2C31074199%2C44788441%2C44793498&oid=2&pvsid=4392376526608583&tmod=1408234999&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.goulys38htqt&fsb=1&dtd=314
Frame ID: 3CB18BD462791305546A0C16BA0C752F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

73
Requests

78 %
HTTPS

50 %
IPv6

18
Domains

23
Subdomains

17
IPs

3
Countries

725 kB
Transfer

2014 kB
Size

Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5683423891543025&output=html&h=90&slotname=3835126996&adk=694708807&adf=192984970&pi=t.ma~as.3835126996&w=728&lmt=1685780540&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685780539915&bpp=114&bdt=518&idt=972&shv=r20230531&mjsv=m202305310101&ptt=5&saldr=sa&abxe=1&correlator=2545124872431&frm=20&pv=2&ga_vid=358966422.1685780541&ga_sid=1685780541&ga_hid=2015430318&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=103&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074990%2C31075004%2C44785294%2C44788441&oid=2&pvsid=1084791093110873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aGjXrMgej5&p=https%3A//uhgy.v5-amironetwork.site&dtd=1108 HTTP 302
https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp

Request Chain 22

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5683423891543025&output=html&h=250&slotname=8684128999&adk=420014537&adf=3304480808&pi=t.ma~as.8684128999&w=300&lmt=1685780541&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685780540197&bpp=75&bdt=800&idt=919&shv=r20230531&mjsv=m202305310101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3835126996%2C9482378846&correlator=2545124872431&frm=20&pv=1&ga_vid=358966422.1685780541&ga_sid=1685780541&ga_hid=2015430318&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074990%2C31075004%2C44785294%2C44788441&oid=2&pvsid=1084791093110873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1X027zzk6S&p=https%3A//uhgy.v5-amironetwork.site&dtd=961 HTTP 302
https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp

Request Chain 54

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662100083556765&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662100083556765&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b13&u=87828728312791226411281760687402573006

Request Chain 55

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662100083556765%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662100083556765%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662100083556765&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D

Request Chain 56

https://tags.bluekai.com/site/4229?id=18072662100083556765&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

Request Chain 57

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662100083556765&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662100083556765&C=1 HTTP 302
https://a.tribalfusion.com/i.match?p=b20&u=ZHr4QEd.XBiuizjQicI-pAAA

Request Chain 58

https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=d8b6f461-b5b6-453f-80ed-88877445ccf8

Request Chain 59

https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662100083556765&_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662100083556765&_origin=1&redir=true&verify=true HTTP 302
https://a.tribalfusion.com/i.match?p=b17&u=y-zmenlEtE2ugq9f5S8TNtrHWMB.IqMk4-~A

Request Chain 60

https://a.tribalfusion.com/i.match?p=b10&u=18072662100083556765&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662100083556765&expires=180

Request Chain 62

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662100083556765 HTTP 302
https://a.tribalfusion.com/i.match?p=b23&u=213180604536004219434

Request Chain 63

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662100083556765&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662100083556765&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=c4d38873-01e7-11ee-931a-1aefacef0403 HTTP 302
https://a.tribalfusion.com/i.match?p=b19&u=c4d3881d-01e7-11ee-931a-1aefacef0403

Request Chain 64

https://thrtle.com/insync?vxii_pid=10078&vxii_pdid=18072662100083556765&vxii_r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db31%26u%3D%24%7Btid%7D HTTP 302
https://thrtle.com/insync?vxii_pdid=18072662100083556765&vxii_pid=12&vxii_pid1=10078&vxii_r1=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db31%26u%3D%24%7Btid%7D&vxii_rcid=5a396d38-e992-429a-aaa7-9bda8c4f3adc HTTP 302
https://a.tribalfusion.com/i.match?p=b31&u=5a396d38-e992-429a-aaa7-9bda8c4f3adc

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662100083556765 HTTP 302
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEONSkOOXlkvhAr34MsA00Ho&google_cver=1&google_ula=2786954,0

Request Chain 66

https://a.tribalfusion.com/i.match?p=b22&u=18072662100083556765&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662100083556765

Request Chain 67

https://a.tribalfusion.com/i.match?p=b24&u=18072662100083556765&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662100083556765

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
uhgy.v5-amironetwork.site/ 49 KB
9 KB 2144ms
953ms Document
text/html 185.143.234.122
ARVANCLOUD-CDN-

General

Check archive.org

Show headers Download Go to

Full URL

https://uhgy.v5-amironetwork.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR),

Reverse DNS

Software

ArvanCloud / ASP.NET

Resource Hash

92f5bbf071461322a478e811a172def984d73be81483f811078604061cf0dbbc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private
content-encoding: br
content-type: text/html
date: Sat, 03 Jun 2023 08:22:19 GMT
server: ArvanCloud
server-timing: total;dur=785
vary: Accept-Encoding
x-cache: BYPASS
x-powered-by: ASP.NET
x-request-id: 0759d3fa61d1868d71887775fd31c97d
x-sid: 4102
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK styles.css
translation2.paralink.com/css/ 13 KB
13 KB 409ms
103ms Stylesheet
text/css 207.38.103.240
DATABANK-LATISYS

General

Check archive.org

Show headers Download Go to

Full URL: https://translation2.paralink.com/css/styles.css?v=1.4
Requested by: Host: uhgy.v5-amironetwork.site
URL: https://uhgy.v5-amironetwork.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US),
Reverse DNS
Software: Microsoft-IIS/6.0 / ASP.NET
Resource Hash: 85333a5c85f48ba8562864ee65c09fc66b27bf84f93ee5e211d4037b5d4cbe49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 08:22:19 GMT
Last-Modified: Sat, 22 Apr 2023 18:56:00 GMT
Server: Microsoft-IIS/6.0
ETag: "0e023144c75d91:ae6b3"
X-Powered-By: ASP.NET
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12807

GET
H/1.1 200
OK scripts.js Show response
translation2.paralink.com/js/ 25 KB
25 KB 412ms
106ms Script
application/x-javascript 207.38.103.240
DATABANK-LATISYS

General

Check archive.org

Show headers Download Go to

Full URL: https://translation2.paralink.com/js/scripts.js?v=1.4
Requested by: Host: uhgy.v5-amironetwork.site
URL: https://uhgy.v5-amironetwork.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US),
Reverse DNS
Software: Microsoft-IIS/6.0 / ASP.NET
Resource Hash: cb82756945488e584e6b5491e0496f2e89b883be641659ce2810e776de55db84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 08:22:19 GMT
Last-Modified: Sat, 22 Apr 2023 18:58:00 GMT
Server: Microsoft-IIS/6.0
ETag: "06caa5b4c75d91:83885"
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 25319

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 122 KB
48 KB 276ms
61ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-93979-3

Requested by

Host: uhgy.v5-amironetwork.site
URL: https://uhgy.v5-amironetwork.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e74e1190bd1d9b49725d39022c8f5b7ae2b23745603a146617c2f297f0b4f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48317
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 08:22:20 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 92 KB
32 KB 176ms
69ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: uhgy.v5-amironetwork.site
URL: https://uhgy.v5-amironetwork.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c52d2bf0d1cafbfa2bebe2ce95926c9df75068010f5e677d6376b71bbe090388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32381
x-xss-protection: 0
server: cafe
etag: 17042692365612527120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 08:22:19 GMT

GET
H/1.1 200
OK Support-Our-Development-Ko.png
translation2.paralink.com/img/ 3 KB
3 KB 122ms
98ms Image
image/png 207.38.103.240
DATABANK-LATISYS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://translation2.paralink.com/img/Support-Our-Development-Ko.png
Requested by: Host: uhgy.v5-amironetwork.site
URL: https://uhgy.v5-amironetwork.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US),
Reverse DNS
Software: Microsoft-IIS/6.0 / ASP.NET
Resource Hash: 14ca4f15c5e4303ffc5f603d34a2111202466af56d0eb54f8d27bc17685a9d98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 08:22:19 GMT
Last-Modified: Sat, 22 Apr 2023 18:57:00 GMT
Server: Microsoft-IIS/6.0
ETag: "026e7374c75d91:83885"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2667

GET
H/1.1 200
OK ImT-logo.gif
translation2.paralink.com/img/ 752 B
1 KB 119ms
95ms Image
image/gif 207.38.103.240
DATABANK-LATISYS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://translation2.paralink.com/img/ImT-logo.gif
Requested by: Host: uhgy.v5-amironetwork.site
URL: https://uhgy.v5-amironetwork.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US),
Reverse DNS
Software: Microsoft-IIS/6.0 / ASP.NET
Resource Hash: f49a95f1bd2919438a04dd4bb7257f5467acf0bbe6ec109701a4683be4d68e28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 08:22:19 GMT
Last-Modified: Sat, 22 Apr 2023 18:57:00 GMT
Server: Microsoft-IIS/6.0
ETag: "026e7374c75d91:ae6b3"
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 752

GET
H/1.1 200
OK box.gif
translation2.paralink.com/img/ 1 KB
1 KB 217ms
89ms Image
image/gif 207.38.103.240
DATABANK-LATISYS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://translation2.paralink.com/img/box.gif
Requested by: Host: uhgy.v5-amironetwork.site
URL: https://uhgy.v5-amironetwork.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US),
Reverse DNS
Software: Microsoft-IIS/6.0 / ASP.NET
Resource Hash: cb524103f938b9db7f4d6ccf41250cd22458f1dfb83701231f018c9f20fea5be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 08:22:19 GMT
Last-Modified: Sat, 22 Apr 2023 18:57:00 GMT
Server: Microsoft-IIS/6.0
ETag: "026e7374c75d91:ae6b3"
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1024

GET
H/1.1 200
OK speaker.gif
translation2.paralink.com/img/ 2 KB
2 KB 220ms
92ms Image
image/gif 207.38.103.240
DATABANK-LATISYS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://translation2.paralink.com/img/speaker.gif
Requested by: Host: uhgy.v5-amironetwork.site
URL: https://uhgy.v5-amironetwork.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US),
Reverse DNS
Software: Microsoft-IIS/6.0 / ASP.NET
Resource Hash: 4db411de619cc7d9410fef1f170f1ca80d56560fe9ab64820cb386adc462a65b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 08:22:20 GMT
Last-Modified: Sat, 22 Apr 2023 18:57:00 GMT
Server: Microsoft-IIS/6.0
ETag: "026e7374c75d91:83885"
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1774

GET
H/1.1 200
OK ImT-logo-big.gif
translation2.paralink.com/img/ 1 KB
1 KB 284ms
88ms Image
image/gif 207.38.103.240
DATABANK-LATISYS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://translation2.paralink.com/img/ImT-logo-big.gif
Requested by: Host: uhgy.v5-amironetwork.site
URL: https://uhgy.v5-amironetwork.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US),
Reverse DNS
Software: Microsoft-IIS/6.0 / ASP.NET
Resource Hash: 26676486e16da3a08f2deae4f3838148491e0b9cb206d7bc20c17d05b2135f9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 08:22:20 GMT
Last-Modified: Sat, 22 Apr 2023 18:57:00 GMT
Server: Microsoft-IIS/6.0
ETag: "026e7374c75d91:ae6b3"
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1099

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 44 KB
15 KB 177ms
45ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: uhgy.v5-amironetwork.site
URL: https://uhgy.v5-amironetwork.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e664ff627fa057cb49704f616b51e2bb69cb23e8f03c3f2a7e3c71734d9501fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 12:58:19 GMT
server: cloudflare
age: 15251
etag: W/"6479e76b-ae4f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7d1687176d2f62fd-ORD
expires: Sat, 03 Jun 2023 16:08:09 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/ 351 KB
118 KB 533ms
491ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js?bust=31075004

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a6f82d6abd21816f9dc7a9f3013a6b043717b8be9df68379d61df3fa79385b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120630
x-xss-protection: 0
server: cafe
etag: 2901468183903319123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 08:22:20 GMT

GET
H/1.1 200
OK t2-set.png
translation2.paralink.com/img/ 965 B
1 KB 99ms
89ms Image
image/png 207.38.103.240
DATABANK-LATISYS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://translation2.paralink.com/img/t2-set.png
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/css/styles.css?v=1.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US),
Reverse DNS
Software: Microsoft-IIS/6.0 / ASP.NET
Resource Hash: dd105974ecac0027e187ae1ca2cc3aa4d0ec1d688fb0b2ac26794b46822678f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/css/styles.css?v=1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 08:22:20 GMT
Last-Modified: Sat, 22 Apr 2023 18:57:00 GMT
Server: Microsoft-IIS/6.0
ETag: "026e7374c75d91:83885"
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 965

GET
H2 404 js
www.googletagmanager.com/gtag/ 0
0 62ms
60ms Script
text/html 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-L5G253TYHN&l=dataLayer&cx=c
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93979-3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 150ms
45ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93979-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 08:11:08 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 672
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 03 Jun 2023 10:11:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
46 KB 64ms
63ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-93979-13&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93979-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c34d70a3ec2c6e066c05181789c182adab435fc197a8c5199e9262e8f4b51b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 08:22:20 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 193 B
478 B 134ms
109ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=1124078&u1=FD548B3DD2574F179EDB6EA969FE7B71&java=1&security=835b2414&sc_snum=1&sess=c61bc8&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//uhgy.v5-amironetwork.site/&t=Free%20Translation%20Online&invisible=1&sc_rum_e_s=3103&sc_rum_e_e=3128&sc_rum_f_s=0&sc_rum_f_e=2859&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f62edd4d137ec20dfecec1bc8b0baade5c633956bd1cff9db4f4614e7085f425

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://uhgy.v5-amironetwork.site
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 7d1687199dfa62fd-ORD
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
213 B 68ms
66ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2015430318&t=pageview&_s=1&dl=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&ul=en-us&de=UTF-8&dt=Free%20Translation%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1271488275&gjid=1097335268&cid=358966422.1685780541&tid=UA-93979-3&_gid=986792763.1685780541&_r=1&gtm=457e35v0&jsscut=1&z=1074079681

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://uhgy.v5-amironetwork.site/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 08:22:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uhgy.v5-amironetwork.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 74ms
73ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2015430318&t=pageview&_s=1&dl=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&ul=en-us&de=UTF-8&dt=Free%20Translation%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1548424856&gjid=1709551097&cid=358966422.1685780541&tid=UA-93979-13&_gid=986792763.1685780541&_r=1&gtm=457e35v0&jsscut=1&z=272569162

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://uhgy.v5-amironetwork.site/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 08:22:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uhgy.v5-amironetwork.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 407 B
611 B 1078ms
58ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=uhgy.v5-amironetwork.site&callback=_gfp_s_&client=ca-pub-5683423891543025

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js?bust=31075004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c8af4f9cc3d75bb08efe7fc924fb295bf9cd053574565bc4ea667dbb60efe94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 1057ms
59ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=uhgy.v5-amironetwork.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js?bust=31075004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://uhgy.v5-amironetwork.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H/1.1

200
OK

TF_PROMTOnline_ROSB_728x90.asp Show response
translation2.paralink.com/BANNERS/Ad_networks/TF/ Frame 7E2B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5683423891543025&output=html&h=90&slotname=3835126996&adk=694708807&adf=192984970&pi=t.ma~as.3835126996&w=728&lmt=1685780540&url=https%3...
https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp

262 B
560 B

98ms
89ms

Document
text/html

207.38.103.240
DATABANK-LATISYS

General

Check archive.org

Show headers Download Go to

Full URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js?bust=31075004
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US),
Reverse DNS
Software: Microsoft-IIS/6.0 / ASP.NET
Resource Hash: bee43429a2bfeecd51d6e8cd109936eb2131580c631fa7110d71b9e2fec24a09

Request headers

Referer: https://uhgy.v5-amironetwork.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-control: private
Connection: Keep-Alive
Content-Length: 262
Content-Type: text/html
Date: Sat, 03 Jun 2023 08:22:22 GMT
Keep-Alive: timeout=5, max=99
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 08:22:22 GMT
location: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C46 603 B
507 B 187ms
77ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5177611512099267&output=html&h=60&slotname=9482378846&adk=2700236837&adf=111965227&pi=t.ma~as.9482378846&w=468&lmt=1685780541&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685780540061&bpp=91&bdt=664&idt=988&shv=r20230531&mjsv=m202305310101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3835126996&correlator=2545124872431&frm=20&pv=2&ga_vid=358966422.1685780541&ga_sid=1685780541&ga_hid=2015430318&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=135&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074990%2C31075004%2C44785294%2C44788441&oid=2&pvsid=1084791093110873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OtqmKiM3m7&p=https%3A//uhgy.v5-amironetwork.site&dtd=1046

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js?bust=31075004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uhgy.v5-amironetwork.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 08:22:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

TF_PROMTOnline_ROSB_300x250.asp Show response
translation2.paralink.com/BANNERS/Ad_networks/TF/ Frame 8B78
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5683423891543025&output=html&h=250&slotname=8684128999&adk=420014537&adf=3304480808&pi=t.ma~as.8684128999&w=300&lmt=1685780541&url=https...
https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp

264 B
562 B

88ms
88ms

Document
text/html

207.38.103.240
DATABANK-LATISYS

General

Check archive.org

Show headers Download Go to

Full URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305310101/show_ads_impl_fy2021.js?bust=31075004
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US),
Reverse DNS
Software: Microsoft-IIS/6.0 / ASP.NET
Resource Hash: 7550f8b99af7bb456f19ae659dd656fba05043249af4c7bc7b2e95b0877de1b1

Request headers

Referer: https://uhgy.v5-amironetwork.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-control: private
Connection: Keep-Alive
Content-Length: 264
Content-Type: text/html
Date: Sat, 03 Jun 2023 08:22:22 GMT
Keep-Alive: timeout=5, max=99
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 08:22:22 GMT
location: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/PROMTOnline/ROSB/ Frame 7E2B 59 KB
14 KB 233ms
86ms Script
application/x-javascript 2606:4700::6812:ddb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/PROMTOnline/ROSB/tags.js
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32236f4e4ebe13869662dbf2486d46a3641243877b406561b5029890ca337f05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400
content-length: 14134
x-function: 151
last-modified: Fri, 17 Feb 2023 18:05:21 GMT
server: cloudflare
x-reuse-index: 63
etag: 8129062082745509459
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 7d168726ba4c2c4c-ORD
expires: Sat, 03 Jun 2023 09:22:22 GMT

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/PROMTOnline/ROSB/ Frame 8B78 59 KB
14 KB 466ms
321ms Script
application/x-javascript 2606:4700::6812:ddb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/PROMTOnline/ROSB/tags.js
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32236f4e4ebe13869662dbf2486d46a3641243877b406561b5029890ca337f05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400
content-length: 14134
x-function: 151
last-modified: Fri, 17 Feb 2023 18:05:21 GMT
server: cloudflare
x-reuse-index: 1
etag: 8129062082745509459
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 7d168726ba4e2c4c-ORD
expires: Sat, 03 Jun 2023 09:22:22 GMT

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame 7E2B 677 B
869 B 179ms
80ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.9&th=7109505338
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PROMTOnline/ROSB/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78c0a947c28928b20790b41fec49a66111cf4abcbf676469c0ec8c02bd1557c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 153
last-modified: Fri, 17 Feb 2023 18:04:49 GMT
server: cloudflare
x-reuse-index: 1586
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private
cf-ray: 7d1687280dc1111e-ORD
alt-svc: h3=":443"; ma=86400
content-length: 330
expires: Fri, 01 Sep 2023 08:22:22 GMT

GET
H2 200 j.ad Show response
s.tribalfusion.com/ Frame 7E2B 6 KB
3 KB 85ms
84ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7109505338&tagKey=1143392997&site=promtonline&adSpace=rosb&center=1&size=728x90&env=display&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&f=1&p=463892&tKey=ahmneMSrnEWbMYWHBXmr3q2cfFP4HvKK&a=1&adContainerId=richmedia_2&rnd=459528
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PROMTOnline/ROSB/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db02176e0887dcc0ae98f0a6a6485360b2761b2f6822e14c41e617ab3e91c0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 08:22:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 101
server: cloudflare
x-reuse-index: 889
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 7d1687289e92111e-ORD
alt-svc: h3=":443"; ma=86400
content-length: 2542
expires: 0

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame 8B78 677 B
657 B 87ms
86ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.9&th=7109505338
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PROMTOnline/ROSB/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5901ee5ed7a580563bd323dfb3642d98f416df1b7b7f776c4219ba79fc72a9b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 153
last-modified: Fri, 17 Feb 2023 18:04:49 GMT
server: cloudflare
x-reuse-index: 1592
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private
cf-ray: 7d168728ceaa111e-ORD
alt-svc: h3=":443"; ma=86400
content-length: 329
expires: Fri, 01 Sep 2023 08:22:22 GMT

GET
H2 200 pubcode.min.js Show response
secure.cdn.fastclick.net/js/adcodes/ Frame 7E2B 10 KB
4 KB 244ms
47ms Script
application/javascript 23.5.231.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/adcodes/pubcode.min.js?sid=25418&placement_id=48e12fda-6e23-40cd-9806-87de6911b0f8&version=1.4&exc=1
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7109505338&tagKey=1143392997&site=promtonline&adSpace=rosb&center=1&size=728x90&env=display&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&f=1&p=463892&tKey=ahmneMSrnEWbMYWHBXmr3q2cfFP4HvKK&a=1&adContainerId=richmedia_2&rnd=459528
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.231.217 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-5-231-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: aeb4e91ace2fa32384064caa3eb3d1355e938bbb7d0a86b0b5280ee649d24544

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 22:08:18 GMT
server: Apache
etag: "269f-5a7c214d0c865-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3788

GET
H2 200 ipg
a4.tribalfusion.com/ Frame 7E2B 43 B
291 B 191ms
97ms Image
image/gif 104.18.12.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4.tribalfusion.com/ipg?ip6=2602:ffc8:1:1::3&kv=%7B%22ord%22%3A%201028167694%2C%20%22clientID%22%3A%20223253%7D
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 08:22:23 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d168729b87b8133-ORD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 j.ad Show response
s.tribalfusion.com/ Frame 8B78 3 KB
2 KB 87ms
86ms Script
application/x-javascript 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7109505338&tagKey=1143392997&site=promtonline&adSpace=rosb&center=1&size=300x250&env=display&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&f=1&p=464735&tKey=awmneM5UXooWIrYE6y2dfA3rftP4HeHW&a=1&adContainerId=richmedia_2&rnd=461452
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/PROMTOnline/ROSB/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 626b99f729fa948c361495aa5aea71d0e79575f4ca76ca897440592189a80cc9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 08:22:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 101
server: cloudflare
x-reuse-index: 778
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 7d1687295bdb86f8-ORD
alt-svc: h3=":443"; ma=86400
content-length: 1492
expires: 0

GET
H2 200 pubcode.min.js Show response
secure.cdn.fastclick.net/js/adcodes/ Frame 8B78 10 KB
4 KB 121ms
47ms Script
application/javascript 23.5.231.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/adcodes/pubcode.min.js?sid=25418&placement_id=ee56d712-b0ff-4180-edc0-26516b03e619&version=1.4&exc=1
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7109505338&tagKey=1143392997&site=promtonline&adSpace=rosb&center=1&size=300x250&env=display&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&f=1&p=464735&tKey=awmneM5UXooWIrYE6y2dfA3rftP4HeHW&a=1&adContainerId=richmedia_2&rnd=461452
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.231.217 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-5-231-217.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: aeb4e91ace2fa32384064caa3eb3d1355e938bbb7d0a86b0b5280ee649d24544

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 22:08:18 GMT
server: Apache
etag: "269f-5a7c214d0c865-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3788

GET
H2 200 ipg
a4.tribalfusion.com/ Frame 8B78 43 B
101 B 80ms
79ms Image
image/gif 104.18.12.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4.tribalfusion.com/ipg?ip6=2602:ffc8:1:1::3&kv=%7B%22ord%22%3A%201028167952%2C%20%22clientID%22%3A%20223253%7D
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 08:22:23 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d168729e88e8133-ORD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 get.media Show response
direct.ad.cpe.dotomi.com/w/ Frame 7E2B 598 B
824 B 178ms
42ms Script
text/html 2606:ae80:1451:18::1780
VALUECLICK

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.ad.cpe.dotomi.com/w/get.media?sid=25418&d=j&t=n&vcm_acv=1.4&version=1.12&c=0.6897554566073101&vcm_ifr=1&vcm_xy=-1..-1&vcm_vv=true&vcm_vm=false&vcm_pr=https%3A//translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp&vcm_tr=&vcm_cr=&mo=0&placement_id=48e12fda-6e23-40cd-9806-87de6911b0f8
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/adcodes/pubcode.min.js?sid=25418&placement_id=48e12fda-6e23-40cd-9806-87de6911b0f8&version=1.4&exc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:ae80:1451:18::1780 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: ba585fe0ef95be5c7c0f9f7f8546f4aaae809c775bd092f2318a52549fe7106b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: text/html
pragma: no-cache
date: Sat, 03 Jun 2023 08:22:23 GMT
cache-control: no-cache
server: nginx
content-length: 598
expires: 0

GET cookie_sync
cookie.sync.ad.cpe.dotomi.com/w/ Frame 7E2B 0
0

GET
H2 200 get.media Show response
direct.ad.cpe.dotomi.com/w/ Frame 8B78 518 B
743 B 170ms
47ms Script
text/html 2606:ae80:1451:18::1780
VALUECLICK

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.ad.cpe.dotomi.com/w/get.media?sid=25418&d=j&t=n&vcm_acv=1.4&version=1.12&c=0.7706735225649453&vcm_ifr=1&vcm_xy=-1..-1&vcm_vv=true&vcm_vm=false&vcm_pr=https%3A//translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp&vcm_tr=&vcm_cr=&mo=0&placement_id=ee56d712-b0ff-4180-edc0-26516b03e619
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/adcodes/pubcode.min.js?sid=25418&placement_id=ee56d712-b0ff-4180-edc0-26516b03e619&version=1.4&exc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:ae80:1451:18::1780 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: aa4e75cbcc0e6fc23100bcdf12e6f99d0b7f5ee3fd8b0542cf3bd9b7b4c2a288

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: text/html
pragma: no-cache
date: Sat, 03 Jun 2023 08:22:23 GMT
cache-control: no-cache
server: nginx
content-length: 518
expires: 0

GET cookie_sync
cookie.sync.ad.cpe.dotomi.com/w/ Frame 8B78 0
0

GET
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7E2B 136 KB
46 KB 75ms
73ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: direct.ad.cpe.dotomi.com
URL: https://direct.ad.cpe.dotomi.com/w/get.media?sid=25418&d=j&t=n&vcm_acv=1.4&version=1.12&c=0.6897554566073101&vcm_ifr=1&vcm_xy=-1..-1&vcm_vv=true&vcm_vm=false&vcm_pr=https%3A//translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp&vcm_tr=&vcm_cr=&mo=0&placement_id=48e12fda-6e23-40cd-9806-87de6911b0f8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47355
x-xss-protection: 0
server: cafe
etag: 5143471701908949658
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 08:22:23 GMT

GET
H3 200 p.media
s.tribalfusion.com/ Frame 2E4E 381 B
538 B 126ms
125ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a0mW0LpdEx36YR3cvcVsFaUcJlPA3OTdM3Urf23bAuUaQmWTQlPTMZcRs3BPbumPWfcWGr54bevmtit0qmu2HfFPcFB26vHmtayUdQcYrfa1Ube0qZamPrrZbUbBXTtYYoFfxPrjr1EMs3TZbl2qY1naMBXF7dUtB0n6QBnV7mmHnJ3qZbi5tEm4mZbIpbQEYsM0XsM5XsFxmanQ3UJSTFnZcUA7TPrB0ScZaXq9evypiXTdEuv9aG282dprjXxBPmorX8PaQERZcMMAF&mediaDataID=6546596&mediaName=frame.html
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d16872bfd9f86f8-ORD
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 08:22:23 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 71

GET
H3 200 p.media
s.tribalfusion.com/ Frame 9220 264 B
473 B 114ms
113ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a1mWRK3A7ZdprMLXsbQXsr5XGBMmarU2FM2VFbCWAMTRTYXPcUMPtfN0WrxVPbw4cJ5XF3DTPau4AU6R6bB2tBr1tnZbptPo3mMY4GjdUsJdUcjkSPvxUdv3UUn25UiwUEjrVTY7PTnFSVfBQbumRWMiVGM54Uyvnt6m0qyy3H3EPsMB56JZbmdAyTHQ60b3kXF7lXTaoSFJCUrB3Wd3TnFJqRFJs1qvy3TUa2a7Ytq7I1mmHqpZayPbfB3S24V8QoZcB79i9&mediaDataID=5578346&mediaName=frame.html
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d16872bfda086f8-ORD
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 08:22:23 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 73

GET
H3 200 p.media
s.tribalfusion.com/ Frame 2E75 259 B
471 B 111ms
110ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a2mVwBmdArVWJ7XF3iXrQgXaasSUMBWbvSVt31mrZbxRFJtXE3y4Tfl5EjQmaMB1b39UWjXm67DnVvomHnC3aBh2WAp3PnGpbYEYsfWXsF2XGjvnqjT3rv2VrnFUAn0Rq3QQGUsStjOYt7pTm3w3GB2YbvZbTAPu5mrePmMA4WUO0dBZbpdIN5mQU5sYgUV3jVsFhP6vuTWZbRUrn55b2uUqjvVbjaSTA6sCiZctnjYPAqLsD2lwPeAXdrHZds&mediaDataID=2713736&mediaName=frame.html
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d16872bfda786f8-ORD
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 08:22:23 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 62

GET
H3 200 p.media
s.tribalfusion.com/ Frame 8580 447 B
568 B 109ms
108ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a3mWCZc36YP3sr6TsMaVGBhPPnnTHQRTFFP3bIqWqnvTErcPTYFRVjJQUqwRW7bUGjU4UmxmHyMXamx4dMEQcvG5PvLoWEyVHjhYUf9XFYfXaIsSrnDUrMSVHJ2orBrRbZbNYa3t3Tjk2avYoEFBXFU6TtJVmmUDmcYwoWfD5EU73Hmp3AZbKnbjIYs30XVQV1VBupaFT2bZbSVFMBUA7TREbQQWfsStTPN9EqnamS4m21ymafrFbR0d2ZatbyevGPduCaeMTAJX6Q1pk&mediaDataID=6719746&mediaName=frame.html
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d16872bfda886f8-ORD
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 08:22:23 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 72

GET
H3 200 p.media
s.tribalfusion.com/ Frame 55DB 275 B
478 B 119ms
118ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a4mW0LprMZb0GnQ1s350GfupTZbS2UnVWFJZcWArXPEvQSsnqPtZbr0tFpWAfm2cB20FFJT6yw4mFgPmbC4WUq0tZbKmHiN5PYY3cQgUVJ6VsMePPvvUtQRTrBP3U2pUqMtTanlQqYZcQVfIRr6oPWYbVcbV5rTrmWIMYTPp2tbFSGjZa4AJKmdioTWZbfXb3kXbZb91qZaqPUrHTbJ2VtFXorQxRUrNYr7t3TTBxm24WPee1o2ZamoE1qtubVD6XWVqQOQeJQEiFTF1eaa&mediaDataID=6530936&mediaName=frame.html
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d16872bfda986f8-ORD
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 08:22:23 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 227

GET
H3 200 p.media
s.tribalfusion.com/ Frame 82C2 213 B
430 B 90ms
90ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a5mW8ZaVWJ80bnbXrQe0a6qPbMCWFv1WHnWmrFtPUfN1Tvr4TZba5a3YnqnLYFU6WWrRmPvBncfuoWnB5EUg3Wyq46JKnFnE0VU0XVF11VvxpTf22UQRVbZbZcWm75REr5SVrMQWZbNYtBoT6Mu4cv2YbZbKUAXq46ngQAFK2HZbrXWYAnW2O36rQ4G36TcMjVVf8SAMxWWvWTFr53bPtUqjvTTJlQbbZcQVPdr7FrrDqZaUQymwQMaYGfHOnJSwo3avCyfwpUy0omNwg&mediaDataID=6347136&mediaName=frame.html
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d16872c3dd486f8-ORD
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 08:22:23 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 227

GET
H3 200 p.media
s.tribalfusion.com/ Frame 0862 324 B
513 B 87ms
86ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a6mWgZb3sr9VcQbWcFlSAJxWdMPUbjY2rauWqvrVTUlSEMZaRVJCQrEoSdjlWcbV2UenmtaOXT6n2tMHSGjH4PFZbpHemTdBh0rUkXbYk1qqtPbYBUrrYVdrWmFQmRUbm1qMy5qZbl2aYXoTbD1bj6TtMQnm3Zdns3updQJ3TZbh5teN5mvLpr3LXG3UYGnV1sjnmEBW5bvVWrvBWAj1REbQScZbMQGnNYtu3pqXOxoTr0SXZbmUbRvUfDyb2kwREQ47PCVCZaJ52hHZbT&mediaDataID=5436426&mediaName=frame.html
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d16872c4dda86f8-ORD
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 08:22:23 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 226

GET
H3 200 p.media
s.tribalfusion.com/ Frame 801E 201 B
425 B 107ms
107ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a7mWgZb0GnS1c35XVfypErW5UrPTUFAWPYTPEn3QcQMSdfy0t7uW6Yu3VZbVXbZbKV6am4A3ePArI2HUtXWYLnHPu4AnU5GQgVsrjVVMlSAFuWdvTUrn22b6uWEjoTTY7SavFSsJJRrApPHvdUG3V5r6onWAnXETn3H3ZdQVrG2mQHoWXnVW7cYFQ71Fj91T6MSrnEWbMYWHBXmr3qRUrN1EFy5bnl2a6tUAAENnAJWAXsQTuZcURrQ4CIjxBEZdYB7yubfM1bfDaH&mediaDataID=7665496&mediaName=frame.html
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d16872c4ddf86f8-ORD
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 08:22:23 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 5578

GET
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 8B78 136 KB
46 KB 107ms
106ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: direct.ad.cpe.dotomi.com
URL: https://direct.ad.cpe.dotomi.com/w/get.media?sid=25418&d=j&t=n&vcm_acv=1.4&version=1.12&c=0.7706735225649453&vcm_ifr=1&vcm_xy=-1..-1&vcm_vv=true&vcm_vm=false&vcm_pr=https%3A//translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp&vcm_tr=&vcm_cr=&mo=0&placement_id=ee56d712-b0ff-4180-edc0-26516b03e619

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47356
x-xss-protection: 0
server: cafe
etag: 10824942227672557934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 08:22:23 GMT

GET
H3 200 p.media
s.tribalfusion.com/ Frame E125 271 B
471 B 108ms
108ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a8mW8Za0bnd1UBi1EanPUQEWUYYWHY0mr3rRUbtXEUt3T3h4EQXoTZbHYF7gWt7Xm67DnVvomHML5TUh3tmq5mjFnbQIYGrT1cZbYXGFnmqB43FFSWbvHUmU1REnRPcBnSdYr0tfmWmUO4sQ10brDTPqn2Pr8R6bB4Hrs1dBJmWey5PM14VUgTsJdUcb8R6FOWd3WTF7R3berUqQmTTn7QqZbKSGjAQFewSt7iUVb52Fy4mWqOOQQyM8EGtGqWosYZdoqEHEuRRk6&mediaDataID=11409366&mediaName=frame.html
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d16872c5de886f8-ORD
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 08:22:23 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 1110

GET
H3 200 p.media
s.tribalfusion.com/ Frame 7F96 279 B
487 B 92ms
92ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=acmX1pUcbhPP3wTH3RWbfY5bTnVE3nWTnlQTUJSVZbCRbEmSHviVVYT5biumWqs0a6v2trZdQcMZc46QZdmdAtTt37YFYiXFJ9XqIMSUJATFBYTtrXoFFoRbJNYqFt3TFg2TYRmqbD1rj9WHbSoPQIms7ppt3H3qn92WIN5PvZaprMEXsfW1cZb21sronqZb42bQ2WUJHUm34Qqj4QcBoStUrYtvuVQBu4sAmMBmZdpqv02V29taB7nDAWy8XbT8aYpb6MvpaEPPXlmDjYAblowi&mediaDataID=9148826&mediaName=frame.html
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d16872c6df386f8-ORD
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 08:22:23 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 581

GET
H3 200 p.media
s.tribalfusion.com/ Frame 6D1E 242 B
440 B 96ms
93ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=admV8EXG7upT7U3U35TrFHUA32PaUSPcrMQtBv1tbuTmYw3sYUYUnIUP6v46Zb7RmrA2H3O0tJCntEw36YR5V76UGvlVsB8PAvoTWFPTbM05bZanVabpWqrlQaBZcQVBZaRFAvRdvdUV3U2FumotZasYEew3WQBQsJZc5PnHotXsVWJhXUf91Ube1qArPrMZbTbUSWdn4oFjnQbMnYEJp3TUa2a7RmbYD1rTZamSATWEy7pBP4UCXkuUP1uByF1fh7iZb&mediaDataID=4056396&mediaName=frame.html
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d16872c7df986f8-ORD
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 08:22:23 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 337

GET
H3 200 p.media
s.tribalfusion.com/ Frame 976A 309 B
507 B 111ms
82ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aemXLtXaiqPbQEWFQ5VdM4or3nQrJqXqMy5TBe4aMRoEBBXrZbfTHBSn6bCnV7pmW7D3T373Wuy5P7ZcprMZdXcbPXGrT1VBnpEF42bFQWUnEUA32PqY4QGnMQHUNYtfsTP3p2VY40UrJVmqn2Ar7QPMD3dvn0dMCmHao5mBS3srgTVJ6UcnfRPZbyTHn3TFfP2ranUEQpWaB6QTZbKQVQCRruvRsFdUVawxQ3tW9750pUYwoIZbsSTDube83DJ4nR2a2RuKNPXBOrfbmmibYc3es0ZdH7r&mediaDataID=8039566&mediaName=frame.html
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d16872cce4286f8-ORD
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 08:22:23 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 71

GET
H3 200 p.media
s.tribalfusion.com/ Frame 6745 302 B
500 B 102ms
80ms Document
text/html 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=afmUCkPP3xWd3WUUJ12banUqYxWaBaQEvFSVFZcPravPW3bVVM55F2mnHuyXEew4tjFQVbZa4PBFotAqVWJ6XFbaXrf71qAMPrrZbTbB4WdJ3orjmQUbpXqvy5aUl2an2oaFIYUZb8WHFRoAnKpVYpptfA2qvl3HZay46BGnbbZc0Gn0YVF1XGZbonaJQ2rn2WrbZcVPY3RqY1PVFoQtYwYtvuT6bp2Hb40UZacnaQsvTXIRdyDMDBEWWwNXB&mediaDataID=6807466&mediaName=frame.html
Requested by: Host: translation2.paralink.com
URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d16872cce4486f8-ORD
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 03 Jun 2023 08:22:23 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 119

GET
H3 200 show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ Frame 7E2B 351 KB
118 KB 107ms
106ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120656
x-xss-protection: 0
server: cafe
etag: 15018248432825449790
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 08:22:23 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/ Frame C046 10 KB
5 KB 46ms
43ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 49513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Jun 2023 18:37:10 GMT
etag: 15057649708203361565
expires: Fri, 16 Jun 2023 18:37:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET

i.match
a.tribalfusion.com/ Frame 9220
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662100083556765&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662100083556765&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://a.tribalfusion.com/i.match?p=b13&u=87828728312791226411281760687402573006

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 8580
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726621000...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726621000...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662100083556765&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...

0
0

GET
H3

200

i.match
a.tribalfusion.com/ Frame 2E75
Redirect Chain

https://tags.bluekai.com/site/4229?id=18072662100083556765&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

43 B
612 B

84ms
83ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a2mVwBmdArVWJ7XF3iXrQgXaasSUMBWbvSVt31mrZbxRFJtXE3y4Tfl5EjQmaMB1b39UWjXm67DnVvomHnC3aBh2WAp3PnGpbYEYsfWXsF2XGjvnqjT3rv2VrnFUAn0Rq3QQGUsStjOYt7pTm3w3GB2YbvZbTAPu5mrePmMA4WUO0dBZbpdIN5mQU5sYgUV3jVsFhP6vuTWZbRUrn55b2uUqjvVbjaSTA6sCiZctnjYPAqLsD2lwPeAXdrHZds&mediaDataID=2713736&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 08:22:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d1687334abf86f8-ORD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
date: Sat, 03 Jun 2023 08:22:24 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET

i.match
a.tribalfusion.com/ Frame 55DB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662100083556765&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662100083556765&C=1
https://a.tribalfusion.com/i.match?p=b20&u=ZHr4QEd.XBiuizjQicI-pAAA

0
0

GET

i.match
a.tribalfusion.com/ Frame 2E4E
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252...
https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=d8b6f461-b5b6-453f-80ed-88877445ccf8

0
0

GET

i.match
a.tribalfusion.com/ Frame 82C2
Redirect Chain

https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662100083556765&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662100083556765&_origin=1&redir=true&verify=true
https://a.tribalfusion.com/i.match?p=b17&u=y-zmenlEtE2ugq9f5S8TNtrHWMB.IqMk4-~A

0
0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0862
Redirect Chain

https://a.tribalfusion.com/i.match?p=b10&u=18072662100083556765&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662100083556765&expires=180

42 B
764 B

1122ms
883ms

Image
image/gif

69.173.151.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662100083556765&expires=180
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=a6mWgZb3sr9VcQbWcFlSAJxWdMPUbjY2rauWqvrVTUlSEMZaRVJCQrEoSdjlWcbV2UenmtaOXT6n2tMHSGjH4PFZbpHemTdBh0rUkXbYk1qqtPbYBUrrYVdrWmFQmRUbm1qMy5qZbl2aYXoTbD1bj6TtMQnm3Zdns3updQJ3TZbh5teN5mvLpr3LXG3UYGnV1sjnmEBW5bvVWrvBWAj1REbQScZbMQGnNYtu3pqXOxoTr0SXZbmUbRvUfDyb2kwREQ47PCVCZaJ52hHZbT&mediaDataID=5436426&mediaName=frame.html
Protocol: HTTP/1.1
Server: 69.173.151.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e71ccbe96f42d70fa40603ada4c96b28
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 08:22:24 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 202
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662100083556765&expires=180
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d168731db2d111e-ORD
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ Frame 8B78 351 KB
118 KB 92ms
91ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120647
x-xss-protection: 0
server: cafe
etag: 3783955926220923692
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 08:22:24 GMT

GET

i.match
a.tribalfusion.com/ Frame 801E
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662100083556765
https://a.tribalfusion.com/i.match?p=b23&u=213180604536004219434

0
0

GET

i.match
a.tribalfusion.com/ Frame 7F96
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662100083556765&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662100083556765&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=c4d38873-01e7-11e...
https://a.tribalfusion.com/i.match?p=b19&u=c4d3881d-01e7-11ee-931a-1aefacef0403

0
0

GET

i.match
a.tribalfusion.com/ Frame E125
Redirect Chain

https://thrtle.com/insync?vxii_pid=10078&vxii_pdid=18072662100083556765&vxii_r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db31%26u%3D%24%7Btid%7D
https://thrtle.com/insync?vxii_pdid=18072662100083556765&vxii_pid=12&vxii_pid1=10078&vxii_r1=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db31%26u%3D%24%7Btid%7D&vxii_rcid=5a396d38-e992-429a-aaa...
https://a.tribalfusion.com/i.match?p=b31&u=5a396d38-e992-429a-aaa7-9bda8c4f3adc

0
0

GET
H3

200

i.match
a.tribalfusion.com/ Frame 6D1E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662100083556765
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEONSkOOXlkvhAr34MsA00Ho&google_cver=1&google_ula=2786954,0

43 B
607 B

83ms
82ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEONSkOOXlkvhAr34MsA00Ho&google_cver=1&google_ula=2786954,0
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=admV8EXG7upT7U3U35TrFHUA32PaUSPcrMQtBv1tbuTmYw3sYUYUnIUP6v46Zb7RmrA2H3O0tJCntEw36YR5V76UGvlVsB8PAvoTWFPTbM05bZanVabpWqrlQaBZcQVBZaRFAvRdvdUV3U2FumotZasYEew3WQBQsJZc5PnHotXsVWJhXUf91Ube1qArPrMZbTbUSWdn4oFjnQbMnYEJp3TUa2a7RmbYD1rTZamSATWEy7pBP4UCXkuUP1uByF1fh7iZb&mediaDataID=4056396&mediaName=frame.html
Protocol: H3
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 08:22:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d1687334ab886f8-ORD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 08:22:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEONSkOOXlkvhAr34MsA00Ho&google_cver=1&google_ula=2786954,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6745
Redirect Chain

https://a.tribalfusion.com/i.match?p=b22&u=18072662100083556765&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662100083556765

0
338 B

1124ms
873ms

Image
text/plain

3.85.179.105

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662100083556765
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=afmUCkPP3xWd3WUUJ12banUqYxWaBaQEvFSVFZcPravPW3bVVM55F2mnHuyXEew4tjFQVbZa4PBFotAqVWJ6XFbaXrf71qAMPrrZbTbB4WdJ3orjmQUbpXqvy5aUl2an2oaFIYUZb8WHFRoAnKpVYpptfA2qvl3HZay46BGnbbZc0Gn0YVF1XGZbonaJQ2rn2WrbZcVPY3RqY1PVFoQtYwYtvuT6bp2Hb40UZacnaQsvTXIRdyDMDBEWWwNXB&mediaDataID=6807466&mediaName=frame.html
Protocol: H2
Server: 3.85.179.105 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by: beacon-n026-ash-prod.krxd.net
date: Sat, 03 Jun 2023 08:22:25 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1685780545
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 03 Jun 2023 08:22:24 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 974
content-type: text/html
location: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662100083556765
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d1687322b67111e-ORD
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 976A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b24&u=18072662100083556765&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662100083556765

0
0

GET
H2 200 integrator.js
adservice.google.com/adsid/ Frame 7E2B 107 B
165 B 60ms
59ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=translation2.paralink.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 403 ads
googleads.g.doubleclick.net/pagead/ Frame 8E84 603 B
68 B 86ms
85ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5177611512099267&output=html&h=280&slotname=9768875965&adk=119334486&adf=3965729264&pi=t.ma~as.9768875965&w=728&fwrn=16&fwrnh=100&rafmt=1&format=728x280&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685780543587&bpp=7&bdt=1239&idt=791&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&correlator=3351807344251&frm=24&ife=1&pv=2&ga_vid=2139838798.1685780544&ga_sid=1685780544&ga_hid=1861089368&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=483911688&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C44788441%2C21065724&oid=2&pvsid=2848423949487195&tmod=1927934151&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.aprtpp4m1ul9&fsb=1&dtd=875

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translation2.paralink.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 08:22:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js
adservice.google.com/adsid/ Frame 8B78 107 B
122 B 111ms
108ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=translation2.paralink.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translation2.paralink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 08:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 3CB1 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cookie.sync.ad.cpe.dotomi.com
URL: https://cookie.sync.ad.cpe.dotomi.com/w/cookie_sync?sid=25418&cb=0.7943935033085854

Domain: cookie.sync.ad.cpe.dotomi.com
URL: https://cookie.sync.ad.cpe.dotomi.com/w/cookie_sync?sid=25418&cb=0.3350005067243358

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b13&u=87828728312791226411281760687402573006

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662100083556765&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b20&u=ZHr4QEd.XBiuizjQicI-pAAA

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=d8b6f461-b5b6-453f-80ed-88877445ccf8

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b17&u=y-zmenlEtE2ugq9f5S8TNtrHWMB.IqMk4-~A

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b23&u=213180604536004219434

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b19&u=c4d3881d-01e7-11ee-931a-1aefacef0403

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b31&u=5a396d38-e992-429a-aaa7-9bda8c4f3adc

Domain: public-prod-dspcookiematching.dmxleo.com
URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662100083556765

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5177611512099267&output=html&h=250&slotname=9692205016&adk=2440500830&adf=3965729262&pi=t.ma~as.9692205016&w=300&format=300x250&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685780544302&bpp=10&bdt=1950&idt=246&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&correlator=2923761793953&frm=24&ife=1&pv=2&ga_vid=712592041.1685780545&ga_sid=1685780545&ga_hid=134272012&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3123616527&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31071756%2C31074199%2C44788441%2C44793498&oid=2&pvsid=4392376526608583&tmod=1408234999&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.goulys38htqt&fsb=1&dtd=314

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-L5G253TYHN&l=dataLayer&cx=c Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5177611512099267&output=html&h=60&slotname=9482378846&adk=2700236837&adf=111965227&pi=t.ma~as.9482378846&w=468&lmt=1685780541&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685780540061&bpp=91&bdt=664&idt=988&shv=r20230531&mjsv=m202305310101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3835126996&correlator=2545124872431&frm=20&pv=2&ga_vid=358966422.1685780541&ga_sid=1685780541&ga_hid=2015430318&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=135&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31074990%2C31075004%2C44785294%2C44788441&oid=2&pvsid=1084791093110873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OtqmKiM3m7&p=https%3A//uhgy.v5-amironetwork.site&dtd=1046 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cookie.sync.ad.cpe.dotomi.com/w/cookie_sync?sid=25418&cb=0.7943935033085854 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cookie.sync.ad.cpe.dotomi.com/w/cookie_sync?sid=25418&cb=0.3350005067243358 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5177611512099267&output=html&h=280&slotname=9768875965&adk=119334486&adf=3965729264&pi=t.ma~as.9768875965&w=728&fwrn=16&fwrnh=100&rafmt=1&format=728x280&url=https%3A%2F%2Fuhgy.v5-amironetwork.site%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685780543587&bpp=7&bdt=1239&idt=791&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&correlator=3351807344251&frm=24&ife=1&pv=2&ga_vid=2139838798.1685780544&ga_sid=1685780544&ga_hid=1861089368&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=483911688&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C44788441%2C21065724&oid=2&pvsid=2848423949487195&tmod=1927934151&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.aprtpp4m1ul9&fsb=1&dtd=875 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a4.tribalfusion.com
adservice.google.com
beacon.krxd.net
c.statcounter.com
cm.g.doubleclick.net
cookie.sync.ad.cpe.dotomi.com
direct.ad.cpe.dotomi.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
s.tribalfusion.com
secure.cdn.fastclick.net
simage2.pubmatic.com
tags.bluekai.com
tags.expo9.exponential.com
translation2.paralink.com
uhgy.v5-amironetwork.site
www.google-analytics.com
www.googletagmanager.com
www.statcounter.com
a.tribalfusion.com
cookie.sync.ad.cpe.dotomi.com
googleads.g.doubleclick.net
public-prod-dspcookiematching.dmxleo.com
simage2.pubmatic.com
104.18.12.14
104.20.219.77
142.251.35.162
185.143.234.122
207.38.103.240
23.197.21.62
23.5.231.217
2606:4700::6812:18ad
2606:4700::6812:ddb
2606:ae80:1451:18::1780
2607:f8b0:4006:808::2002
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2002
3.85.179.105
69.173.151.100
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
14ca4f15c5e4303ffc5f603d34a2111202466af56d0eb54f8d27bc17685a9d98
1c8af4f9cc3d75bb08efe7fc924fb295bf9cd053574565bc4ea667dbb60efe94
1db02176e0887dcc0ae98f0a6a6485360b2761b2f6822e14c41e617ab3e91c0f
26676486e16da3a08f2deae4f3838148491e0b9cb206d7bc20c17d05b2135f9d
32236f4e4ebe13869662dbf2486d46a3641243877b406561b5029890ca337f05
3e74e1190bd1d9b49725d39022c8f5b7ae2b23745603a146617c2f297f0b4f5e
4db411de619cc7d9410fef1f170f1ca80d56560fe9ab64820cb386adc462a65b
5901ee5ed7a580563bd323dfb3642d98f416df1b7b7f776c4219ba79fc72a9b4
626b99f729fa948c361495aa5aea71d0e79575f4ca76ca897440592189a80cc9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7550f8b99af7bb456f19ae659dd656fba05043249af4c7bc7b2e95b0877de1b1
78c0a947c28928b20790b41fec49a66111cf4abcbf676469c0ec8c02bd1557c9
7a6f82d6abd21816f9dc7a9f3013a6b043717b8be9df68379d61df3fa79385b1
85333a5c85f48ba8562864ee65c09fc66b27bf84f93ee5e211d4037b5d4cbe49
92f5bbf071461322a478e811a172def984d73be81483f811078604061cf0dbbc
9c34d70a3ec2c6e066c05181789c182adab435fc197a8c5199e9262e8f4b51b1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa4e75cbcc0e6fc23100bcdf12e6f99d0b7f5ee3fd8b0542cf3bd9b7b4c2a288
aeb4e91ace2fa32384064caa3eb3d1355e938bbb7d0a86b0b5280ee649d24544
ba585fe0ef95be5c7c0f9f7f8546f4aaae809c775bd092f2318a52549fe7106b
bee43429a2bfeecd51d6e8cd109936eb2131580c631fa7110d71b9e2fec24a09
c52d2bf0d1cafbfa2bebe2ce95926c9df75068010f5e677d6376b71bbe090388
cb524103f938b9db7f4d6ccf41250cd22458f1dfb83701231f018c9f20fea5be
cb82756945488e584e6b5491e0496f2e89b883be641659ce2810e776de55db84
dd105974ecac0027e187ae1ca2cc3aa4d0ec1d688fb0b2ac26794b46822678f9
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e664ff627fa057cb49704f616b51e2bb69cb23e8f03c3f2a7e3c71734d9501fd
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f49a95f1bd2919438a04dd4bb7257f5467acf0bbe6ec109701a4683be4d68e28
f62edd4d137ec20dfecec1bc8b0baade5c633956bd1cff9db4f4614e7085f425

uhgy.v5-amironetwork.site Open in urlscan Pro 185.143.234.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

73 Requests

78 %HTTPS

50 %IPv6

18 Domains

23 Subdomains

17 IPs

3 Countries

725 kBTransfer

2014 kBSize

Cookies

0 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

uhgy.v5-amironetwork.site Open in urlscan Pro
185.143.234.122 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

78 %
HTTPS

50 %
IPv6

18
Domains

23
Subdomains

17
IPs

3
Countries

725 kB
Transfer

2014 kB
Size

73 HTTP transactions
0 data transactions