adsrt.org Open in urlscan Pro
2606:4700:3035::681f:5d90  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://adshort.co/zPMIAYdY HTTP 301
   http://adsrt.org/zPMIAYdY HTTP 301
   https://adsrt.org/zPMIAYdY Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

• https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
• https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 42

• https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
• https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/12/2/8/2.gif?puid=1829295626267993156&gdpr=1&gdpr_consent= HTTP 302
• https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/12/10/7/3.gif?puid=4233768919987742&gdpr=1&gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/19/6/4.gif?puid=5eee5a740281b1d312077b59de159669&gdpr=1&gdpr_consent= HTTP 302
• https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/12/101/5/5.gif?puid=6264fd6c-2bf9-4e75-8460-b4b2cc11f667&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/108/4/6.gif?puid=c8a8f191-691b-11ea-bad1-82c39211681c&gdpr=1&gdpr_consent= HTTP 302
• https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/12/112/3/7.gif?puid=F04471DBD2D08555&gdpr=1&gdpr_consent= HTTP 302
• https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D

Request Chain 62

• https://www.google-analytics.com/r/collect?v=1&_v=j81&a=948025261&t=pageview&_s=1&dl=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=1413093053&gjid=2051067535&cid=1097856079.1584537852&tid=UA-40605702-4&_gid=1663989233.1584537852&_r=1&gtm=2ou3b2&z=323843611 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-40605702-4&cid=1097856079.1584537852&jid=1413093053&_gid=1663989233.1584537852&gjid=2051067535&_v=j81&z=323843611

Request Chain 94

• https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225473f4be5399f4d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222f7740640ca6db%22%2C%22pid%22%3A%2222205625%22%2C%22tid%22%3A%22b9c72306-ba48-4336-a2c2-e0da87270610%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%223c45050f0bce68%22%2C%22pid%22%3A%2222205626%22%2C%22tid%22%3A%228f864b25-b6b4-4651-b787-add70df47774%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22412500442e896a%22%2C%22pid%22%3A%2222205634%22%2C%22tid%22%3A%22b81dad04-0f55-4db8-8594-9dc0bd0fa761%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22598386a9c70aa5%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22369c02b0-68bb-4047-a4ec-3c68cdae813c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22668178bc4ff401%22%2C%22pid%22%3A%2222205632%22%2C%22tid%22%3A%2222a31e96-61ab-4f24-9a69-69e57feb8788%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D HTTP 302
• https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225473f4be5399f4d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222f7740640ca6db%22%2C%22pid%22%3A%2222205625%22%2C%22tid%22%3A%22b9c72306-ba48-4336-a2c2-e0da87270610%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%223c45050f0bce68%22%2C%22pid%22%3A%2222205626%22%2C%22tid%22%3A%228f864b25-b6b4-4651-b787-add70df47774%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22412500442e896a%22%2C%22pid%22%3A%2222205634%22%2C%22tid%22%3A%22b81dad04-0f55-4db8-8594-9dc0bd0fa761%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22598386a9c70aa5%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22369c02b0-68bb-4047-a4ec-3c68cdae813c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22668178bc4ff401%22%2C%22pid%22%3A%2222205632%22%2C%22tid%22%3A%2222a31e96-61ab-4f24-9a69-69e57feb8788%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D

Request Chain 95

• https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225501f111d842afc%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227df7e885ea2221%22%2C%22pid%22%3A%2222205631%22%2C%22tid%22%3A%222e130136-b2eb-423c-a1ef-a6c7b24e3b78%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2289a01be5ad1cc8%22%2C%22pid%22%3A%2222205630%22%2C%22tid%22%3A%227fc84901-6aea-4122-9ac7-f644ddd006d3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%229e55af3404bcfb%22%2C%22pid%22%3A%2222205629%22%2C%22tid%22%3A%225eabdb58-eec0-4d22-a513-5f0d93213b39%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22100dbc8ee5cff8d%22%2C%22pid%22%3A%2222205628%22%2C%22tid%22%3A%22758fffb7-6a16-429a-bd39-77c8e91d43a7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22118af6f6c421fe2%22%2C%22pid%22%3A%2222205627%22%2C%22tid%22%3A%22d55f1bf5-33b5-4135-b219-823fe9e92718%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D HTTP 302
• https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225501f111d842afc%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227df7e885ea2221%22%2C%22pid%22%3A%2222205631%22%2C%22tid%22%3A%222e130136-b2eb-423c-a1ef-a6c7b24e3b78%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2289a01be5ad1cc8%22%2C%22pid%22%3A%2222205630%22%2C%22tid%22%3A%227fc84901-6aea-4122-9ac7-f644ddd006d3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%229e55af3404bcfb%22%2C%22pid%22%3A%2222205629%22%2C%22tid%22%3A%225eabdb58-eec0-4d22-a513-5f0d93213b39%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22100dbc8ee5cff8d%22%2C%22pid%22%3A%2222205628%22%2C%22tid%22%3A%22758fffb7-6a16-429a-bd39-77c8e91d43a7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22118af6f6c421fe2%22%2C%22pid%22%3A%2222205627%22%2C%22tid%22%3A%22d55f1bf5-33b5-4135-b219-823fe9e92718%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D

Request Chain 119

• https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1584537863283&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584537863283&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&c9=

Request Chain 131

• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fsj3FB9eQNaTaD-LosX-ig&google_cm&publisher_dsp_id=340 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fsj3FB9eQNaTaD-LosX-ig&google_cm=&publisher_dsp_id=340&google_tc= HTTP 302
• https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEDMsNCxiyVDOMRCyBGXG55E&google_cver=1

Request Chain 132

• https://id5-sync.com/match?publisher_user_id=bc0ea9c9-0911-49e0-82d5-fc5fe46151c8&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
• https://id5-sync.com/c/124/124/1/1.gif?puid=bc0ea9c9-0911-49e0-82d5-fc5fe46151c8&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA HTTP 302
• https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOwcCHQCLAAAENDB-AAAAujAAA HTTP 302
• https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOwcCHQCLAAAENDB-AAAAujAAA HTTP 302
• https://id5-sync.com/c/124/101/0/2.gif?puid=8add7005-e037-4480-a49e-9be037b1884c&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA HTTP 302
• https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOrlR6w3rWitlBNc203ijRWqw32h-KhF5XAprNTg&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA HTTP 302
• https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOrlR6w3rWitlBNc203ijRWqw32h-KhF5XAprNTg&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA

Request Chain 133

• https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=bc0ea9c9-0911-49e0-82d5-fc5fe46151c8&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
• https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=bc0ea9c9-0911-49e0-82d5-fc5fe46151c8&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
• https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1585747465&external_user_id=1166419448705003399

Request Chain 134

• https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&google_tc= HTTP 302
• https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&external_user_id=CAESED648Rr8QlrSUHoKG-lgN_Y&google_cver=1

Request Chain 135

• https://id5-sync.com/match?publisher_user_id=7ec8f714-1f5e-40d6-9368-3f8ba2c5fe8a&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
• https://id5-sync.com/c/124/124/1/1.gif?puid=7ec8f714-1f5e-40d6-9368-3f8ba2c5fe8a&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA HTTP 302
• https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOwcCHQCLAAAENDB-AAAAujAAA HTTP 302
• https://id5-sync.com/c/124/101/0/2.gif?puid=8add7005-e037-4480-a49e-9be037b1884c&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA HTTP 302
• https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOs6VUzz94gCRT_Gb7muXlKiu957VrZcRFUFqA_g&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA

Request Chain 136

• https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOwcCHQCLAAAENDB-AAAAujAAA HTTP 302
• https://ice.360yield.com/match?external_user_id=6327413992027789450&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA HTTP 302
• https://ice.360yield.com/ul_cb/match?external_user_id=6327413992027789450&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA

Request Chain 137

• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vA6pyQkRSeCC1fxf5GFRyA&google_cm&publisher_dsp_id=340 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vA6pyQkRSeCC1fxf5GFRyA&google_cm=&publisher_dsp_id=340&google_tc= HTTP 302
• https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEMHZ6vHLj81uSrgPltYRank&google_cver=1

Request Chain 138

• https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=7ec8f714-1f5e-40d6-9368-3f8ba2c5fe8a&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
• https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=7ec8f714-1f5e-40d6-9368-3f8ba2c5fe8a&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
• https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1585747465&external_user_id=1166419448705003399

Request Chain 140

• https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2278ceb9754e86b8b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2271496808aa38db1%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%2205908f71-a531-4acc-915f-d1f270ad6840%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D HTTP 302
• https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2278ceb9754e86b8b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2271496808aa38db1%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%2205908f71-a531-4acc-915f-d1f270ad6840%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D

Request Chain 151

• https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1584537869733&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584537869733&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&c9=

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request zPMIAYdY Show response adsrt.org/ Redirect Chain http://adshort.co/zPMIAYdY http://adsrt.org/zPMIAYdY https://adsrt.org/zPMIAYdY	24 KB 7 KB	513ms 484ms	Document text/html	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2255efa285fb227b91920e8384a399bdb690e7e0a7488c462e2e0a519e37632 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers :method GET :authority adsrt.org :scheme https :path /zPMIAYdY pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 18 Mar 2020 13:24:11 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d38ca4f7bf277df4d98e21113e82745181584537850; expires=Fri, 17-Apr-20 13:24:10 GMT; path=/; domain=.adsrt.org; HttpOnly; SameSite=Lax; Secure AppSession=5d40105cadf50a341421e86fff4fbd7b; path=/; HttpOnly csrfToken=605e3969c3aa0f1671416637f51aecbbaa4ce727bff5f2777b379d54a423e6c76b521988cafcc6aa1e63ecf963f26957cc5d95e11a898be5bbae4282ff7fcf5e; path=/; HttpOnly expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache x-frame-options SAMEORIGIN x-robots-tag noindex, nofollow cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 575f45be38296467-FRA content-encoding br Redirect headers Date Wed, 18 Mar 2020 13:24:10 GMT Transfer-Encoding chunked Connection keep-alive Cache-Control max-age=3600 Expires Wed, 18 Mar 2020 14:24:10 GMT Location https://adsrt.org/zPMIAYdY Vary Accept-Encoding Server cloudflare CF-RAY 575f45bdfdf9d715-FRA
GET H2	200	css fonts.googleapis.com/	425 B 417 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Questrial Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6c3040da0c417bf4812b0a302b6c8ba55fa040cb5827eacf00d31a2cff4a108f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 18 Mar 2020 13:24:11 GMT server ESF date Wed, 18 Mar 2020 13:24:11 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 18 Mar 2020 13:24:11 GMT
GET H2	200	bootstrap.css static.adshort.co/link/css/	107 KB 18 KB	297ms 91ms	Stylesheet text/css	51.91.74.54 OVH
General Check archive.org Show headers Download Go to Full URL https://static.adshort.co/link/css/bootstrap.css Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.91.74.54 , France, ASN16276 (OVH, FR), Reverse DNS ns3166260.ip-51-91-74.eu Software nginx / Resource Hash 92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip tp-cache HIT last-modified Mon, 24 Feb 2020 16:45:13 GMT server nginx age 75 vary , Accept-Encoding content-type text/css status 200 x-device desktop tp-l2-cache MISS accept-ranges bytes content-length 18113
GET H2	200	link.css static.adshort.co/link/css/	5 KB 2 KB	320ms 114ms	Stylesheet text/css	51.91.74.54 OVH
General Check archive.org Show headers Download Go to Full URL https://static.adshort.co/link/css/link.css Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.91.74.54 , France, ASN16276 (OVH, FR), Reverse DNS ns3166260.ip-51-91-74.eu Software nginx / Resource Hash 9ef2e6b76c28447ceba52be082a4e1bebe5e6866d91c8b6fd74fa2ad4b932d6f Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip tp-cache HIT last-modified Mon, 24 Feb 2020 16:45:13 GMT server nginx age 75 vary , Accept-Encoding content-type text/css status 200 x-device desktop tp-l2-cache MISS accept-ranges bytes content-length 1538
GET H2	200	logo.png static.adshort.co/	10 KB 11 KB	323ms 117ms	Image image/png	51.91.74.54 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://static.adshort.co/logo.png Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.91.74.54 , France, ASN16276 (OVH, FR), Reverse DNS ns3166260.ip-51-91-74.eu Software nginx / Resource Hash 4edeb7cd021290261f7f7dc72cd26cd53ece78918bd11a23b4af3484f3a6abfa Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 18 Mar 2020 13:24:11 GMT tp-cache HIT last-modified Mon, 24 Feb 2020 16:53:20 GMT server nginx age 2732 content-type image/png status 200 content-length 10737 tp-l2-cache HIT accept-ranges bytes x-device desktop
GET H2	200	gen.js Show response ads.themoneytizer.com/s/	7 KB 3 KB	44ms 13ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/gen.js?type=2 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes content-length 2602 expires Thu, 19 Mar 2020 13:24:00 GMT
GET H2	200	requestform.js Show response ads.themoneytizer.com/s/	72 KB 10 KB	49ms 18ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 7806fa70c79be1ce4d1aad4f852348cda3392b9a9009168458a574182366caf7 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes expires Thu, 19 Mar 2020 13:24:11 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	42 KB 14 KB	87ms 38ms	Script text/javascript	216.58.206.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s20-in-f2.1e100.net Software sffe / Resource Hash f4fc9527aaeaa75017085c8a5c05e31011fc047afc155c85161c2b871a063bca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "459 / 223 of 1000 / last-modified: 1584453129" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 14364 x-xss-protection 0 expires Wed, 18 Mar 2020 13:24:11 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	75 KB 28 KB	16ms 15ms	Script application/javascript	2a00:1450:4001:817::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-40605702-4 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 78bf92e754b0cb1bc97580df900bea186668abc3e6cf3ef202756cfdae0a0b7e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br status 200 strict-transport-security max-age=31536000; includeSubDomains alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 28649 x-xss-protection 0 last-modified Wed, 18 Mar 2020 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 18 Mar 2020 13:24:11 GMT
GET H2	200	gen.js Show response ads.themoneytizer.com/s/	7 KB 3 KB	27ms 26ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/gen.js?type=6 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes content-length 2602 expires Thu, 19 Mar 2020 13:23:43 GMT
GET H2	200	requestform.js Show response ads.themoneytizer.com/s/	70 KB 10 KB	65ms 63ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=6 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash ab6ed9789a07fdf0db6133d412d9c5e5ef00e106e3a12775f4b772da75b96a39 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes expires Thu, 19 Mar 2020 13:24:11 GMT
GET H2	200	ads.js Show response adsrt.org/js/	191 B 169 B	18ms 16ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/js/ads.js Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 4787 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575f45c1fae06467-FRA
GET H2	200	jquery.min.js Show response adsrt.org/vendor/	84 KB 29 KB	19ms 17ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/vendor/jquery.min.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 4645 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575f45c1fae16467-FRA
GET H2	200	bootstrap.min.js Show response adsrt.org/vendor/bootstrap/js/	39 KB 10 KB	24ms 23ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/vendor/bootstrap/js/bootstrap.min.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 3470 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575f45c1fae36467-FRA
GET H2	200	owl.carousel.min.js Show response adsrt.org/vendor/owl/	43 KB 11 KB	15ms 14ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/vendor/owl/owl.carousel.min.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 2119 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575f45c1fae56467-FRA
GET H2	200	wow.min.js Show response adsrt.org/vendor/	8 KB 3 KB	14ms 13ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/vendor/wow.min.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 4645 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575f45c1fae66467-FRA
GET H2	200	clipboard.min.js Show response adsrt.org/vendor/	11 KB 3 KB	15ms 13ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/vendor/clipboard.min.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a966b18ec6e3b2e6676df4cd8e274cfba051df4bc26ae0d783a978f5533d2bb4 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 3428 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575f45c1fae76467-FRA
GET H2	200	front.js Show response adsrt.org/costo_theme/js/	4 KB 1 KB	20ms 18ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/costo_theme/js/front.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02527ae379ddcc3151dfdc7967b127675308ce92f5e1242db4d8bfaf8ec93297 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Tue, 19 Nov 2019 14:20:37 GMT server cloudflare age 3428 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=86400 cf-ray 575f45c1fae86467-FRA expires Mon, 17 Feb 2020 11:16:38 GMT
GET H2	200	app.js Show response adsrt.org/js/	29 KB 5 KB	17ms 16ms	Script application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/js/app.js?ver=6.4.0 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8f7883a3de9397521d2e218ee6ceb6b48ab58a17bb90f10171c75d5e92b5b78 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare age 5602 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575f45c1fae96467-FRA
GET H2	200	api.js Show response www.recaptcha.net/recaptcha/	742 B 858 B	62ms 20ms	Script text/javascript	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 0d45ad678f6abe1c53cd2d1a005b447b5e84fa457c7faf6e072780da5fedc0cc Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 468 x-xss-protection 1; mode=block expires Wed, 18 Mar 2020 13:24:11 GMT
GET H/1.1	200 OK	tag.min.js Show response sendmepush.com/pfe/current/	37 KB 12 KB	369ms 288ms	Script application/javascript	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/pfe/current/tag.min.js?z=2982850 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash 8e853394d6b00790494923876471729695231f89a825d41205ef3a5fa0b10fad Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Pragma no-cache Date Wed, 18 Mar 2020 13:24:11 GMT Content-Encoding gzip Last-Modified Wed, 18 Mar 2020 09:14:39 GMT Server nginx ETag W/"5e71e67f-93b7" Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H/1.1	200 OK	/ Show response g.themoneytizer.net/g/	26 B 200 B	113ms 26ms	Script text/html	145.239.193.145 OVH
General Check archive.org Show headers Download Go to Full URL https://g.themoneytizer.net/g/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.193.145 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash 278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Wed, 18 Mar 2020 13:24:11 GMT Server nginx X-IPLB-Instance 29820 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	moneyvisibility.js Show response ads.themoneytizer.com/	12 KB 4 KB	15ms 14ms	Script text/javascript	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneyvisibility.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / Resource Hash 22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip last-modified Wed, 08 Jan 2020 19:01:35 GMT server nginx etag "779a-30ad-59ba5857e2265" vary Accept-Encoding x-cache HIT content-type text/javascript status 200 cache-control max-age=86400 accept-ranges bytes content-length 3955 expires Thu, 19 Mar 2020 13:23:46 GMT
GET H2	200	moneybile.js Show response ads.themoneytizer.com/	37 KB 16 KB	19ms 18ms	Script text/javascript	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneybile.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / Resource Hash 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip last-modified Wed, 27 Feb 2019 16:57:00 GMT server nginx etag "7ff1-9390-582e30fefbc74" vary Accept-Encoding x-cache HIT content-type text/javascript status 200 cache-control max-age=86400 accept-ranges bytes content-length 15733 expires Thu, 19 Mar 2020 13:24:08 GMT
GET H2	200	getjs.static.js Show response tag.contextweb.com/	32 KB 11 KB	60ms 23ms	Script application/x-javascript	74.214.194.131 PULSEPOINT-EU
General Check archive.org Show headers Download Go to Full URL https://tag.contextweb.com/getjs.static.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL), Reverse DNS Software envoy / Resource Hash bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip server envoy etag d13c8ae45565efb782b52cb7f6a3b3828e3d77a7 p3p policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" status 200 cache-control max-age=432000, public x-envoy-upstream-service-time 4 content-type application/x-javascript content-length 11296
GET H/1.1	200 OK	px.js Show response p.cpx.to/p/11528/	1 KB 2 KB	442ms 121ms	Script application/javascript	99.84.102.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://p.cpx.to/p/11528/px.js?r=11ddd Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.102.124 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-102-124.iad79.r.cloudfront.net Software AmazonS3 / Resource Hash 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Wed, 18 Mar 2020 13:24:12 GMT Content-Encoding UTF-8 Last-Modified Wed, 10 Oct 2018 10:49:46 GMT Server AmazonS3 X-Amz-Cf-Pop IAD79-C2 ETag "f30057c89bf67afeaf18ceba624fa4b7" X-Cache Miss from cloudfront Content-Type application/javascript Via 1.1 17d601c1a37e4e7f1ee73eac5ce62cf4.cloudfront.net (CloudFront) Cache-Control max-age=2419200 Connection keep-alive Accept-Ranges bytes Content-Length 1498 X-Amz-Cf-Id vxIImYigokQkg87EpH9XBxiLcnj0I6M2iZcqnx5eOi2obdeakIVW7w==
GET H2	200	smart.js Show response ced-ns.sascdn.com/diff/js/ Redirect Chain https://ww1097.smartadserver.com/config.js?nwid=1097 https://ced-ns.sascdn.com/diff/js/smart.js	24 KB 8 KB	55ms 13ms	Script application/x-javascript	68.232.35.16 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ced-ns.sascdn.com/diff/js/smart.js Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.232.35.16 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6BC2) / Resource Hash 0214d392d4e27028b59a53de3a937de0211ca40bc070387c0d68da05a3d8cc4c Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip last-modified Mon, 27 Jan 2020 10:13:07 GMT server ECS (amb/6BC2) age 11404 x-n S etag "0f11d3e54b5ff26b5828eaa172f1ef2a:1580119987" vary Accept-Encoding x-cache HIT content-type application/x-javascript status 200 cache-control max-age=86400 accept-ranges bytes content-length 8149 Redirect headers Location https://ced-ns.sascdn.com/diff/js/smart.js Date Wed, 18 Mar 2020 13:24:11 GMT Cache-Control private Content-Length 159 Content-Type text/html; charset=utf-8
GET H2	200	sync Show response gum.criteo.com/	49 B 371 B	293ms 13ms	Script text/javascript	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=31536000 content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type text/javascript; charset=utf-8 status 200 cache-control private, max-age=3600 date Wed, 18 Mar 2020 13:24:10 GMT content-length 165 expires 60
GET H/1.1	200 OK	libJsLP.js Show response tag.leadplace.fr/	3 KB 3 KB	79ms 21ms	Script application/javascript	145.239.192.166 OVH
General Check archive.org Show headers Download Go to Full URL https://tag.leadplace.fr/libJsLP.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.192.166 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.14.2 / Resource Hash 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Wed, 18 Mar 2020 13:24:11 GMT Last-Modified Tue, 27 Nov 2018 14:13:54 GMT Server nginx/1.14.2 ETag "5bfd5122-a72" X-IPLB-Instance 30196 Content-Type application/javascript Accept-Ranges bytes Content-Length 2674
GET H2	200	/ onetag-sys.com/usync/ Frame DCB8	0 0	71ms 24ms	Document text/html	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1584537851413 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.9.252 , Germany, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?pubId=2a897e3f18e6769&cb=1584537851413 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://adsrt.org/zPMIAYdY accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://adsrt.org/zPMIAYdY Response headers status 200 content-type text/html cache-control no-transform, no-cache content-encoding gzip strict-transport-security max-age=2592000
GET H2	200	/ spl.zeotap.com/ Frame C193	0 0	57ms 35ms	Document text/html	2606:4700:10::6814:8238 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:8238 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority spl.zeotap.com :scheme https :path /?env=mWeb&uc=2&zdid=1258&eventType=map pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://adsrt.org/zPMIAYdY accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://adsrt.org/zPMIAYdY Response headers status 200 date Wed, 18 Mar 2020 13:24:11 GMT content-type text/html set-cookie __cfduid=d85f76f461539c760874526fa0bdbaace1584537851; expires=Fri, 17-Apr-20 13:24:11 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=29cc2044-b790-48cf-6556-7a1f4775e53b; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zc1=29cc2044-b790-48cf-6556-7a1f4775e53b; Path=/; Domain=.zeotap.com; Max-Age=315360000 zsc=%E86%EF.se%19%AD5%04%97m%D6%C16IL%0E%B8%05%F3l%808%C3%7Cl%03%F8%09%DF%0Dk6%82%F4uy%A5%81%5B%B6%2C%04WB%9A1%AFja%12%A8%C2%D4%D0%1B%F1%C9%3EI%23.r%0C%19%1E3%F0%ED%C6%F0%A1%89%3CJ%E8%1D%07%85%A3%C5_e%EB%81%F2%EF%29; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure access-control-allow-headers * access-control-allow-origin * via 1.1 google cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 575f45c37c65bec4-FRA content-encoding br
GET H/1.1	200 OK	quant.js Show response secure.quantserve.com/	13 KB 6 KB	90ms 22ms	Script application/x-javascript	91.228.74.224 QUANTCAST
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.224 , United Kingdom, ASN27281 (QUANTCAST, US), Reverse DNS Software QS / Resource Hash e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Wed, 18 Mar 2020 13:24:11 GMT Content-Encoding gzip Last-Modified Wed, 18-Mar-2020 13:24:11 GMT Server QS Etag M0-56c8c653 Vary Accept-Encoding Strict-Transport-Security max-age=86400 Content-Type application/x-javascript Cache-Control private, no-transform, max-age=604800 Connection keep-alive Content-Length 5651 Expires Wed, 25 Mar 2020 13:24:11 GMT
GET H/1.1	200 OK	notifyme.js Show response d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/	25 KB 26 KB	102ms 22ms	Script text/javascript	13.225.87.190 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.87.190 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-190.fra2.r.cloudfront.net Software Apache / Resource Hash b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Wed, 18 Mar 2020 07:38:27 GMT Via 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront) Last-Modified Mon, 18 Feb 2019 16:54:28 GMT Server Apache Age 20753 X-Cache Hit from cloudfront Content-Type text/javascript X-Amz-Cf-Pop FRA2-C2 Connection keep-alive Accept-Ranges bytes Content-Length 25704 X-Amz-Cf-Id GSuUInRJGBEa5UczNsicTlRPs9jczcqODfrbmQtyyTZKXlX4NzFg6A==
GET H/1.1	200 OK	186329-261067657875242.js Show response js-sec.indexww.com/ht/p/	0 454 B	365ms 324ms	Script text/javascript	23.210.249.164 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/ht/p/186329-261067657875242.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-164.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Wed, 18 Mar 2020 13:24:11 GMT Content-Encoding gzip Last-Modified Wed, 18 Mar 2020 13:21:28 GMT Server Apache ETag "da226e-0-5a120ee0ac5f2" Vary Accept-Encoding P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Type text/javascript Content-Length 20 Expires Wed, 18 Mar 2020 14:24:11 GMT
GET H2	200	prebid.js Show response ads.themoneytizer.com/moneybid2_445_2/build/dist/	407 KB 130 KB	22ms 21ms	Script text/javascript	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / Resource Hash 5c0e9940676227b089871a760a8bcdd5632b8d0057e710c8862240a753fa2d26 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip last-modified Fri, 06 Mar 2020 16:16:02 GMT server nginx etag "45703-65b8f-5a031f84724e8" vary Accept-Encoding x-cache HIT content-type text/javascript status 200 cache-control max-age=86400 accept-ranges bytes content-length 132652 expires Thu, 19 Mar 2020 13:23:56 GMT
GET H2	200	QdVUSTchPBm7nuUeVf70viFluW44JQ.woff2 fonts.gstatic.com/s/questrial/v9/	13 KB 13 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/questrial/v9/QdVUSTchPBm7nuUeVf70viFluW44JQ.woff2 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 495347eafc1881654163fd276f18415487f16cb282b9695dc03a8b99a4de21b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Questrial Origin https://adsrt.org Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 09 Mar 2020 10:39:27 GMT content-encoding gzip x-content-type-options nosniff age 787484 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 12870 x-xss-protection 0 last-modified Tue, 16 Jul 2019 23:53:30 GMT server sffe vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 09 Mar 2021 10:39:27 GMT
GET H2	200	integrator.js Show response adservice.google.nl/adsid/	109 B 171 B	16ms 15ms	Script application/javascript	2a00:1450:4001:820::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.nl/adsid/integrator.js?domain=adsrt.org Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 171 B	14ms 14ms	Script application/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=adsrt.org Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2020030501.js Show response securepubads.g.doubleclick.net/gpt/	165 KB 60 KB	32ms 32ms	Script text/javascript	216.58.206.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s20-in-f2.1e100.net Software sffe / Resource Hash 8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 05 Mar 2020 14:08:10 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 61481 x-xss-protection 0 expires Wed, 18 Mar 2020 13:24:11 GMT
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	715 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	sticky-embed.js Show response tags.audionews.fm/	7 KB 3 KB	58ms 23ms	Script application/javascript	2606:4700:3035::681f:40fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/sticky-embed.js Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:40fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c5668e7d6448a1651213bb4a5b5b099cd806bfff85b89226515db47aee14aa6 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:31:54 GMT server cloudflare age 381 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 cf-ray 575f45c3efe1c295-FRA
GET H2	200	cmp.js Show response quantcast.mgr.consensu.org/	225 KB 61 KB	23ms 8ms	Script text/javascript	2600:9000:20eb:f800:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/cmp.js Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:f800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 826acef37820db4f3e9b999fa220c33e40cdd0b862f9717190a775dddd38d846 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:20:15 GMT content-encoding gzip last-modified Tue, 17 Mar 2020 20:57:22 GMT server AmazonS3 age 875 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript;charset=UTF-8 status 200 x-amz-meta-qc-ineu True x-amz-cf-pop FRA2-C1 x-amz-cf-id N3oQrv2YXe2h1DybKXwUAjVf6mKmUqeytPv3mjyIeQakiFFvCF7ONQ== via 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
GET		/ loadus.exelator.com/load/ Redirect Chain https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/12/2/8/2.gif?puid=1829295626267993156&gdpr=1&gdpr_consent= https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/12/10/7/3.gif?puid=4233768919987742&gdpr=1&gdpr_consent= https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= https://id5-sync.com/c/12/19/6/4.gif?puid=5eee5a740281b1d312077b59de159669&gdpr=1&gdpr_consent= https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/12/101/5/5.gif?puid=6264fd6c-2bf9-4e75-8460-b4b2cc11f667&gdpr=1&gdpr_consent= https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons... https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdp... https://id5-sync.com/c/12/108/4/6.gif?puid=c8a8f191-691b-11ea-bad1-82c39211681c&gdpr=1&gdpr_consent= https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/12/112/3/7.gif?puid=F04471DBD2D08555&gdpr=1&gdpr_consent= https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D	0 0
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/qpy2aGtSgsYPZzCoYWjcaBCo/	259 KB 93 KB	21ms 6ms	Script text/javascript	2a00:1450:4001:81a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/qpy2aGtSgsYPZzCoYWjcaBCo/recaptcha__en.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f68b13965aca7240d1fa7aa4526a872138e15acf8dab4af6374309db830416e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Mon, 16 Mar 2020 16:27:57 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 16 Mar 2020 04:05:33 GMT server sffe age 161774 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 94711 x-xss-protection 0 expires Tue, 16 Mar 2021 16:27:57 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	44 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:814::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-40605702-4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Feb 2020 00:21:02 GMT server Golfe2 age 3039 date Wed, 18 Mar 2020 12:33:32 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 18174 expires Wed, 18 Mar 2020 14:33:32 GMT
GET H2	200	localstore.js Show response script.4dex.io/	450 B 710 B	42ms 23ms	Script application/javascript	2606:4700:e0::ac40:6904 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6904 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Mon, 09 Mar 2020 11:11:59 GMT server cloudflare age 1496 etag W/"bfa52622781c173885812009122c3f7c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=1800 cf-ray 575f45c42b78bf0f-FRA x-amz-request-id 0523613C472695FA x-amz-id-2 vuXjt3ItoC/oV4lnH/mCnEcwEdQgqccYER2YAfXC8GMJ1cfwkCVldUrXEZztaTEtVZiMoGdmqpc=
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	421 B 303 B	301ms 301ms	XHR text/plain	216.58.206.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3477863130476444&correlator=1050674351204296&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065399%2C21065400%2C21065353%2C21065391&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200318&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1584537851&dt=1584537851550&dlt=1584537851084&idt=454&frm=20&biw=1585&bih=1200&oid=3&adxs=429&adys=104&adks=618049884&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&dssz=71&icsg=11727949266880&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x90&msz=1585x90&ga_vid=1097856079.1584537852&ga_sid=1584537852&ga_hid=948025261&fws=4&ohw=1585&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s20-in-f2.1e100.net Software cafe / Resource Hash 3ea0e9bdbdc93d64a1c1d8fe880ee45362c726b7e4489d8bb5139786d3eb0e12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 229 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_rendering_2020030501.js Show response securepubads.g.doubleclick.net/gpt/	69 KB 25 KB	26ms 26ms	Script text/javascript	216.58.206.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s20-in-f2.1e100.net Software sffe / Resource Hash ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 05 Mar 2020 14:08:10 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 25689 x-xss-protection 0 expires Wed, 18 Mar 2020 13:24:11 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	20ms 6ms	Other text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	421 B 633 B	153ms 153ms	XHR text/plain	216.58.206.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3477863130476444&correlator=1050674351204296&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065399%2C21065400%2C21065353%2C21065391&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200318&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1584537851&dt=1584537851561&dlt=1584537851084&idt=454&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2462235622&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&dssz=72&icsg=11727949266880&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1097856079.1584537852&ga_sid=1584537852&ga_hid=948025261&fws=132&ohw=1585 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s20-in-f2.1e100.net Software cafe / Resource Hash aae944266f39e53612633eefe352400dd24d3cbb63a32bae89beaaafa446e2fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 229 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	422 B 303 B	442ms 442ms	XHR text/plain	216.58.206.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3477863130476444&correlator=1050674351204296&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065399%2C21065400%2C21065353%2C21065391&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200318&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1584537851&dt=1584537851565&dlt=1584537851084&idt=454&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=10&adks=3069682158&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&dssz=72&icsg=11727949266880&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1097856079.1584537852&ga_sid=1584537852&ga_hid=948025261&fws=516&ohw=1585&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s20-in-f2.1e100.net Software cafe / Resource Hash 860412076948d0af279ed12da23971a16e9a449ffc03163223327b674cd860de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 229 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	421 B 308 B	553ms 551ms	XHR text/plain	216.58.206.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3477863130476444&correlator=1050674351204296&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065399%2C21065400%2C21065353%2C21065391&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200318&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1584537851&dt=1584537851569&dlt=1584537851084&idt=454&frm=20&biw=1585&bih=1200&oid=3&adxs=448&adys=319&adks=1434986194&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&dssz=72&icsg=11727949266880&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=690x90&msz=690x90&ga_vid=1097856079.1584537852&ga_sid=1584537852&ga_hid=948025261&fws=4&ohw=1585&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s20-in-f2.1e100.net Software cafe / Resource Hash 41c369f50d0ec918a79aedbd9af5b0b1dc525d4070ff226d4e8cc2ec8a4764e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:12 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 231 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	421 B 305 B	634ms 632ms	XHR text/plain	216.58.206.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3477863130476444&correlator=1050674351204296&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065399%2C21065400%2C21065353%2C21065391&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200318&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1584537851&dt=1584537851574&dlt=1584537851084&idt=454&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1234561976&ucis=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&dssz=72&icsg=11727949266880&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1097856079.1584537852&ga_sid=1584537852&ga_hid=948025261&fws=132&ohw=1585 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s20-in-f2.1e100.net Software cafe / Resource Hash 58105573fa16d06e775fb2f34b39b464191ae0b817d0c17e3d2b1b3f161af737 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:12 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 231 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	422 B 307 B	752ms 752ms	XHR text/plain	216.58.206.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3477863130476444&correlator=1050674351204296&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065399%2C21065400%2C21065353%2C21065391&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200318&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1584537851&dt=1584537851580&dlt=1584537851084&idt=454&frm=20&biw=1585&bih=1200&oid=3&adxs=628&adys=446&adks=1460428731&ucis=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&dssz=72&icsg=11727949266880&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x280&msz=330x280&ga_vid=1097856079.1584537852&ga_sid=1584537852&ga_hid=948025261&fws=4&ohw=1585&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s20-in-f2.1e100.net Software cafe / Resource Hash 88e8f8f34df05e8b9f987220d29e7566cb6a0c8631a34822340a1bb3b078de22 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:12 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 230 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	422 B 305 B	929ms 929ms	XHR text/plain	216.58.206.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3477863130476444&correlator=1050674351204296&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065399%2C21065400%2C21065353%2C21065391&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200318&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=ad_group%3Dad_ex0&cookie_enabled=1&bc=31&abxe=1&lmt=1584537851&dt=1584537851585&dlt=1584537851084&idt=454&frm=20&biw=1585&bih=1200&oid=3&adxs=635&adys=746&adks=2344404816&ucis=7&ifi=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&dssz=72&icsg=11727949266880&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=305x280&msz=305x280&ga_vid=1097856079.1584537852&ga_sid=1584537852&ga_hid=948025261&fws=4&ohw=1585&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s20-in-f2.1e100.net Software cafe / Resource Hash 5438efc1c3f45338e624535419459371bad22268c40b525e6da45f91f475fb4b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:12 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 228 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	422 B 309 B	1059ms 1059ms	XHR text/plain	216.58.206.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3477863130476444&correlator=1050674351204296&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065399%2C21065400%2C21065353%2C21065391&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200318&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1584537851&dt=1584537851590&dlt=1584537851084&idt=454&frm=20&biw=1585&bih=1200&oid=3&adxs=638&adys=1081&adks=4201907783&ucis=8&ifi=8&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&dssz=72&icsg=11727949266880&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=305x250&msz=305x250&ga_vid=1097856079.1584537852&ga_sid=1584537852&ga_hid=948025261&fws=4&ohw=1585&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s20-in-f2.1e100.net Software cafe / Resource Hash 21259287ff0898b3b431504a2a3aafdb1fcb53849ec701a2d08aa7570d1f5265 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:12 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 232 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://adsrt.org cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rules-p-6Fv0cGNfc_bw8.js Show response rules.quantcount.com/	1 KB 966 B	19ms 7ms	Script application/x-javascript	2600:9000:20eb:1a00:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:1a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 12:24:29 GMT content-encoding gzip last-modified Mon, 19 Mar 2018 22:28:36 GMT server AmazonS3 age 3586 vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=3600 x-amz-cf-pop FRA2-C1 x-amz-cf-id QDWPuQkeZ7aVnbc4k1Ql2AQc1VPebapkNRjZ_FWaPxWAW396CRq1vA== via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
GET H2	200	video-js.min.css tags.audionews.fm/dist/	38 KB 9 KB	13ms 13ms	Stylesheet text/css	2606:4700:3035::681f:40fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/video-js.min.css Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:40fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c92903d5602f1c1419e9c647f0db022d425efaaa580d9849e9b6132cb1020f6 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:13 GMT server cloudflare age 3328 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=31536000 cf-ray 575f45c48a3ac295-FRA
GET H2	200	videojs.ads.css tags.audionews.fm/dist/	917 B 377 B	21ms 20ms	Stylesheet text/css	2606:4700:3035::681f:40fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/videojs.ads.css Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:40fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 839e7c6761776f0e1c251d29d443dd8e29c6d3beefeeb8925c58a74ba784bd30 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:15 GMT server cloudflare age 380 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=31536000 cf-ray 575f45c48a3fc295-FRA
GET H2	200	videojs.ima.css tags.audionews.fm/dist/	4 KB 1 KB	13ms 12ms	Stylesheet text/css	2606:4700:3035::681f:40fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/videojs.ima.css Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:40fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:11 GMT server cloudflare age 2771 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=31536000 cf-ray 575f45c48a41c295-FRA
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	264 KB 90 KB	58ms 38ms	Script text/javascript	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f34922bc830fe07b84412052407d933809cf522f9ba778b2511fe7575a0e3486 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 91752 x-xss-protection 0 expires Wed, 18 Mar 2020 13:24:11 GMT
GET H2	200	adagio.js Show response script.4dex.io/	60 KB 18 KB	31ms 16ms	Fetch application/javascript	2606:4700:e0::ac40:6904 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6904 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cc36a5dabe23d6973e196b1f70629c2e25646d55847c07e889ec2938205add2 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 1212 status 200 x-amz-request-id 2736EE26B04F73CC x-amz-id-2 +x/s0nMCjfHcXfIY87Qj9j08cQ0dUimBE/AQleHafXDRJ0rxpj4Pxvo52QUEHcDY3c0ELtxa3cA= last-modified Mon, 09 Mar 2020 11:11:38 GMT server cloudflare etag W/"02788774e36642fcb0bbfe63327d3df7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800 cf-ray 575f45c4ad1d96d4-FRA
GET H2	200	collect stats.g.doubleclick.net/r/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j81&a=948025261&t=pageview&_s=1&dl=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=1... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-40605702-4&cid=1097856079.1584537852&jid=1413093053&_gid=1663989233.1584537852&gjid=2051067535&_v=j81&z=323843611	35 B 136 B	15ms 14ms	Image image/gif	2a00:1450:400c:c0c::9d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-40605702-4&cid=1097856079.1584537852&jid=1413093053&_gid=1663989233.1584537852&gjid=2051067535&_v=j81&z=323843611 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * date Wed, 18 Mar 2020 13:24:11 GMT content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 18 Mar 2020 13:24:11 GMT last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * location https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-40605702-4&cid=1097856079.1584537852&jid=1413093053&_gid=1663989233.1584537852&gjid=2051067535&_v=j81&z=323843611 content-type text/html; charset=UTF-8 status 302 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 419 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	zone Show response sendmepush.com/	633 B 1 KB	15ms 15ms	Fetch application/json	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/zone?pub=0&zone_id=2982850&is_mobile=false&domain=adsrt.org&var=&ymid= Requested by Host: sendmepush.com URL: https://sendmepush.com/pfe/current/tag.min.js?z=2982850 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash 89cdc2c96d2eef59da3d4f974c763522e645c63a77a4cda3e5dfdb849f81048c Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers X-Trace-Id 39340f8bffa2aee9b94d4f54b97a4eec Date Wed, 18 Mar 2020 13:24:11 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://adsrt.org Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 633
GET H/1.1	200 OK	universal.min.js Show response sendmepush.com/pfe/current/	131 KB 40 KB	73ms 28ms	Fetch application/javascript	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/pfe/current/universal.min.js?v=3.1.191 Requested by Host: sendmepush.com URL: https://sendmepush.com/pfe/current/tag.min.js?z=2982850 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash a349a19826eb90ad2277f0da394a00f9f06c1a31db4f727c11f197e19d1a47e8 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Wed, 18 Mar 2020 13:24:11 GMT Content-Encoding gzip Last-Modified Wed, 18 Mar 2020 09:14:39 GMT Server nginx ETag W/"5e71e67f-20ddd" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin https://adsrt.org Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H2	200	cmp-3pc-check.html static.quantcast.mgr.consensu.org/v31/ Frame 3AEE	0 0	48ms 24ms	Document text/html	2600:9000:21f3:5400:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.quantcast.mgr.consensu.org/v31/cmp-3pc-check.html Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:5400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers :method GET :authority static.quantcast.mgr.consensu.org :scheme https :path /v31/cmp-3pc-check.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://adsrt.org/zPMIAYdY accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://adsrt.org/zPMIAYdY Response headers status 200 content-type text/html content-length 645 last-modified Tue, 17 Mar 2020 20:57:17 GMT x-amz-server-side-encryption AES256 accept-ranges bytes server AmazonS3 date Wed, 18 Mar 2020 13:20:50 GMT etag "55b98270d639ef0c34781d9f03cce91f" x-cache Hit from cloudfront via 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-cf-id 5tZ-XBNchLoLu5N0aKphE6UNduxNJGpFGkOBF3iReVf1isVJBoM9iA== age 568
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.0.0/	84 KB 30 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:816::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 23 Jan 2020 18:41:31 GMT content-encoding gzip x-content-type-options nosniff age 4732960 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 30186 x-xss-protection 0 last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 22 Jan 2021 18:41:31 GMT
GET H2	200	anchor www.google.com/recaptcha/api2/ Frame 7E57	0 0	33ms 33ms	Document text/html	2a00:1450:4001:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt&co=aHR0cHM6Ly9hZHNydC5vcmc6NDQz&hl=en&v=qpy2aGtSgsYPZzCoYWjcaBCo&size=normal&cb=y1tm3wfp838a Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-OyPqOvdZDCMmK63FgCbWrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt&co=aHR0cHM6Ly9hZHNydC5vcmc6NDQz&hl=en&v=qpy2aGtSgsYPZzCoYWjcaBCo&size=normal&cb=y1tm3wfp838a pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://adsrt.org/zPMIAYdY accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://adsrt.org/zPMIAYdY Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Wed, 18 Mar 2020 13:24:11 GMT content-security-policy script-src 'report-sample' 'nonce-OyPqOvdZDCMmK63FgCbWrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 10086 server GSE alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
GET H2	200	cmpui-banner.js Show response static.quantcast.mgr.consensu.org/v31/	220 KB 60 KB	20ms 20ms	Script text/javascript	2600:9000:21f3:5400:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.quantcast.mgr.consensu.org/v31/cmpui-banner.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:5400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8ad98f3fabbc36df3e4377391083730476e36de35def5de3ef8ff885e333bc43 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:11:25 GMT content-encoding gzip last-modified Tue, 17 Mar 2020 20:57:16 GMT server AmazonS3 age 767 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript;charset=UTF-8 status 200 x-amz-cf-pop FRA2-C2 x-amz-cf-id 0MXIyAkHtZ_W92okjX9-BXGtq9hr_I0JGJ9EPpHJc5MB4cmW6EoAew== via 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
GET H/1.1	200 OK	notifyme.php Show response adtrack.adleadevent.com/	0 520 B	143ms 46ms	XHR application/x-javascript	54.246.118.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.246.118.35 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-246-118-35.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Wed, 18 Mar 2020 13:24:11 GMT Content-Encoding gzip Last-Modified Wed, 18 Mar 2020 13:24:11 GMT Server Apache Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin https://adsrt.org Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 20 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	video.min.js Show response tags.audionews.fm/dist/	491 KB 113 KB	24ms 24ms	Script application/javascript	2606:4700:3035::681f:40fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/video.min.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:40fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fc57b49cdcfa478396b186bdd03fdaa108b8975e58d156f41bc011056388728 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:11 GMT server cloudflare age 375 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 cf-ray 575f45c55cb2c295-FRA
GET H2	200	vendorlist.json Show response vendorlist.consensu.org/	95 KB 18 KB	648ms 450ms	XHR application/json	2600:9000:20e2:6600:1:af78:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vendorlist.consensu.org/vendorlist.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20e2:6600:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4b1802dd6a4184fdbda7a469f7f7258190ebe8690cbaa24cfd99a588dde61938 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:13 GMT content-encoding gzip vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop IAD79-C2 x-cache Miss from cloudfront status 200 access-control-allow-origin * last-modified Thu, 12 Mar 2020 16:00:30 GMT server AmazonS3 access-control-max-age 604800 access-control-allow-methods GET x-amz-version-id n.U3GT1Xns.dVTg6BaKcbkdHhBEeTGuK via 1.1 17d601c1a37e4e7f1ee73eac5ce62cf4.cloudfront.net (CloudFront) cache-control max-age=604800 content-type application/json; charset=utf-8 x-amz-cf-id nnunrUHXojrNGKxcQzCeaUrj71dkC1IoqpumxFwEyI_X9iGUkYuwHg==
OPTIONS H/1.1	200 OK	custom Show response sendmepush.com/	0 457 B	16ms 16ms	Fetch text/plain	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/custom Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Access-Control-Request-Method POST Origin https://adsrt.org Referer https://adsrt.org/zPMIAYdY Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Access-Control-Request-Headers content-type Response headers Date Wed, 18 Mar 2020 13:24:11 GMT Server nginx Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://adsrt.org Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Content-Length 0
GET H2	200	sw.js Show response adsrt.org/	3 KB 1 KB	10ms 10ms	Fetch application/javascript	2606:4700:3035::681f:5d90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adsrt.org/sw.js Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:5d90 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f041fbf04472ed4f6b8adee25685977644b5ffbfaa96357fef2c8841e0b10dbc Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Fri, 20 Dec 2019 11:34:18 GMT server cloudflare age 2835 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 575f45c57da96467-FRA
POST H/1.1	200 OK	custom Show response sendmepush.com/	39 B 484 B	17ms 16ms	Fetch application/json	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/custom Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers X-Trace-Id 3baaf370b67b3833a085940b180c62e6 Date Wed, 18 Mar 2020 13:24:11 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://adsrt.org Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
GET BLOB	200 OK	1eb205a7-1dcb-4df3-8b53-4c536042cb2f https://adsrt.org/	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://adsrt.org/1eb205a7-1dcb-4df3-8b53-4c536042cb2f Requested by Host: tags.audionews.fm URL: https://tags.audionews.fm/dist/video.min.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest worker Response headers Content-Length 31 Content-Type application/javascript
GET H2	200	videojs.ads.min.js Show response tags.audionews.fm/dist/	23 KB 6 KB	22ms 22ms	Script application/javascript	2606:4700:3035::681f:40fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/videojs.ads.min.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:40fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6594b0e243c5017d9a9551c307c96ec67632b3f0887b2ca6652fbddec9c278c1 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:04 GMT server cloudflare age 370 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 cf-ray 575f45c5ee65c295-FRA
OPTIONS H/1.1	200 OK	custom Show response sendmepush.com/	0 457 B	23ms 23ms	Fetch text/plain	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/custom Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Access-Control-Request-Method POST Origin https://adsrt.org Referer https://adsrt.org/zPMIAYdY Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Access-Control-Request-Headers content-type Response headers Date Wed, 18 Mar 2020 13:24:11 GMT Server nginx Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://adsrt.org Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Content-Length 0
GET H2	200	bframe www.google.com/recaptcha/api2/ Frame 738D	0 0	17ms 17ms	Document text/html	2a00:1450:4001:809::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=en&v=qpy2aGtSgsYPZzCoYWjcaBCo&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt&cb=ma9yifr3pm1u Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-flvhoNPcFrctb9zZujTDnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/bframe?hl=en&v=qpy2aGtSgsYPZzCoYWjcaBCo&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt&cb=ma9yifr3pm1u pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://adsrt.org/zPMIAYdY accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://adsrt.org/zPMIAYdY Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Wed, 18 Mar 2020 13:24:11 GMT content-security-policy script-src 'report-sample' 'nonce-flvhoNPcFrctb9zZujTDnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1179 server GSE alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
POST H/1.1	200 OK	custom Show response sendmepush.com/	39 B 484 B	17ms 17ms	Fetch application/json	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/custom Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers X-Trace-Id f176839274efa3f19d1958fcbcdab3fb Date Wed, 18 Mar 2020 13:24:11 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://adsrt.org Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
GET H2	200	videojs.ima.js Show response tags.audionews.fm/dist/	81 KB 15 KB	22ms 22ms	Script application/javascript	2606:4700:3035::681f:40fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/videojs.ima.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:40fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4a6277e7af456bcb0adb33a64ec505d626969c1297a61c40a5004b15809e200 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:16 GMT server cloudflare age 3299 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 cf-ray 575f45c61eefc295-FRA
GET H2	200	can-autoplay.min.js Show response tags.audionews.fm/dist/	11 KB 3 KB	12ms 12ms	Script application/javascript	2606:4700:3035::681f:40fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/can-autoplay.min.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:40fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:06 GMT server cloudflare age 369 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 cf-ray 575f45c64f74c295-FRA
GET H2	200	ads_sticky.js Show response tags.audionews.fm/dist/	4 KB 1 KB	20ms 20ms	Script application/javascript	2606:4700:3035::681f:40fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/dist/ads_sticky.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:40fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0e2644ce85b34abf6a9a8ad7d55ec5b39118092eb4384886c93ea1f52afb70e Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:11 GMT content-encoding br cf-cache-status HIT last-modified Sat, 07 Mar 2020 22:32:07 GMT server cloudflare age 368 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=31536000 cf-ray 575f45c65fc2c295-FRA
GET DATA	200 OK	truncated /	4 KB 4 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a7534f0f0571e65e61cb4cbd07673cbf004f38327cae2a669091a92d6c663de7 Request headers Origin https://adsrt.org User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H2	200	bridge3.375.0_en.html imasdk.googleapis.com/js/core/ Frame 850B	0 0	6ms 6ms	Document text/html	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.375.0_en.html Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority imasdk.googleapis.com :scheme https :path /js/core/bridge3.375.0_en.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://adsrt.org/zPMIAYdY accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://adsrt.org/zPMIAYdY Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 196564 date Tue, 17 Mar 2020 11:12:07 GMT expires Wed, 17 Mar 2021 11:12:07 GMT last-modified Mon, 16 Mar 2020 19:39:10 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 94324 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
GET H2	200	client.js Show response s0.2mdn.net/instream/video/	26 KB 11 KB	61ms 40ms	Script text/javascript	2a00:1450:4001:806::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:12 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 10523 x-xss-protection 0 expires Wed, 18 Mar 2020 13:24:12 GMT
GET H2	206	ny_2.mp4 tags.audionews.fm/mediafiles/	42 KB 0	287ms 287ms	Media video/mp4	2606:4700:3035::681f:40fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/mediafiles/ny_2.mp4 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:40fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://adsrt.org/zPMIAYdY Sec-Fetch-Dest video Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=0- Response headers date Wed, 18 Mar 2020 13:24:12 GMT cf-cache-status DYNAMIC last-modified Sat, 07 Mar 2020 22:33:49 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type video/mp4 Content-Range bytes 0-38500454/38500455 accept-ranges bytes cf-ray 575f45c6d8dec295-FRA Content-Length 38500455
GET H2	206	ny_2.mp4 tags.audionews.fm/mediafiles/	190 KB 191 KB	293ms 293ms	Media video/mp4	2606:4700:3035::681f:40fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/mediafiles/ny_2.mp4 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:40fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68c62d703c76efd136c9b162a852c433e264e5625366a59d90968d80b4057037 Request headers Referer https://adsrt.org/zPMIAYdY Sec-Fetch-Dest video Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=38305792- Response headers date Wed, 18 Mar 2020 13:24:12 GMT cf-cache-status DYNAMIC last-modified Sat, 07 Mar 2020 22:33:49 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type video/mp4 Content-Range bytes 38305792-38500454/38500455 accept-ranges bytes cf-ray 575f45c97fffc295-FRA Content-Length 194663
GET H2	200	purposes-es.json Show response vendorlist.consensu.org/	4 KB 2 KB	446ms 445ms	XHR application/json	2600:9000:20e2:6600:1:af78:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vendorlist.consensu.org/purposes-es.json?timestamp=1584537852584 Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20e2:6600:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 86f659539070ee4c88a5cf981c16053dd7c5af47e9338368e28ea9c9977b0470 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:13 GMT content-encoding gzip vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop IAD79-C2 x-cache Miss from cloudfront status 200 access-control-allow-origin * last-modified Thu, 12 Mar 2020 16:21:06 GMT server AmazonS3 access-control-max-age 604800 access-control-allow-methods GET x-amz-version-id IUNj6qGuAvgLQQpyfLeuX5ZkIE7LwKN9 via 1.1 17d601c1a37e4e7f1ee73eac5ce62cf4.cloudfront.net (CloudFront) cache-control max-age=259200 content-type application/json; charset=utf-8 x-amz-cf-id ojm9MvsNouO_08--61YKUzSzEkyKTrOzmv4sMdcBwUAtoQmhDFJaQA==
GET H2	404	CookieAccess Show response api.quantcast.mgr.consensu.org/	30 B 585 B	336ms 124ms	XHR application/json	99.86.230.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.quantcast.mgr.consensu.org/CookieAccess Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.86.230.4 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-230-4.iad79.r.cloudfront.net Software / Resource Hash 5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:13 GMT content-encoding gzip x-amz-cf-pop IAD79-C3 x-amzn-requestid e4e01339-7ebe-4da7-b00a-710b51476dbb x-cache Error from cloudfront status 404 x-amz-apigw-id JloXlGocIAMFw5g= content-length 50 access-control-allow-origin https://adsrt.org x-amzn-trace-id Root=1-5e7220fd-c4f3234407c058508bc129e8;Sampled=0 vary Origin access-control-allow-methods GET, POST content-type application/json via 1.1 7c9d2cffb8d1fe464e9f78e42af1b34d.cloudfront.net (CloudFront) cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Content-Type x-amz-cf-id mgV4Pf0FU3qAEPHmTRStXmibeIlsE5I7yIEG4MfYjcYoPzuEJsGa7Q==
GET H2	206	ny_2.mp4 tags.audionews.fm/mediafiles/	163 KB 0	282ms 282ms	Media video/mp4	2606:4700:3035::681f:40fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.audionews.fm/mediafiles/ny_2.mp4 Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::681f:40fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://adsrt.org/zPMIAYdY Sec-Fetch-Dest video Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=32768- Response headers date Wed, 18 Mar 2020 13:24:13 GMT cf-cache-status DYNAMIC last-modified Sat, 07 Mar 2020 22:33:49 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type video/mp4 Content-Range bytes 32768-38500454/38500455 accept-ranges bytes cf-ray 575f45cdcbbec295-FRA Content-Length 38467687
GET H2	200	logo.png adshort.media/	71 KB 71 KB	75ms 23ms	Image image/png	2606:4700:3035::6812:27b2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://adshort.media/logo.png Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6812:27b2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f236a83ff6aeadf5ef4a4d0fadcf7e8b58100b16e1b278a28e8c63a08854611 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Wed, 18 Mar 2020 13:24:13 GMT cf-cache-status HIT last-modified Tue, 29 Jan 2019 15:57:47 GMT server cloudflare age 2329 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 575f45cfeabe97d8-FRA content-length 72196
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b1f3b6e8f8bfbdf8c30524544c8b844f42f72a16da547af9b3793488f4ced0d Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ Show response audit.quantcast.mgr.consensu.org/	80 B 479 B	641ms 412ms	XHR text/html	99.84.216.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit.quantcast.mgr.consensu.org/?log=;1584537853623;AdShort%20Media;https%3A%2F%2Fadsrt.org%2FzPMIAYdY;;;;;b,off,true,,1,es,31,193,true,false,false;displayConsentUi:mandatory,;GDPR-y786sjhu738ip1o272z8 Requested by Host: static.quantcast.mgr.consensu.org URL: https://static.quantcast.mgr.consensu.org/v31/cmpui-banner.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.216.14 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-216-14.iad79.r.cloudfront.net Software AmazonS3 / Resource Hash 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:15 GMT via 1.1 4c3936cc7f5f36d3966cb34ebcbf91a7.cloudfront.net (CloudFront) vary Origin x-amz-cf-pop IAD79-C1 x-cache Miss from cloudfront status 200 content-length 80 last-modified Mon, 11 Jun 2018 22:07:34 GMT server AmazonS3 etag "0614149d8033903db5de46d6c184bbfd" access-control-max-age 3000 access-control-allow-methods GET content-type text/html access-control-allow-origin * accept-ranges bytes x-amz-cf-id 9o6ftvNPVZtiJ7r6Rnou_T17lEqv-fFMK_OzTjQrgLVmGUB3JKUjaA==
GET H2	302	hb Show response ice.360yield.com/ul_cb/ Redirect Chain https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225473f4be5399f4d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%... https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225473f4be5399f4d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsr...	0 -1 B	353ms 23ms	XHR text/plain	52.57.163.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225473f4be5399f4d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222f7740640ca6db%22%2C%22pid%22%3A%2222205625%22%2C%22tid%22%3A%22b9c72306-ba48-4336-a2c2-e0da87270610%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%223c45050f0bce68%22%2C%22pid%22%3A%2222205626%22%2C%22tid%22%3A%228f864b25-b6b4-4651-b787-add70df47774%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22412500442e896a%22%2C%22pid%22%3A%2222205634%22%2C%22tid%22%3A%22b81dad04-0f55-4db8-8594-9dc0bd0fa761%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22598386a9c70aa5%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22369c02b0-68bb-4047-a4ec-3c68cdae813c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22668178bc4ff401%22%2C%22pid%22%3A%2222205632%22%2C%22tid%22%3A%2222a31e96-61ab-4f24-9a69-69e57feb8788%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-163-110.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:21 GMT access-control-allow-origin https://adsrt.org location https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225473f4be5399f4d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222f7740640ca6db%22%2C%22pid%22%3A%2222205625%22%2C%22tid%22%3A%22b9c72306-ba48-4336-a2c2-e0da87270610%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%223c45050f0bce68%22%2C%22pid%22%3A%2222205626%22%2C%22tid%22%3A%228f864b25-b6b4-4651-b787-add70df47774%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22412500442e896a%22%2C%22pid%22%3A%2222205634%22%2C%22tid%22%3A%22b81dad04-0f55-4db8-8594-9dc0bd0fa761%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22598386a9c70aa5%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22369c02b0-68bb-4047-a4ec-3c68cdae813c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22668178bc4ff401%22%2C%22pid%22%3A%2222205632%22%2C%22tid%22%3A%2222a31e96-61ab-4f24-9a69-69e57feb8788%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" status 302 access-control-allow-credentials true content-type text/plain content-length 0 Redirect headers date Wed, 18 Mar 2020 13:24:21 GMT status 302 location https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225473f4be5399f4d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222f7740640ca6db%22%2C%22pid%22%3A%2222205625%22%2C%22tid%22%3A%22b9c72306-ba48-4336-a2c2-e0da87270610%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%223c45050f0bce68%22%2C%22pid%22%3A%2222205626%22%2C%22tid%22%3A%228f864b25-b6b4-4651-b787-add70df47774%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22412500442e896a%22%2C%22pid%22%3A%2222205634%22%2C%22tid%22%3A%22b81dad04-0f55-4db8-8594-9dc0bd0fa761%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22598386a9c70aa5%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22369c02b0-68bb-4047-a4ec-3c68cdae813c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22668178bc4ff401%22%2C%22pid%22%3A%2222205632%22%2C%22tid%22%3A%2222a31e96-61ab-4f24-9a69-69e57feb8788%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-type text/plain content-length 0
GET H2	302	hb Show response ice.360yield.com/ul_cb/ Redirect Chain https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225501f111d842afc%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%... https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225501f111d842afc%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsr...	0 -1 B	355ms 25ms	XHR text/plain	52.57.163.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225501f111d842afc%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227df7e885ea2221%22%2C%22pid%22%3A%2222205631%22%2C%22tid%22%3A%222e130136-b2eb-423c-a1ef-a6c7b24e3b78%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2289a01be5ad1cc8%22%2C%22pid%22%3A%2222205630%22%2C%22tid%22%3A%227fc84901-6aea-4122-9ac7-f644ddd006d3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%229e55af3404bcfb%22%2C%22pid%22%3A%2222205629%22%2C%22tid%22%3A%225eabdb58-eec0-4d22-a513-5f0d93213b39%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22100dbc8ee5cff8d%22%2C%22pid%22%3A%2222205628%22%2C%22tid%22%3A%22758fffb7-6a16-429a-bd39-77c8e91d43a7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22118af6f6c421fe2%22%2C%22pid%22%3A%2222205627%22%2C%22tid%22%3A%22d55f1bf5-33b5-4135-b219-823fe9e92718%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-163-110.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:21 GMT access-control-allow-origin https://adsrt.org location https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225501f111d842afc%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227df7e885ea2221%22%2C%22pid%22%3A%2222205631%22%2C%22tid%22%3A%222e130136-b2eb-423c-a1ef-a6c7b24e3b78%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2289a01be5ad1cc8%22%2C%22pid%22%3A%2222205630%22%2C%22tid%22%3A%227fc84901-6aea-4122-9ac7-f644ddd006d3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%229e55af3404bcfb%22%2C%22pid%22%3A%2222205629%22%2C%22tid%22%3A%225eabdb58-eec0-4d22-a513-5f0d93213b39%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22100dbc8ee5cff8d%22%2C%22pid%22%3A%2222205628%22%2C%22tid%22%3A%22758fffb7-6a16-429a-bd39-77c8e91d43a7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22118af6f6c421fe2%22%2C%22pid%22%3A%2222205627%22%2C%22tid%22%3A%22d55f1bf5-33b5-4135-b219-823fe9e92718%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" status 302 access-control-allow-credentials true content-type text/plain content-length 0 Redirect headers date Wed, 18 Mar 2020 13:24:21 GMT status 302 location https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225501f111d842afc%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227df7e885ea2221%22%2C%22pid%22%3A%2222205631%22%2C%22tid%22%3A%222e130136-b2eb-423c-a1ef-a6c7b24e3b78%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2289a01be5ad1cc8%22%2C%22pid%22%3A%2222205630%22%2C%22tid%22%3A%227fc84901-6aea-4122-9ac7-f644ddd006d3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%229e55af3404bcfb%22%2C%22pid%22%3A%2222205629%22%2C%22tid%22%3A%225eabdb58-eec0-4d22-a513-5f0d93213b39%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22100dbc8ee5cff8d%22%2C%22pid%22%3A%2222205628%22%2C%22tid%22%3A%22758fffb7-6a16-429a-bd39-77c8e91d43a7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22118af6f6c421fe2%22%2C%22pid%22%3A%2222205627%22%2C%22tid%22%3A%22d55f1bf5-33b5-4135-b219-823fe9e92718%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-type text/plain content-length 0
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	75 B 270 B	64ms 24ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=11&formatid=video&size=desktop&country=undefined Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:21 GMT server nginx x-powered-by PHP/5.4.45 status 200 x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 75 expires Thu, 19 Mar 2020 13:24:21 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	624 B 659 B	113ms 73ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=1&formatid=26322&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash c3c530b9481cc827af01f802aa3945a174f38e1d9b557b4b0e77e76176842b06 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:21 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 428 expires Thu, 19 Mar 2020 13:24:21 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	626 B 654 B	65ms 25ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=2&formatid=26300&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 98d4f89d585f764107590b17475cf4924ae326babd0bf3d0646b18ed54874375 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:21 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes expires Thu, 19 Mar 2020 13:24:21 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	628 B 662 B	66ms 26ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=3&formatid=26323&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash e5a2c3acff75cf9732ebcf5b38af34ba113d7bc57bcb384c60058af47e6d6b6e Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:21 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 431 expires Thu, 19 Mar 2020 13:24:21 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	627 B 663 B	65ms 26ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=4&formatid=26324&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 58e0f41547dbe105c6db8250f3c3137648a24b66f9387e688b8e5bff4dff61a2 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:21 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 432 expires Thu, 19 Mar 2020 13:24:21 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	633 B 670 B	63ms 25ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=20&formatid=26706&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 4cbcadb1bb58bb4ef5090e5bb893d7cae2c8232e1e8407df90000bb0353a55cc Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:21 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 439 expires Thu, 19 Mar 2020 13:24:21 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	627 B 660 B	65ms 27ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=19&formatid=26711&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 3bb5c9c00a8e4f99df3a5e04291ea2af0cd53b7351b1173f22be869a16391e3d Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:21 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 429 expires Thu, 19 Mar 2020 13:24:21 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	631 B 666 B	112ms 73ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=28&formatid=30012&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash f88ef77833a7da81a70bd82ba2c1111676d7a9097a526ea0ef5fb5f3bcf59d1e Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:21 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 435 expires Thu, 19 Mar 2020 13:24:21 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	628 B 662 B	64ms 25ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=31&formatid=39287&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash c63cc7eb735544b8b1cfc52a54d174bd33b2aeb6aa8883ee4c08b8179e81b92d Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:21 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 431 expires Thu, 19 Mar 2020 13:24:21 GMT
GET H2	200	ROS Show response ads.us.e-planning.net/hb/1/2a156/1/adsrt.org/	2 B 153 B	358ms 16ms	XHR text/plain	5.178.65.248 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://ads.us.e-planning.net/hb/1/2a156/1/adsrt.org/ROS?rnd=0.7985625357824431&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26300%3A300x250%2B26711%3A300x250%2B26328%3A1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2C300x250%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B26323%3A300x600%2C300x250%2B26324%3A120x600%2B26706%3A160x600%2B39287%3A970x250%2C1000x30%2C1000x90%2C800x250%2C950x250%2C900x250%2C970x90&ur=https%253A%252F%252Fadsrt.org%252FzPMIAYdY&r=pbjs&pbv=2.44.5&ncb=1&vs=FFFFFFFFFF&crs=UTF-8&fr=https%253A%252F%252Fadsrt.org%252FzPMIAYdY& Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.65.248 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:21 GMT server openresty status 200 content-type text/plain access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-length 2 x-sid AMS-604
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 455 B	29ms 29ms	XHR application/json	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.9.252 , Germany, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=2592000 content-encoding gzip status 200 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://adsrt.org cache-control no-cache, no-transform access-control-allow-credentials true content-type application/json access-control-allow-headers Content-Type, Origin, Referer, User-Agent, x-ak-clientip
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 705 B	1103ms 27ms	XHR application/json	37.252.172.38 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 18 Mar 2020 13:24:24 GMT X-Proxy-Origin 85.159.237.65; 85.159.237.65; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.253:80 AN-X-Request-Uuid d419dffa-ed0e-44ea-aba8-fe7391bae0dd Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://adsrt.org Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	hb Show response ice.360yield.com/ul_cb/	13 KB 5 KB	76ms 76ms	XHR application/json	52.57.163.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225473f4be5399f4d%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222f7740640ca6db%22%2C%22pid%22%3A%2222205625%22%2C%22tid%22%3A%22b9c72306-ba48-4336-a2c2-e0da87270610%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%223c45050f0bce68%22%2C%22pid%22%3A%2222205626%22%2C%22tid%22%3A%228f864b25-b6b4-4651-b787-add70df47774%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22412500442e896a%22%2C%22pid%22%3A%2222205634%22%2C%22tid%22%3A%22b81dad04-0f55-4db8-8594-9dc0bd0fa761%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22598386a9c70aa5%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%22369c02b0-68bb-4047-a4ec-3c68cdae813c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22668178bc4ff401%22%2C%22pid%22%3A%2222205632%22%2C%22tid%22%3A%2222a31e96-61ab-4f24-9a69-69e57feb8788%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-163-110.eu-central-1.compute.amazonaws.com Software / Resource Hash f09f2f62c4619114806babba0f8a59ec2f1b4089cfb6bbdff811ee1127095668 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:21 GMT content-encoding gzip status 200 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-type application/json; charset=UTF-8 content-length 4898
GET H2	200	hb Show response ice.360yield.com/ul_cb/	13 KB 5 KB	51ms 51ms	XHR application/json	52.57.163.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225501f111d842afc%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227df7e885ea2221%22%2C%22pid%22%3A%2222205631%22%2C%22tid%22%3A%222e130136-b2eb-423c-a1ef-a6c7b24e3b78%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2289a01be5ad1cc8%22%2C%22pid%22%3A%2222205630%22%2C%22tid%22%3A%227fc84901-6aea-4122-9ac7-f644ddd006d3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%229e55af3404bcfb%22%2C%22pid%22%3A%2222205629%22%2C%22tid%22%3A%225eabdb58-eec0-4d22-a513-5f0d93213b39%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22100dbc8ee5cff8d%22%2C%22pid%22%3A%2222205628%22%2C%22tid%22%3A%22758fffb7-6a16-429a-bd39-77c8e91d43a7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22118af6f6c421fe2%22%2C%22pid%22%3A%2222205627%22%2C%22tid%22%3A%22d55f1bf5-33b5-4135-b219-823fe9e92718%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-163-110.eu-central-1.compute.amazonaws.com Software / Resource Hash c7d88a4547f4f838c816f1abafa7afee72d68a14dc35aaf41e6731339e3b41c6 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:21 GMT content-encoding gzip status 200 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-type application/json; charset=UTF-8 content-length 4907
GET H/1.1	200 OK	ac Show response ww1097.smartadserver.com/	22 B 2 KB	110ms 34ms	Script application/javascript	185.86.137.42 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://ww1097.smartadserver.com/ac?nwid=1097&siteid=285309&pgid=1045667&fmtid=26300&async=1&visit=m&tmstp=3596360596&tag=sas_26300&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 6b1550886dbef8a8de2316a437ed2d6b218dbc0aa8c419ae1022626dd5339dde Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Pragma no-cache Date Wed, 18 Mar 2020 13:24:21 GMT Content-Encoding gzip Vary Accept-Encoding X-SMRT-D 3%3b1%3b108 P3P CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Cache-Control no-cache, no-store Content-Type application/javascript; charset=utf-8 Content-Length 140 Expires -1
GET H/1.1	200 OK	/ Show response c.tmyzer.com/c/	0 200 B	137ms 66ms	XHR text/html	54.38.64.100 OVH
General Check archive.org Show headers Download Go to Full URL https://c.tmyzer.com/c/?s=26976&f=2&fi=0 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.64.100 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 18 Mar 2020 13:24:22 GMT Server nginx X-IPLB-Instance 20686 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	ac Show response ww1097.smartadserver.com/	22 B 2 KB	184ms 107ms	Script application/javascript	185.86.137.42 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://ww1097.smartadserver.com/ac?nwid=1097&siteid=285309&pgid=1045667&fmtid=26328&async=1&visit=s&tmstp=3596360596&tgt=%3Bhb_adid%3Dundefined%3Bhb_pb%3Dundefined%3Bhb_bidder%3Dundefined%3Bhb_format%3D26328&tag=sas_26328&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&noadcbk=sas.noad Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash fb028f8534028ebf229451fa3c7d42e2848522b054fe5913f5b0df8ead47129c Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Pragma no-cache Date Wed, 18 Mar 2020 13:24:22 GMT Content-Encoding gzip Vary Accept-Encoding X-SMRT-D 3%3b20%3b57 P3P CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Cache-Control no-cache, no-store Content-Type application/javascript; charset=utf-8 Content-Length 140 Expires -1
GET H/1.1	200 OK	/ Show response c.tmyzer.com/c/	0 200 B	2215ms 2079ms	XHR text/html	54.38.64.100 OVH
General Check archive.org Show headers Download Go to Full URL https://c.tmyzer.com/c/?s=26976&f=6&fi=0 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.64.100 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 18 Mar 2020 13:24:24 GMT Server nginx X-IPLB-Instance 20686 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	tbframe.js Show response cdn.taboola.com/shared/ Frame EBBD	14 KB 4 KB	74ms 21ms	Script application/x-javascript	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/shared/tbframe.js Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-amz-version-id 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq content-encoding gzip age 3819 x-cache HIT status 200 date Wed, 18 Mar 2020 13:24:22 GMT x-amz-replication-status COMPLETED content-length 3897 x-amz-id-2 74zbE6T48GkUHa9db8GRKwBsGK+Uxqz6v4uA0TCeyETdpvdGYuxBbmPdVExkfZpqS4AOweC7/dY= x-served-by cache-fra19166-FRA last-modified Thu, 14 Apr 2016 14:04:36 GMT server AmazonS3 x-timer S1584537863.937744,VS0,VE0 etag "0c6cdb6c2f89bf98124c3679a3412fb6" vary Accept-Encoding x-amz-request-id 594074B13CFB3805 via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/x-javascript abp 5 x-cache-hits 863
GET H2	200	loader.js Show response cdn.taboola.com/libtrc/themonetizer-network/ Frame D0A2	688 KB 173 KB	23ms 23ms	Script application/javascript	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/shared/tbframe.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash e2185e40115a578054568894a8eca9ee1be2849f9d7f328652662f35698244fb Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-amz-version-id htGJXBDEGGyTLNFXKvWBTYH4yXUd4cpE content-encoding gzip age 8803 x-cache HIT status 200 date Wed, 18 Mar 2020 13:24:22 GMT content-length 177078 x-amz-id-2 DnZqJE57oDI5T+5tX6jIFYrJN0ytlfFT1qLVc7CYKLE0/reWUYJpdpaoOFsy9X+LUFxVfDbHV/M= x-served-by cache-fra19166-FRA last-modified Wed, 18 Mar 2020 10:57:40 GMT server AmazonS3 x-timer S1584537863.984030,VS0,VE0 etag "4109b4c6e3b812804744dd16714f6eb8" vary Accept-Encoding x-amz-request-id 71DE0DDF5287A81C via 1.1 varnish cache-control private,max-age=14401 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 73 x-cache-hits 1033
GET H2	200	impl.20200315-35-RELEASE.js Show response cdn.taboola.com/libtrc/ Frame D0A2	445 KB 126 KB	21ms 21ms	Script application/javascript	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20200315-35-RELEASE.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 180d0b4abb228f7a8a1c979259041539d5af9db809a6fc02338feb2ceee96634 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-amz-version-id ec0Hn9tNpNjUQkSU0dihT0e7pvNZjqym content-encoding gzip age 50 x-cache HIT status 200 date Wed, 18 Mar 2020 13:24:23 GMT x-amz-replication-status COMPLETED content-length 128752 x-amz-id-2 dxjCKDbN54XPm8gErpYY3ulGI0bBxKBeYVDYjrjfGQJi4FRsx1la7GYmlfc9cDhkAvJNnbNNkco= x-served-by cache-fra19166-FRA last-modified Mon, 16 Mar 2020 07:48:07 GMT server AmazonS3 x-timer S1584537863.067910,VS0,VE0 etag "7b9030df4626f0e70fc7db5ace750ce4" vary Accept-Encoding x-amz-request-id CA15C50E98E583AA via 1.1 varnish cache-control private,max-age=31536000 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 5 x-cache-hits 517
GET H/1.1	200 OK	beacon.js Show response sb.scorecardresearch.com/ Frame D0A2	1 KB 1 KB	66ms 24ms	Script application/x-javascript	23.5.97.37 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-5-97-37.deploy.static.akamaitechnologies.com Software / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Wed, 18 Mar 2020 13:24:23 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=86400 Connection keep-alive Content-Length 884 Expires Thu, 19 Mar 2020 13:24:23 GMT
GET H2	200	json Show response trc.taboola.com/unknown-site-on-themonetizer-network/trc/3/ Frame D0A2	31 B 385 B	120ms 80ms	Script text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/unknown-site-on-themonetizer-network/trc/3/json?tim=14%3A24%3A23.273&lti=deflated&data=%7B%22id%22%3A787%2C%22ii%22%3A%22%2Fzpmiaydy%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1584537863271%2C%22cv%22%3A%2220200315-35-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22285309-PAVE%20HAUT%22%2C%22orig_uip%22%3A%22285309-PAVE%20HAUT%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20200315-35-RELEASE.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-vcl-time-ms 61 date Wed, 18 Mar 2020 13:24:23 GMT content-encoding gzip x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" status 200 via 1.1 varnish x-served-by cache-hhn4031-HHN server nginx x-timer S1584537863.320390,VS0,VE61 vary Accept-Encoding content-type text/plain;charset=utf-8 access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H/1.1	204 No Content	b2 sb.scorecardresearch.com/ Frame D0A2 Redirect Chain https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1584537863283&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&c9= https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584537863283&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&c9=	0 248 B	22ms 22ms	Image text/plain	23.5.97.37 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584537863283&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&c9= Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-5-97-37.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Wed, 18 Mar 2020 13:24:23 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584537863283&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&c9= Pragma no-cache Date Wed, 18 Mar 2020 13:24:23 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	204	debug trc.taboola.com/unknown-site-on-themonetizer-network/log/2/ Frame D0A2	0 56 B	19ms 19ms	Image text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/unknown-site-on-themonetizer-network/log/2/debug?tim=14%3A24%3A23.395&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&id=3227&cv=20200315-35-RELEASE&lt=deflated Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers x-vcl-time-ms 0 date Wed, 18 Mar 2020 13:24:23 GMT via 1.1 varnish server Varnish x-timer S1584537863.403565,VS0,VE0 x-cache HIT content-type status 204 cache-control no-store access-control-allow-credentials true x-cache-hits 0 accept-ranges bytes x-sy true retry-after 0 x-served-by cache-hhn4031-HHN
GET H2	204	debug trc.taboola.com/unknown-site-on-themonetizer-network/log/2/ Frame D0A2	0 89 B	19ms 19ms	Image text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/unknown-site-on-themonetizer-network/log/2/debug?tim=14%3A24%3A23.396&type=error&msg=loadRBox%20failed%2C%20aborting.&id=3629&cv=20200315-35-RELEASE&lt=deflated Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers x-vcl-time-ms 0 date Wed, 18 Mar 2020 13:24:23 GMT via 1.1 varnish server Varnish x-timer S1584537863.403636,VS0,VE0 x-cache HIT content-type status 204 cache-control no-store access-control-allow-credentials true x-cache-hits 0 accept-ranges bytes x-sy true retry-after 0 x-served-by cache-hhn4031-HHN
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	7 KB 6 KB	31ms 19ms	XHR application/json	2a00:1450:4001:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020030501&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 82f502f4022cad14acd6d79df56c8232b8cdd1fd7cacb7a94b856b27d6b93b9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Wed, 18 Mar 2020 13:24:24 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 5275 x-xss-protection 0
OPTIONS H/1.1	200 OK	custom Show response sendmepush.com/	0 457 B	42ms 16ms	Fetch text/plain	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/custom Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Access-Control-Request-Method POST Origin https://adsrt.org Referer https://adsrt.org/zPMIAYdY Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Access-Control-Request-Headers content-type Response headers Date Wed, 18 Mar 2020 13:24:24 GMT Server nginx Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://adsrt.org Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Content-Length 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	14 KB 5 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 18 Mar 2020 13:24:24 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1582746470043195" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 5456 x-xss-protection 0 expires Wed, 18 Mar 2020 13:24:24 GMT
POST H/1.1	200 OK	custom Show response sendmepush.com/	39 B 484 B	40ms 14ms	Fetch application/json	194.187.98.193 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://sendmepush.com/custom Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 194.187.98.193 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS 194.187.98.193.webazilla.com Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers X-Trace-Id 05a499fbf75b9e8a52f77c96915f09c6 Date Wed, 18 Mar 2020 13:24:24 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://adsrt.org Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/209/ Frame CD5F	0 0	6ms 6ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/209/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://adsrt.org/zPMIAYdY accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://adsrt.org/zPMIAYdY Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 5727 date Wed, 18 Mar 2020 12:37:34 GMT expires Thu, 18 Mar 2021 12:37:34 GMT last-modified Tue, 25 Feb 2020 17:32:01 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 2810 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 236 B	14ms 14ms	Image image/gif	2a00:1450:4001:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020030501&jk=3477863130476444&bg=!6eql6vJYOGNKvEsc5VYCAAAAMlIAAAAKmQFVfSrKimW6BZ_IMfu3jjtGbswVS9MVoFXZZ0g7wQS2P1mjJWYRr5fmK_Uz8VPou4EY8qpwvA_0mlcK7imRy8WvpJHGvMINdD3k_eYf8ICqxJkQcjLGs8BCJu9Y9HDI_f6ugGxhPxEqv3hHi6ySrSoAE8ohdfw1m2oiBBoPti4iPKetJsocqW7edYcL8heyenCqmsp6lfhlJLjkvKXstynKOiYOTpqUOBZTlSBUGBvlF20k3XRqHbhKWYVrigyRtDlHkl1mugkIr74yO6z4viFYANULdsK3-aklhdtnDqhryB-gyxpkfVUzoF-5FnRyCqlLkf498C0OvbEiFZ0P_0ykpUaphtHC5vGkH8QnqmvWX7hUHAhbANFy3keHGqEVNCVKRXYfm2TAvVxiEFVMFsqbDMW5K5AAXiw6hoaHGWJQ5PpiDWumuFRZr7k20i65O8hF4GP90Kk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Wed, 18 Mar 2020 13:24:24 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200	12.json Show response id5-sync.com/g/v1/	131 B 438 B	288ms 288ms	XHR text/json	5.39.66.192 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v1/12.json?1puid=&gdpr=0&gdpr_consent= Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.39.66.192 , France, ASN16276 (OVH, FR), Reverse DNS s05.id5-sync.com Software / Resource Hash 24d211c862a57a84ad341cc6eba966401cfbb7b4d099c551d74cce64997b6f12 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://adsrt.org Date Wed, 18 Mar 2020 13:24:24 GMT Access-Control-Allow-Credentials true Vary Origin Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload Content-Type text/json;charset=utf-8
GET H2	200	/ onetag-sys.com/usync/ Frame 1BC6	0 0	24ms 21ms	Document text/html	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1584537861582 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.9.252 , Germany, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1584537861582 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://adsrt.org/zPMIAYdY accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://adsrt.org/zPMIAYdY Response headers status 200 content-type text/html cache-control no-transform, no-cache content-encoding gzip strict-transport-security max-age=2592000
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame 4785	0 0	66ms 23ms	Document text/html	23.210.249.83 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-83.deploy.static.akamaitechnologies.com Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer https://adsrt.org/zPMIAYdY Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://adsrt.org/zPMIAYdY Response headers Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag W/"573e714d-3e3" Server nginx/1.9.13 Content-Type text/html Vary Accept-Encoding Access-Control-Allow-Origin * Content-Encoding gzip Content-Length 506 Cache-Control max-age=31536000 Expires Thu, 18 Mar 2021 13:24:25 GMT Date Wed, 18 Mar 2020 13:24:25 GMT Connection keep-alive
GET H2	200	match match.360yield.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fsj3FB9eQNaTaD-LosX-ig&google_cm&publisher_dsp_id=340 https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fsj3FB9eQNaTaD-LosX-ig&google_cm=&publisher_dsp_id=340&google_tc= https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEDMsNCxiyVDOMRCyBGXG55E&google_cver=1	43 B 497 B	70ms 24ms	Image image/gif	52.57.77.12 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEDMsNCxiyVDOMRCyBGXG55E&google_cver=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.77.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-77-12.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 18 Mar 2020 13:24:25 GMT access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 43 content-type image/gif Redirect headers pragma no-cache date Wed, 18 Mar 2020 13:24:25 GMT server HTTP server (unknown) location https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEDMsNCxiyVDOMRCyBGXG55E&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	match ice.360yield.com/ul_cb/ Redirect Chain https://id5-sync.com/match?publisher_user_id=bc0ea9c9-0911-49e0-82d5-fc5fe46151c8&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&publisher_red... https://id5-sync.com/c/124/124/1/1.gif?puid=bc0ea9c9-0911-49e0-82d5-fc5fe46151c8&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOwcCHQCLAAAENDB-AAAAujAAA https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOwcCHQCLAAAENDB-AAAAujAAA https://id5-sync.com/c/124/101/0/2.gif?puid=8add7005-e037-4480-a49e-9be037b1884c&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOrlR6w3rWitlBNc203ijRWqw32h-KhF5XAprNTg&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOrlR6w3rWitlBNc203ijRWqw32h-KhF5XAprNTg&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA	43 B 453 B	26ms 26ms	Image image/gif	52.57.163.110 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOrlR6w3rWitlBNc203ijRWqw32h-KhF5XAprNTg&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-163-110.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 18 Mar 2020 13:24:26 GMT access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 43 content-type image/gif Redirect headers status 302 date Wed, 18 Mar 2020 13:24:26 GMT p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 0 location https://ice.360yield.com:443/ul_cb/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOrlR6w3rWitlBNc203ijRWqw32h-KhF5XAprNTg&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA content-type text/plain
GET H2	200	match ice.360yield.com/ Redirect Chain https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=bc0ea9c9-0911-49e0-82d5-fc5fe46151c8&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAA... https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=bc0ea9c9-0911-49e0-82d5-fc5fe46151c8&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwcCHQ... https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1585747465&external_user_id=1166419448705003399	43 B 424 B	26ms 25ms	Image image/gif	52.57.163.110 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1585747465&external_user_id=1166419448705003399 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-163-110.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 18 Mar 2020 13:24:25 GMT access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 43 content-type image/gif Redirect headers pragma no-cache date Wed, 18 Mar 2020 13:24:25 GMT server nginx access-control-allow-origin * location https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1585747465&external_user_id=1166419448705003399 status 302 cache-control no-cache, no-store, must-revalidate, no-transform strict-transport-security max-age=31536000; includeSubDomains content-length 0 expires -1
GET H2	200	match ad.360yield.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&google_tc= https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&external_user_id=CAESED648Rr8QlrSUHoKG-lgN_Y&google_cver=1	43 B 434 B	36ms 33ms	Image image/gif	52.57.163.110 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&external_user_id=CAESED648Rr8QlrSUHoKG-lgN_Y&google_cver=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-163-110.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 18 Mar 2020 13:24:25 GMT access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 43 content-type image/gif Redirect headers pragma no-cache date Wed, 18 Mar 2020 13:24:25 GMT server HTTP server (unknown) location https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&external_user_id=CAESED648Rr8QlrSUHoKG-lgN_Y&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 374 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	match ice.360yield.com/ Redirect Chain https://id5-sync.com/match?publisher_user_id=7ec8f714-1f5e-40d6-9368-3f8ba2c5fe8a&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA&publisher_red... https://id5-sync.com/c/124/124/1/1.gif?puid=7ec8f714-1f5e-40d6-9368-3f8ba2c5fe8a&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOwcCHQCLAAAENDB-AAAAujAAA https://id5-sync.com/c/124/101/0/2.gif?puid=8add7005-e037-4480-a49e-9be037b1884c&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOs6VUzz94gCRT_Gb7muXlKiu957VrZcRFUFqA_g&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA	43 B 452 B	25ms 25ms	Image image/gif	52.57.163.110 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOs6VUzz94gCRT_Gb7muXlKiu957VrZcRFUFqA_g&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-163-110.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 18 Mar 2020 13:24:26 GMT access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 43 content-type image/gif Redirect headers Location https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOs6VUzz94gCRT_Gb7muXlKiu957VrZcRFUFqA_g&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA Date Wed, 18 Mar 2020 13:24:25 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; preload Transfer-Encoding chunked P3P CP="CAO PSA OUR"
GET H2	200	match ice.360yield.com/ul_cb/ Redirect Chain https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOwcCHQCLAAAENDB-AAAAujAAA https://ice.360yield.com/match?external_user_id=6327413992027789450&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA https://ice.360yield.com/ul_cb/match?external_user_id=6327413992027789450&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA	43 B 424 B	28ms 27ms	Image image/gif	52.57.163.110 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ice.360yield.com/ul_cb/match?external_user_id=6327413992027789450&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-163-110.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 18 Mar 2020 13:24:25 GMT access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 43 content-type image/gif Redirect headers status 302 date Wed, 18 Mar 2020 13:24:25 GMT p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 0 location https://ice.360yield.com:443/ul_cb/match?external_user_id=6327413992027789450&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAAENDB-AAAAujAAA content-type text/plain
GET H2	200	match match.360yield.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vA6pyQkRSeCC1fxf5GFRyA&google_cm&publisher_dsp_id=340 https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vA6pyQkRSeCC1fxf5GFRyA&google_cm=&publisher_dsp_id=340&google_tc= https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEMHZ6vHLj81uSrgPltYRank&google_cver=1	43 B 497 B	68ms 23ms	Image image/gif	52.57.77.12 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEMHZ6vHLj81uSrgPltYRank&google_cver=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.77.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-77-12.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 18 Mar 2020 13:24:25 GMT access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 43 content-type image/gif Redirect headers pragma no-cache date Wed, 18 Mar 2020 13:24:25 GMT server HTTP server (unknown) location https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEMHZ6vHLj81uSrgPltYRank&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	match ice.360yield.com/ Redirect Chain https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=7ec8f714-1f5e-40d6-9368-3f8ba2c5fe8a&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwcCHQCLAAA... https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=7ec8f714-1f5e-40d6-9368-3f8ba2c5fe8a&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwcCHQ... https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1585747465&external_user_id=1166419448705003399	43 B 424 B	34ms 34ms	Image image/gif	52.57.163.110 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1585747465&external_user_id=1166419448705003399 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-163-110.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 18 Mar 2020 13:24:25 GMT access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 43 content-type image/gif Redirect headers pragma no-cache date Wed, 18 Mar 2020 13:24:25 GMT server nginx access-control-allow-origin * location https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1585747465&external_user_id=1166419448705003399 status 302 cache-control no-cache, no-store, must-revalidate, no-transform strict-transport-security max-age=31536000; includeSubDomains content-length 0 expires -1
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 704 B	26ms 26ms	XHR application/json	37.252.172.38 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 18 Mar 2020 13:24:31 GMT X-Proxy-Origin 85.159.237.65; 85.159.237.65; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.39:80 AN-X-Request-Uuid b8e9f63c-7453-44e6-842c-87e906f17979 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://adsrt.org Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	302	hb Show response ice.360yield.com/ul_cb/ Redirect Chain https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2278ceb9754e86b8b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%... https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2278ceb9754e86b8b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsr...	0 -1 B	23ms 22ms	XHR text/plain	52.57.163.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2278ceb9754e86b8b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2271496808aa38db1%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%2205908f71-a531-4acc-915f-d1f270ad6840%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-163-110.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 18 Mar 2020 13:24:29 GMT access-control-allow-origin https://adsrt.org location https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2278ceb9754e86b8b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2271496808aa38db1%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%2205908f71-a531-4acc-915f-d1f270ad6840%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" status 302 access-control-allow-credentials true content-type text/plain content-length 0 Redirect headers date Wed, 18 Mar 2020 13:24:29 GMT status 302 location https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2278ceb9754e86b8b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2271496808aa38db1%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%2205908f71-a531-4acc-915f-d1f270ad6840%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-type text/plain content-length 0
GET H2	200	ROS Show response ads.us.e-planning.net/hb/1/2a156/1/adsrt.org/	2 B 152 B	14ms 14ms	XHR text/plain	5.178.65.248 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://ads.us.e-planning.net/hb/1/2a156/1/adsrt.org/ROS?rnd=0.7985625357824431&e=26300%3A300x250&ur=https%253A%252F%252Fadsrt.org%252FzPMIAYdY&r=pbjs&pbv=2.44.5&ncb=1&vs=F&crs=UTF-8&fr=https%253A%252F%252Fadsrt.org%252FzPMIAYdY& Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 5.178.65.248 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:29 GMT server openresty status 200 content-type text/plain access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-length 2 x-sid AMS-604
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 455 B	24ms 24ms	XHR application/json	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.9.252 , Germany, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=2592000 content-encoding gzip status 200 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://adsrt.org cache-control no-cache, no-transform access-control-allow-credentials true content-type application/json access-control-allow-headers Content-Type, Origin, Referer, User-Agent, x-ak-clientip
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	626 B 659 B	13ms 13ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=26976&adid=2&formatid=26300&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 98d4f89d585f764107590b17475cf4924ae326babd0bf3d0646b18ed54874375 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:29 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 428 expires Thu, 19 Mar 2020 13:24:21 GMT
GET H2	200	hb Show response ice.360yield.com/ul_cb/	3 KB 2 KB	31ms 31ms	XHR application/json	52.57.163.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2278ceb9754e86b8b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2226976%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2271496808aa38db1%22%2C%22pid%22%3A%2222205633%22%2C%22tid%22%3A%2205908f71-a531-4acc-915f-d1f270ad6840%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-163-110.eu-central-1.compute.amazonaws.com Software / Resource Hash e4a5f983b10848c6eaf9acdeb47655a1c1da2aff8109f7556b5eecf4d8df6786 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Wed, 18 Mar 2020 13:24:29 GMT content-encoding gzip status 200 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://adsrt.org access-control-allow-credentials true content-type application/json; charset=UTF-8 content-length 1776
GET H/1.1	200 OK	ac Show response ww1097.smartadserver.com/	22 B 2 KB	39ms 38ms	Script application/javascript	185.86.137.42 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://ww1097.smartadserver.com/ac?nwid=1097&siteid=285309&pgid=1045667&fmtid=26300&async=1&visit=s&tmstp=3596360596&tag=sas_26300&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 6b1550886dbef8a8de2316a437ed2d6b218dbc0aa8c419ae1022626dd5339dde Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Pragma no-cache Date Wed, 18 Mar 2020 13:24:28 GMT Content-Encoding gzip Vary Accept-Encoding X-SMRT-D 3%3b23%3b69 P3P CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Cache-Control no-cache, no-store Content-Type application/javascript; charset=utf-8 Content-Length 140 Expires -1
GET H/1.1	200 OK	/ Show response c.tmyzer.com/c/	0 200 B	100ms 100ms	XHR text/html	54.38.64.100 OVH
General Check archive.org Show headers Download Go to Full URL https://c.tmyzer.com/c/?s=26976&f=2&fi=1 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=26976&formatId=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.64.100 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/zPMIAYdY Origin https://adsrt.org Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 18 Mar 2020 13:24:29 GMT Server nginx X-IPLB-Instance 20686 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	tbframe.js Show response cdn.taboola.com/shared/ Frame 8639	14 KB 4 KB	23ms 23ms	Script application/x-javascript	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/shared/tbframe.js Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-amz-version-id 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq content-encoding gzip age 3826 x-cache HIT status 200 date Wed, 18 Mar 2020 13:24:29 GMT x-amz-replication-status COMPLETED content-length 3897 x-amz-id-2 74zbE6T48GkUHa9db8GRKwBsGK+Uxqz6v4uA0TCeyETdpvdGYuxBbmPdVExkfZpqS4AOweC7/dY= x-served-by cache-fra19166-FRA last-modified Thu, 14 Apr 2016 14:04:36 GMT server AmazonS3 x-timer S1584537870.631131,VS0,VE0 etag "0c6cdb6c2f89bf98124c3679a3412fb6" vary Accept-Encoding x-amz-request-id 594074B13CFB3805 via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/x-javascript abp 5 x-cache-hits 865
GET H2	200	loader.js Show response cdn.taboola.com/libtrc/themonetizer-network/ Frame 3283	688 KB 173 KB	21ms 21ms	Script application/javascript	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/shared/tbframe.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash e2185e40115a578054568894a8eca9ee1be2849f9d7f328652662f35698244fb Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-amz-version-id htGJXBDEGGyTLNFXKvWBTYH4yXUd4cpE content-encoding gzip age 8809 x-cache HIT status 200 date Wed, 18 Mar 2020 13:24:29 GMT content-length 177078 x-amz-id-2 DnZqJE57oDI5T+5tX6jIFYrJN0ytlfFT1qLVc7CYKLE0/reWUYJpdpaoOFsy9X+LUFxVfDbHV/M= x-served-by cache-fra19166-FRA last-modified Wed, 18 Mar 2020 10:57:40 GMT server AmazonS3 x-timer S1584537870.677542,VS0,VE0 etag "4109b4c6e3b812804744dd16714f6eb8" vary Accept-Encoding x-amz-request-id 71DE0DDF5287A81C via 1.1 varnish cache-control private,max-age=14401 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 73 x-cache-hits 1035
GET H2	200	impl.20200315-35-RELEASE.js Show response cdn.taboola.com/libtrc/ Frame 3283	445 KB 126 KB	21ms 21ms	Script application/javascript	151.101.14.2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20200315-35-RELEASE.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 180d0b4abb228f7a8a1c979259041539d5af9db809a6fc02338feb2ceee96634 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-amz-version-id ec0Hn9tNpNjUQkSU0dihT0e7pvNZjqym content-encoding gzip age 57 x-cache HIT status 200 date Wed, 18 Mar 2020 13:24:29 GMT x-amz-replication-status COMPLETED content-length 128752 x-amz-id-2 dxjCKDbN54XPm8gErpYY3ulGI0bBxKBeYVDYjrjfGQJi4FRsx1la7GYmlfc9cDhkAvJNnbNNkco= x-served-by cache-fra19166-FRA last-modified Mon, 16 Mar 2020 07:48:07 GMT server AmazonS3 x-timer S1584537870.718544,VS0,VE0 etag "7b9030df4626f0e70fc7db5ace750ce4" vary Accept-Encoding x-amz-request-id CA15C50E98E583AA via 1.1 varnish cache-control private,max-age=31536000 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 5 x-cache-hits 596
GET H/1.1	200 OK	beacon.js Show response sb.scorecardresearch.com/ Frame 3283	1 KB 1 KB	21ms 21ms	Script application/x-javascript	23.5.97.37 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-5-97-37.deploy.static.akamaitechnologies.com Software / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Wed, 18 Mar 2020 13:24:29 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=86400 Connection keep-alive Content-Length 884 Expires Thu, 19 Mar 2020 13:24:29 GMT
GET H/1.1	204 No Content	b2 sb.scorecardresearch.com/ Frame 3283 Redirect Chain https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1584537869733&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&c9= https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584537869733&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&c9=	0 248 B	21ms 21ms	Image text/plain	23.5.97.37 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584537869733&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&c9= Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-5-97-37.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Wed, 18 Mar 2020 13:24:29 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584537869733&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fadsrt.org%2FzPMIAYdY&c9= Pragma no-cache Date Wed, 18 Mar 2020 13:24:29 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	json Show response trc.taboola.com/unknown-site-on-themonetizer-network/trc/3/ Frame 3283	31 B 135 B	39ms 39ms	Script text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/unknown-site-on-themonetizer-network/trc/3/json?tim=14%3A24%3A29.929&lti=deflated&data=%7B%22id%22%3A861%2C%22ii%22%3A%22%2Fzpmiaydy%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1584537863271%2C%22cv%22%3A%2220200315-35-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fadsrt.org%2FzPMIAYdY%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22285309-PAVE%20HAUT%22%2C%22orig_uip%22%3A%22285309-PAVE%20HAUT%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20200315-35-RELEASE.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers x-vcl-time-ms 19 date Wed, 18 Mar 2020 13:24:29 GMT content-encoding gzip x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" status 200 via 1.1 varnish x-served-by cache-hhn4031-HHN server nginx x-timer S1584537870.937279,VS0,VE19 vary Accept-Encoding content-type text/plain;charset=utf-8 access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	debug trc.taboola.com/unknown-site-on-themonetizer-network/log/2/ Frame 3283	0 55 B	25ms 23ms	Image text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/unknown-site-on-themonetizer-network/log/2/debug?tim=14%3A24%3A29.983&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&id=2037&cv=20200315-35-RELEASE&lt=deflated Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers x-vcl-time-ms 0 date Wed, 18 Mar 2020 13:24:29 GMT via 1.1 varnish server Varnish x-timer S1584537870.995787,VS0,VE0 x-cache HIT content-type status 204 cache-control no-store access-control-allow-credentials true x-cache-hits 0 accept-ranges bytes x-sy true retry-after 0 x-served-by cache-hhn4031-HHN
GET H2	204	debug trc.taboola.com/unknown-site-on-themonetizer-network/log/2/ Frame 3283	0 56 B	24ms 22ms	Image text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/unknown-site-on-themonetizer-network/log/2/debug?tim=14%3A24%3A29.986&type=error&msg=loadRBox%20failed%2C%20aborting.&id=1206&cv=20200315-35-RELEASE&lt=deflated Requested by Host: adsrt.org URL: https://adsrt.org/zPMIAYdY Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsrt.org/zPMIAYdY User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers x-vcl-time-ms 0 date Wed, 18 Mar 2020 13:24:29 GMT via 1.1 varnish server Varnish x-timer S1584537870.995763,VS0,VE0 x-cache HIT content-type status 204 cache-control no-store access-control-allow-credentials true x-cache-hits 0 accept-ranges bytes x-sy true retry-after 0 x-served-by cache-hhn4031-HHN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

loadus.exelator.com

URL

https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F2%2F8.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D