nasledard.shokodeal.ru Open in urlscan Pro
91.240.202.161 Public Scan

URL: https://boingboing.net/search
Title: SEARCH

URL: https://store.boingboing.net/
Title: STORE

URL: https://boingboing.net/blog
Title: Blog

URL: https://bbs.boingboing.net/
Title: Forums

URL: https://bbs.boingboing.net/faq
Title: rules

URL: https://bit.ly/boingboingdealssupport
Title: (Contact Support)

URL: https://boingboing.net/signup
Title: Newsletter

URL: https://boingboing.net/about
Title: About Us

URL: https://boingboing.net/contact
Title: Contact Us

URL: https://ads.boingboing.net/
Title: Advertise

URL: https://boingboing.net/privacy
Title: Privacy Policy

URL: https://boingboing.net/tos
Title: TOS

URL: https://boingboing.net/features/getthumbs
Title: Thumbnails

URL: https://boingboing.net/2023/12/22/spotifys-chief-mansplainer-does-an-abrupt-about-face-when-told-he-just-called-out-his-cult-leader.html

URL: https://boingboing.net/tag/maga
Title: maga

URL: https://boingboing.net/author/jason
Title: Jason Weisberger

URL: https://boingboing.net/2023/12/23/founder-of-anti-lgbt-group-moms-for-liberty-filmed-her-own-gay-sex-tape.html

URL: https://boingboing.net/tag/gop
Title: gop

URL: https://boingboing.net/author/rob_beschizza
Title: Rob Beschizza

URL: https://boingboing.net/2023/12/22/hyperloop-one-shuts-down.html

URL: https://boingboing.net/tag/elon-musk
Title: elon musk

URL: https://boingboing.net/2023/12/23/save-64-on-this-python-certification-bundle-and-make-your-coding-dreams-come-true.html

URL: https://boingboing.net/author/boingboingstore
Title: Boing Boing's Shop

URL: https://boingboing.net/2023/12/23/like-having-a-magic-wand-this-game-changing-ipad-stylus-pen-is-only-69-99.html

URL: https://boingboing.net/2023/12/23/nikki-haley-has-caught-up-to-trump-in-latest-poll-of-new-hampshire-republicans-29-to-33-within-error-margin.html

URL: https://boingboing.net/tag/donald-trump
Title: donald trump

URL: https://boingboing.net/2023/12/23/guinness-world-records-refuses-to-recognize-youngsters-record-breaking-gymnastic-hang.html

URL: https://boingboing.net/tag/guinness
Title: guinness

URL: https://boingboing.net/2023/12/23/this-travel-savings-subscription-makes-a-great-gift-for-the-holidays-and-its-on-sale-for-79-97.html

URL: https://boingboing.net/2023/12/23/massachussets-police-search-school-for-copy-of-gender-queer-book.html

URL: https://boingboing.net/tag/books
Title: books

URL: https://boingboing.net/2023/12/23/musician-re-creates-classicchristmas-bells-commercial-using-chocolate-kisses-and-a-circuit-board.html

URL: https://boingboing.net/tag/advertising
Title: advertising

URL: https://boingboing.net/author/jennifersandlin
Title: Jennifer Sandlin

URL: https://boingboing.net/2023/12/23/santa-doesnt-want-cookies-he-wants-beignets.html

URL: https://boingboing.net/2023/12/22/save-174-on-a-lifetime-license-to-microsoft-windows-11-pro-and-never-look-back.html

URL: https://boingboing.net/2023/12/22/surgeon-punches-patient-during-operation.html

URL: https://boingboing.net/tag/china
Title: china

URL: https://boingboing.net/2023/12/22/los-angeles-sheriffs-deputy-shoots-and-kills-domestic-violence-victim-who-called-911-and-its-the-second-time-hes-done-it.html

URL: https://boingboing.net/2023/12/22/were-not-goofing-off-here-clowns-sue-clowns-com.html

URL: https://boingboing.net/author/nataliedressed
Title: Natalie Dressed

URL: https://boingboing.net/2023/12/22/us-government-may-demand-we-stop-considering-potatoes-a-vegetable.html

URL: https://boingboing.net/author/david_pescovitz
Title: David Pescovitz

URL: https://boingboing.net/2023/12/22/severed-limbs-with-sneakers-found-at-thai-recycling-plant-in-container-shipped-from-the-us.html

URL: https://boingboing.net/2023/12/22/florida-man-wanted-for-fishing-inside-bass-pro-shop-and-absconding-with-a-live-tarpon.html

URL: https://boingboing.net/2023/12/22/magaville-tries-to-cancel-black-history-month-and-others.html

URL: https://boingboing.net/tag/politics
Title: politics

URL: https://boingboing.net/2023/12/22/customize-the-lighting-in-your-room-in-the-most-luxurious-way-with-this-floor-lamp-now-55.html

URL: https://boingboing.net/2023/12/22/last-chance-to-get-a-high-end-apple-watch-before-theyre-pulled-from-shelves-over-patent-ruling.html

URL: https://boingboing.net/tag/apple
Title: apple

URL: https://boingboing.net/2023/12/22/adorable-cat-suprised-by-printer.html

URL: https://boingboing.net/tag/cats
Title: cats

URL: https://boingboing.net/author/popkin
Title: Popkin

URL: https://boingboing.net/2023/12/22/meet-the-online-community-that-staples-bread-to-trees.html

URL: https://boingboing.net/tag/trees
Title: trees

URL: https://boingboing.net/2023/12/22/a-simple-maze-generator.html

URL: https://boingboing.net/tag/websites
Title: websites

URL: https://boingboing.net/2023/12/22/the-meat-card-will-deliver-your-holiday-greetings-along-with-sexist-stereotypes-via-a-sheet-of-beef-jerky.html

URL: https://boingboing.net/2023/12/22/goats-in-coats-provide-the-perfect-animal-asmr.html

URL: https://boingboing.net/tag/goats-in-coats
Title: goats in coats

URL: https://boingboing.net/2023/12/21/give-the-gift-of-knowledge-with-this-educational-and-language-learning-subscription-for-only-189-99.html

URL: https://boingboing.net/2023/12/21/tsa-cites-man-for-loaded-diaper-that-turns-out-to-be-illegal.html

URL: https://boingboing.net/tag/guns
Title: guns

URL: https://boingboing.net/author/carlasinclair
Title: Carla Sinclair

URL: https://boingboing.net/2023/12/21/harvard-president-under-fire-for-more-alleged-plagiarism.html

URL: https://boingboing.net/tag/plagiarism
Title: plagiarism

URL: https://boingboing.net/author/mark_frauenfelder_1
Title: Mark Frauenfelder

URL: https://boingboing.net/page/2
Title: Next

URL: https://sellwild.com/sell?p=boingboing&utm_source=boingboing&utm_content=widget-header
Title: POST FOR FREE, GET FEATURED HERE

URL: https://sellwild.com/product/104341735/?p=boingboing&utm_source=boingboing
Title: $36,000 Rolex datejust 36mm Blue Oyster dial with Diamonds $36,000

URL: https://sellwild.com/product/104343678/?p=boingboing&utm_source=boingboing
Title: $45 Coach Slip-on Flat Shoes Size 8.5 $45

URL: https://sellwild.com/product/104332127/?p=boingboing&utm_source=boingboing
Title: $325 GoPro Hero 11 Black (5.3K video) $325

URL: https://sellwild.com/product/104341906/?p=boingboing&utm_source=boingboing
Title: $300 Jordan Retro 1 Tribe called quest $300

URL: https://sellwild.com/post?p=boingboing&utm_source=boingboing&utm_content=watermark

URL: https://sellwild.com/post?p=boingboing&utm_source=boingboing&utm_content=watermark-popover
Title: These for sale listings + lightweight ads are from the Sellwild Marketplace. Click to sell your own items for FREE (featured here & on other top sites with millions of daily users).

URL: https://creativecommons.org/licenses/by-nc-sa/3.0/deed.en_US
Title: a Creative Commons license

URL: https://twitter.com/frauenfelder
Title: Mark Frauenfelder

URL: https://twitter.com/pesco
Title: David Pescovitz

URL: https://twitter.com/beschizza
Title: Rob Beschizza

URL: https://twitter.com/carla_sinclair
Title: Carla Sinclair

URL: https://twitter.com/jlw
Title: Jason Weisberger

URL: https://twitter.com/orenwolf
Title: Ken Snider

URL: https://boingboing.net/advertise
Title: Advertise

URL: https://ads.freestar.com/?utm_campaign=branding&utm_medium=${product}&utm_source=${window.freestar.fsdata.domain}&utm_content=${this.placement.name}
Title: Freestar.com

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://sb.scorecardresearch.com/b?c1=2&c2=7518287&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703404876123&ns_c=UTF-8&c7=https%3A%2F%2Fnasledard.shokodeal.ru%2F&c8=Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things%20-%20Boing%20Boing&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=7518287&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703404876123&ns_c=UTF-8&c7=https%3A%2F%2Fnasledard.shokodeal.ru%2F&c8=Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things%20-%20Boing%20Boing&c9=

Request Chain 94

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001703404877-OVQDG63P-6OWX%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&adnxs_id=1067000970582424152&gdpr=0

Request Chain 95

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001703404877-OVQDG63P-6OWX&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001703404877-OVQDG63P-6OWX&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=06520073-fb72-4ed5-983e-803febf0635f&id=AU1D-0100-001703404877-OVQDG63P-6OWX

Request Chain 96

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001703404877-OVQDG63P-6OWX HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001703404877-OVQDG63P-6OWX HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=89650751-3BF3-4D23-9052-3F05C2D55689&id=AU1D-0100-001703404877-OVQDG63P-6OWX

Request Chain 98

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001703404877-OVQDG63P-6OWX&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001703404877-OVQDG63P-6OWX%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001703404877-OVQDG63P-6OWX&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001703404877-OVQDG63P-6OWX%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5242fdf3-107d-47a2-b8fa-e97d01d08b23%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001703404877-OVQDG63P-6OWX%252526tapad_id%25253D5242fdf3-107d-47a2-b8fa-e97d01d08b23%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=06520073-fb72-4ed5-983e-803febf0635f&ttd_puid=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001703404877-OVQDG63P-6OWX%2526tapad_id%253D5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&tapad_id=5242fdf3-107d-47a2-b8fa-e97d01d08b23

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001703404877-OVQDG63P-6OWX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001703404877-OVQDG63P-6OWX&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&google_gid=CAESEKhcpaHdfzA6U9Njvx1vWoI&google_cver=1&google_ula=450542624,0

Request Chain 100

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001703404877-OVQDG63P-6OWX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMzQwNDg3Ny1PVlFERzYzUC02T1dY

Request Chain 101

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001703404877-OVQDG63P-6OWX HTTP 302
https://ids.ad.gt/api/v1/amo_match?turn_id=3721385948713308019&id=AU1D-0100-001703404877-OVQDG63P-6OWX

Request Chain 102

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001703404877-OVQDG63P-6OWX%26auid%3DAU1D-0100-001703404877-OVQDG63P-6OWX HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001703404877-OVQDG63P-6OWX%26auid%3DAU1D-0100-001703404877-OVQDG63P-6OWX HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=9b0c319b-a4d1-4c37-b066-69c9471a2c05&id=AU1D-0100-001703404877-OVQDG63P-6OWX&auid=AU1D-0100-001703404877-OVQDG63P-6OWX

Request Chain 103

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001703404877-OVQDG63P-6OWX HTTP 302
https://ids.ad.gt/api/v1/ppnt_match?uid=Ebtx9v6avFz1&ev=1&pid=562316&id=AU1D-0100-001703404877-OVQDG63P-6OWX

Request Chain 105

https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=freestar-io&upapi=true

Request Chain 115

https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=168345&iiqidtype=2&iiqpcid=651ed139-3f9e-4ee1-aa41-f7675d87c3c7&iiqpciddate=1703404877944&tsrnd=460_1703404877946&vrref=nasledard.shokodeal.ru&jsver=5.4&abtp=95&abtg=A HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=168345&iiqidtype=2&iiqpcid=651ed139-3f9e-4ee1-aa41-f7675d87c3c7&iiqpciddate=1703404877944&tsrnd=460_1703404877946&vrref=nasledard.shokodeal.ru&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=ajT7DykrFe&nc=false&trid=2031240876

Request Chain 173

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQJ7AAZ4-1B-CRAW

Request Chain 242

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26advId%3D98%26advUuid%3D HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=36918c6d-c7ef-4c79-ba2e-e1b310f90c1c HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=36918c6d-c7ef-4c79-ba2e-e1b310f90c1c

Request Chain 247

https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=sekindo&bidswitch_custom_parameter=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd HTTP 302
https://x.bidswitch.net/sync?dsp_id=317&user_id=9c9264f1451658e21d84d7e4ef495bd4&expires=30&ssp=sekindo&bsw_param=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd

Request Chain 248

https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D HTTP 307
https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=9ae2a05d-6f4b-4b88-8d4d-15887f7e5bba&gdpr_consent=null&gdpr=0 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=9ae2a05d-6f4b-4b88-8d4d-15887f7e5bba

Request Chain 249

https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZYflVG8tfarUEZN0xqK2lwAA%261263 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZYflVG8tfarUEZN0xqK2lwAA%261263

Request Chain 250

https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=3049164651886911251109 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=3049164651886911251109

Request Chain 251

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQJ7AB14-J-6834&gdpr=0 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ7AB14-J-6834

Request Chain 252

https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-TtCVVyhE2uJF2AJTF5iIVRRjj5WGZbn1~A HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-TtCVVyhE2uJF2AJTF5iIVRRjj5WGZbn1~A

Request Chain 253

https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=0e429d77bd9a4993aaacbe8ed5a340e3 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=0e429d77bd9a4993aaacbe8ed5a340e3

Request Chain 254

https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=6587e5503e967&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3464064835721631000V10 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3464064835721631000V10

Request Chain 255

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true HTTP 307
https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=H36BjLZHD0I_8YN-TemHg7ic HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H36BjLZHD0I_8YN-TemHg7ic

Request Chain 256

https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent= HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=5242c14bc6ee0b5b49d4dde4a4ab3b8&gdpr_consent=&gdpr=0 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=5242c14bc6ee0b5b49d4dde4a4ab3b8

Request Chain 257

https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=2a2f467e-6502-4a2f-bca6-d172fd2e353a HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=2a2f467e-6502-4a2f-bca6-d172fd2e353a

Request Chain 258

https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=5513585797723259336 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5513585797723259336

Request Chain 260

https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent= HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=465f9c0b-c13d-4108-9e74-edb29105c1bd&gdpr=0 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=465f9c0b-c13d-4108-9e74-edb29105c1bd

Request Chain 261

https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1703404883456 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=6403989308 HTTP 302
https://sync.1rx.io/usersync/turn/3721385948713308019?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005

Request Chain 299

https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba HTTP 302
https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba

Request Chain 305

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 307

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=themediagrid

Request Chain 325

https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1

Request Chain 335

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=89650751-3BF3-4D23-9052-3F05C2D55689&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=89650751-3BF3-4D23-9052-3F05C2D55689&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 336

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIaUhFN0xEOHNBQUJiTi1zYWpoZw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://sync.technoratimedia.com/services?uid=AAHiHE7LD8sAABbN-sajhg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3DCCB24E123ADE44AB92F926491896CFED%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fmatch.prod.bidr.io%252Fcookie-sync%253Fgdpr%253D0%2526bee_sync_partners%253Dsas%25252Cpp%25252Cpm%2526bee_sync_current_partner%253Dsyn%2526bee_sync_initiator%253Dadx%2526bee_sync_hop_count%253D2%26uid%3D HTTP 302
https://sync.technoratimedia.com/services?srv=cs&nuid=CCB24E123ADE44AB92F926491896CFED&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&uid=ZYflVG8tfarUEZN0xqK2lwAA%261263 HTTP 307
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AAHiHE7LD8sAABbN-sajhg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5513585797723259336&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AAHiHE7LD8sAABbN-sajhg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5513585797723259336%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5513585797723259336&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAHiHE7LD8sAABbN-sajhg&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHiHE7LD8sAABbN-sajhg&gdpr=0&gdpr_consent=

Request Chain 338

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iWUHUTvzTSOQUj8FwtVWiQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 339

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=89650751-3BF3-4D23-9052-3F05C2D55689 HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D5242fdf3-107d-47a2-b8fa-e97d01d08b23%252C%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1067000970582424152&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C

Request Chain 341

https://eb2.3lift.com/xuid?mid=7976&xuid=89650751-3BF3-4D23-9052-3F05C2D55689&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=89650751-3BF3-4D23-9052-3F05C2D55689&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

Request Chain 342

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODk2NTA3NTEtM0JGMy00RDIzLTkwNTItM0YwNUMyRDU1Njg5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 343

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOhDzaCJYA712p7RCKhy7Kw&google_cver=1

Request Chain 344

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B951624FAB8C4F00B53129B5A511D369 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D89650751-3BF3-4D23-9052-3F05C2D55689%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=

Request Chain 345

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=06520073-fb72-4ed5-983e-803febf0635f&gdpr=0&gdpr_consent=

Request Chain 347

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=89650751-3BF3-4D23-9052-3F05C2D55689&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=89650751-3BF3-4D23-9052-3F05C2D55689&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7AirhihE2uXAeSG0WsrtjbvVKmHinDo-~A&gdpr=0

Request Chain 348

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5d76d17d2062396&is_secure=true&networkId=17100&version=1&nuid=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABlK4lXBTyYQN6eTnuAAAAAAA&expiration=1703491283&nuid=89650751-3BF3-4D23-9052-3F05C2D55689&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=

Request Chain 349

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8c31b69d-1a38-431e-9d70-8193fead3720&gdpr=0&gdpr_consent=

Request Chain 354

https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3zV1Lwwll1wySktIvmzy HTTP 302
https://ads.yieldmo.com/v000/sync?tdid=06520073-fb72-4ed5-983e-803febf0635f

Request Chain 355

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3zV1Lwwll1wySktIvmzy HTTP 302
https://dpm.demdex.net/ibs:dpid=540&dpuuid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D5242fdf3-107d-47a2-b8fa-e97d01d08b23%252C%252C HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D5242fdf3-107d-47a2-b8fa-e97d01d08b23%252C%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=67669841489322485280803933297627857586&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C

Request Chain 356

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
https://ads.yieldmo.com/v000/sync?userid=1067000970582424152&pn_id=an

Request Chain 357

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
https://pmp.mxptint.net/sn.ashx?&gdpr=-1&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10E2F3A93_B3AD5E90&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 358

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=06520073-fb72-4ed5-983e-803febf0635f&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 359

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzA0OTE2NDY1MTg4NjkxMTI1MTEwOQ%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 360

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEMwc7zuxsQBUHMbM5b5CGY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 361

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzA0OTE2NDY1MTg4NjkxMTI1MTEwOQ%3D%3D

Request Chain 363

https://pr-bh.ybp.yahoo.com/sync/triplelift/3049164651886911251109?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-MXAkxJ1E2oSJVS6IXd0HJM6d5P0qDbvcyVesp3F.gw--~A&dongle=0883

Request Chain 364

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3049164651886911251109&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=766899071072940048&ssp=triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 366

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=1067000970582424152&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 370

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=3464064835721631000V10

Request Chain 378

https://ups.analytics.yahoo.com/ups/58827/sync?redir=true&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-MifaKW5E2uJyaqqKKO5MF8f6YD7llsAH~A

Request Chain 381

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd

Request Chain 386

https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 301
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID

Request Chain 387

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1067000970582424152&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D89650751-3BF3-4D23-9052-3F05C2D55689%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=

Request Chain 389

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZYflVAAJQ5kLrwBU

Request Chain 390

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=36b5e0d6-f1a9-4c45-9ebe-a704f0fe01cf&ssp=pubmatic&gdpr=0 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 391

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=L2roZ3xq5WA0PeZkemv9aX085mE0a-AxLGhtD3jK HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D89650751-3BF3-4D23-9052-3F05C2D55689%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=

Request Chain 393

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 394

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969470221362856718 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D89650751-3BF3-4D23-9052-3F05C2D55689%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=

Request Chain 395

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-VseCc0jUpxV70YNFp8ifGuvZsA&gdpr=0&gdpr_consent=

Request Chain 397

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RtHr2DBw1Rhjqy5&gdpr=0&gdpr_consent=

Request Chain 400

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU541a835bedef4c8d900f0cc19e6264a4

Request Chain 405

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=7370720806 HTTP 302
https://sync.1rx.io/usersync/turn/3721385948713308019?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005

Request Chain 409

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B951624FAB8C4F00B53129B5A511D369&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 411

https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=89650751-3BF3-4D23-9052-3F05C2D55689 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=89650751-3BF3-4D23-9052-3F05C2D55689

Request Chain 413

https://us-u.openx.net/w/1.0/sd?id=540245193&val=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=

Request Chain 416

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3721385948713308019&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 417

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=

Request Chain 418

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=872373289210744526

Request Chain 423

https://idsync.rlcdn.com/712188.gif?partner_uid=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent= HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CPy7KxIwCiwIARCFpQoaJDg5NjUwNzUxLTNCRjMtNEQyMy05MDUyLTNGMDVDMkQ1NTY4ORAAGg0I2MqfrAYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=c1251b47bb1d3dc31e5508b07fb6870f97c7f9374eca716327564680f787450e791426b5417dce21&_=2 HTTP 307
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=05113914

Request Chain 424

https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=89650751-3BF3-4D23-9052-3F05C2D55689/gdpr=0/gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=89650751-3BF3-4D23-9052-3F05C2D55689/gdpr=0/gdpr_consent=

Request Chain 428

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYflVG8tfarUEZN0xqK2lwAA%261263&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYflVG8tfarUEZN0xqK2lwAA%261263&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8eac0a2b848d4c4b9b94f1afde794591 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=8eac0a2b-848d-4c4b-9b94-f1afde794591 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=890f50b9-8691-42a0-8394-8d10ad39a0ce%3A1703404885.1611774&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D890f50b9-8691-42a0-8394-8d10ad39a0ce%253A1703404885.1611774%26pid%3D500040%26it%3D1%26iv%3D890f50b9-8691-42a0-8394-8d10ad39a0ce%253A1703404885.1611774%26_%3D1703404885.1631556&cb=1703404885.1631992 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969470221362856718&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D890f50b9-8691-42a0-8394-8d10ad39a0ce%253A1703404885.1611774%26pid%3D500040%26it%3D1%26iv%3D890f50b9-8691-42a0-8394-8d10ad39a0ce%253A1703404885.1611774%26_%3D1703404885.1631556 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=890f50b9-8691-42a0-8394-8d10ad39a0ce%3A1703404885.1611774&pid=500040&it=1&iv=890f50b9-8691-42a0-8394-8d10ad39a0ce%3A1703404885.1611774&_=1703404885.1631556 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1703404885.1631556&iv=890f50b9-8691-42a0-8394-8d10ad39a0ce:1703404885.1611774

Request Chain 429

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYflVG8tfarUEZN0xqK2lwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMxdI-DC-KsOlSiSZ_lxMWQ&google_cver=1

Request Chain 430

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=06520073-fb72-4ed5-983e-803febf0635f&expiration=1705996884&gdpr=0&gdpr_consent=

Request Chain 432

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969470221362856718

Request Chain 433

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB

Request Chain 434

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://casale-match.dotomi.com/match/bounce/current?DotomiTest=42d100b86a5e05f5&is_secure=true&networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAABsXUNkSdzPQM_baM7AAAAAAA&expiration=1703491284&is_secure=true

Request Chain 435

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-VseCc0jUpxV70YNFp8ifGuvZsA

Request Chain 444

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://s2s.t13.io/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=465f9c0b-c13d-4108-9e74-edb29105c1bd

Request Chain 449

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LQJ7ADLP-26-FVG8&ex=d-rubiconproject.com&status=ok

Request Chain 450

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ7ADLP-26-FVG8

Request Chain 451

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmIyNzFkNzU2NGNiMDBhZTA2ZDEwNjY3OTNmMjFjYjMzYmY5YWQyMQ

Request Chain 452

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Y4b3Sh_gA5BV6yIvktLF-8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NWsJx6FE2oKHHn3Npnk7g4s534NcK_boMJGn0w--~A

Request Chain 453

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFKN0FETFAtMjYtRlZHOA== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJki8C5TC1DKE8Ig-NqS0Gg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFKN0FETFAtMjYtRlZHOA==&google_push=

Request Chain 454

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKHntigEaXjvIisQodLJVH8&google_cver=1

Request Chain 456

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PaVOQ6c8ThKs-SiNlVPV3g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PaVOQ6c8ThKs-SiNlVPV3g

Request Chain 457

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06520073-fb72-4ed5-983e-803febf0635f&gdpr=0&gdpr_consent=&expires=30

Request Chain 458

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHiHE7LD8sAABbN-sajhg&expires=30

Request Chain 459

https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
https://capi.connatix.com/us/pixel?puid=LQJ7ADLP-26-FVG8&pId=11&gdpr=&gdpr_consent=&us_privacy=

Request Chain 460

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LQJ7ADLP-26-FVG8

Request Chain 461

https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQJ7ADLP-26-FVG8

Request Chain 462

https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ7ADLP-26-FVG8

Request Chain 463

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQJ7ADLP-26-FVG8&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQJ7ADLP-26-FVG8&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JTzk5anF0RTJ1RV9PRk5ZZzExMkFoaEtFaXVDWHNCU35B&ovsid=LQJ7ADLP-26-FVG8&dpid=58160

Request Chain 464

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=7f7df25a-1df4-45ee-a4e6-084e00db2fb8&expires=30

Request Chain 465

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1--- HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQJ7ADLP-26-FVG8&us_privacy=1--- HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ7ADLP-26-FVG8

Request Chain 466

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1--- HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LQJ7ADLP-26-FVG8&us_privacy=1---

Request Chain 467

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1--- HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQJ7ADLP-26-FVG8&us_privacy=1---

Request Chain 468

https://c1.adform.net/serving/cookie/match?party=1164&us_privacy=1--- HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1164&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6759941563391600214

Request Chain 469

https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=1b816740-afaa-472b-84d1-bb5ea3d8a965&us_privacy=1---

Request Chain 470

https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&us_privacy=1--- HTTP 302
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQJ7ADLP-26-FVG8&us_privacy=1---

Request Chain 471

https://sync.srv.stackadapt.com/sync?nid=14&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=-VseCc0jUpxV70YNFp8ifGuvZsA

Request Chain 472

https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=95862dc0-a378-44f6-8137-4c9e8e3ec4d7

Request Chain 473

https://ad.turn.com/r/cs?pid=6&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3721385948713308019&expires=60&gdpr=&gdpr_consent=

Request Chain 474

https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=1067000970582424152&expires=30&us_privacy=1---

Request Chain 475

https://sync.1rx.io/usersync2/rubicon?us_privacy=1--- HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005%26expires%3D30%26us_privacy%3D1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005&expires=30&us_privacy=1---

Request Chain 476

https://id.rlcdn.com/709414.gif?us_privacy=1--- HTTP 307
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

Request Chain 477

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&us_privacy=1--- HTTP 302
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQJ7ADLP-26-FVG8&us_privacy=1---

Request Chain 478

https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&us_privacy=1--- HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQJ7ADLP-26-FVG8&name=RUBICON&us_privacy=1---

Request Chain 479

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&us_privacy=1--- HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&expires=360&gdpr=0&gdpr_consent=

Request Chain 480

https://pixel.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1--- HTTP 302
https://ssc-cms.33across.com/ps/?xi=1&xu=LQJ7ADLP-26-FVG8&us_privacy=1--- HTTP 302
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQJ7ADLP-26-FVG8&ts=1703404886&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 488

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Dad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=

Request Chain 489

https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?pid=562769&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fcs.krushmedia.com%2F6829e4c09c04a0b5e4044d4285b718db.gif%3Fpuid%3D%25%25VGUID%25%25 HTTP 302
https://cs.krushmedia.com/6829e4c09c04a0b5e4044d4285b718db.gif?puid=Ebtx9v6avFz1&ev=1&us_privacy=${us_privacy}&pid=562769 HTTP 302
https://cs.minutemedia-prebid.com/cs?aid=21498&id=9b176146-0475-543f-b62b-17e637b89527

Request Chain 490

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
https://ce.lijit.com/merge?pid=86&3pid=KTsYfKF5Hx0Y0On6qevhkixyEShB4ZgndQtvZPJLtek&pi=sovrn&gdpr=0&gdpr_consent=&tc=1

Request Chain 491

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=36b5e0d6-f1a9-4c45-9ebe-a704f0fe01cf

Request Chain 492

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LQJ7ADLP-26-FVG8&gdpr=0

Request Chain 493

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
https://ce.lijit.com/merge?3pid=AAHiHE7LD8sAABbN-sajhg&pid=85&gdpr=0

Request Chain 497

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=

Request Chain 502

https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=89650751-3BF3-4D23-9052-3F05C2D55689 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=89650751-3BF3-4D23-9052-3F05C2D55689

Request Chain 514

https://id5-sync.com/i/882/8.gif?id5id=ID5*9TgQbitbpmH7F56hs_k3X6uCAByChNb5VEtE0E6TJIR3VJY6tVkfnmq7yxMiHQPud1VnpwuEUKUotNkfMLe6-g&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/882/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/882/2/7/2.gif?puid=1067000970582424152&gdpr=0&gdpr_consent= HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F796%2F6%2F3.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/882/796/6/3.gif?puid=7f7df25a-1df4-45ee-a4e6-084e00db2fb8&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=92&3pid=1067000970582424152&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F1246%2F5%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
https://id5-sync.com/c/882/1246/5/4.gif?puid=H36BjLZHD0I_8YN-TemHg7ic&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-3b507QGDPz1Nu_91oxIBbdglQkTe86eSEWGOiMkB2g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F882%2F124%2F4%2F5.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-3b507QGDPz1Nu_91oxIBbdglQkTe86eSEWGOiMkB2g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F882%2F124%2F4%2F5.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/882/124/4/5.gif?puid=4af92d3d-f523-4f73-a502-195ea443c679&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F203%2F3%2F6.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/882/203/3/6.gif?puid=1b816740-afaa-472b-84d1-bb5ea3d8a965&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=06520073-fb72-4ed5-983e-803febf0635f&ttl=%%TTL%% HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F434%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
https://id5-sync.com/c/882/434/1/8.gif?puid=6921db60-8cf2-449a-8280-2481830cb1fb&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/882/108/0/9.gif?puid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&gdpr=0&gdpr_consent=

Request Chain 520

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYflVAAJQ5kLrwBU

Request Chain 523

https://match.adsrvr.org/track/cmf/openx?oxid=b24c28fe-2d5d-73cb-e39d-7d995065e301&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=06520073-fb72-4ed5-983e-803febf0635f&ttd_puid=b24c28fe-2d5d-73cb-e39d-7d995065e301&gdpr=0&gdpr_consent=

Request Chain 525

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFL7GrXsnT5ctiPXfUKuxSo&google_cver=1

Request Chain 527

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072977&val=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=

Request Chain 530

https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
https://id.rlcdn.com/464246.gif?partner_uid=edb62f49-b98c-44fb-b70e-78337c7ae2f6 HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=785e6c9be484ac6ab49702a5ef9257229c51e4826ded9d6b01479fe9cb3e14f6791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=785e6c9be484ac6ab49702a5ef9257229c51e4826ded9d6b01479fe9cb3e14f6791426b5417dce21&rand=06109510

Request Chain 531

https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1067000970582424152

Request Chain 532

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3721385948713308019&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 538

https://x.bidswitch.net/sync?ssp=huddledmss HTTP 302
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=huddledmss&gdpr=&gdpr_consent=&us_privacy= HTTP 303
https://x.bidswitch.net/sync?user_id=AAHiHE7LD8sAABbN-sajhg&dsp_id=269&expires=5&ssp=huddledmss HTTP 302
https://sync.colossusssp.com/bidswitch.gif?puid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd HTTP 302
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=874554c6-54cd-42df-ac8b-523514fbc48f

Request Chain 539

https://ib.adnxs.com/getuid?https://sync.colossusssp.com/ap.gif?puid=$UID HTTP 302
https://sync.colossusssp.com/ap.gif?puid=1067000970582424152 HTTP 302
https://openrtb.cootlogix.com/api/cookie?userId=874554c6-54cd-42df-ac8b-523514fbc48f&partnerId=colossus

Request Chain 540

https://match.adsrvr.org/track/cmf/generic?ttd_pid=9um7azn&ttd_tpi=1 HTTP 302
https://sync.colossusssp.com/td.gif?puid=06520073-fb72-4ed5-983e-803febf0635f&ttl=1705996896 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=colossus

Request Chain 542

https://id.rlcdn.com/712075.gif?ct=2&cv= HTTP 307
https://sync.colossusssp.com/4560195433dd0d468e9a635d097ffb01.gif?puid= HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=colossus

Request Chain 543

https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]&us_privacy=[CCPA]&redirectUri=https%3A%2F%2Fsync.colossusssp.com%2F021909c6bcf2644c2583393eed86ca15.gif%3Fpuid%3D%24UID%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D HTTP 302
https://sync.colossusssp.com/021909c6bcf2644c2583393eed86ca15.gif?puid=3zV1Lwwll1wySktIvmzy&gdpr_consent=&gdpr=[GDPR]&us_privacy=[CCPA] HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3427&partner_device_id=874554c6-54cd-42df-ac8b-523514fbc48f HTTP 302
https://dpm.demdex.net/ibs:dpid=540&dpuuid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D5242fdf3-107d-47a2-b8fa-e97d01d08b23%252C%252C HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D5242fdf3-107d-47a2-b8fa-e97d01d08b23%252C%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=69768614742219326251872147515863441461&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C

Request Chain 546

https://match.prod.bidr.io/cookie-sync/col HTTP 303
https://sync.colossusssp.com/500e7b56c46df78315584d09f505b8d4.gif?puid=AAHiHE7LD8sAABbN-sajhg HTTP 302
https://openrtb.cootlogix.com/api/cookie?userId=874554c6-54cd-42df-ac8b-523514fbc48f&partnerId=colossus

Request Chain 547

https://pixel.tapad.com/idsync/ex/receive?partner_id=3427&partner_device_id=874554c6-54cd-42df-ac8b-523514fbc48f HTTP 302
https://dpm.demdex.net/ibs:dpid=540&dpuuid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D5242fdf3-107d-47a2-b8fa-e97d01d08b23%252C%252C HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D5242fdf3-107d-47a2-b8fa-e97d01d08b23%252C%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=67669841489322485280803933297627857586&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C

Request Chain 548

https://t.adx.opera.com/pub/sync?pubid=pub9891457922432 HTTP 302
https://sync.colossusssp.com/7fe59af1e9f84455a7de453521d1626d.gif?puid=OPU743f45a610bf4674a78d351a78902a34 HTTP 302
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=874554c6-54cd-42df-ac8b-523514fbc48f

Request Chain 551

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEK42cFUTb8ochlWugZ_wMNY&google_cver=1

Request Chain 553

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1067000970582424152

Request Chain 554

https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5242c14bc6ee0b5b49d4dde4a4ab3b8&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=ume3124_7316077244501266413&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NTI0MmMxNGJjNmVlMGI1YjQ5ZDRkZGU0YTRhYjNiOA==&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHBo75wkvyppqHH7JfZyYi0&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=06520073-fb72-4ed5-983e-803febf0635f&gdpr=0&gdpr_consent= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/5242c14bc6ee0b5b49d4dde4a4ab3b8?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-rNgO13RE2oP8.kEqlkuEKVR1PML.04Ctq5961owm~A HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
https://ads.stickyadstv.com/user-registering?userId=AAHiHE7LD8sAABbN-sajhg&dataProviderId=817&gdpr=0 HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=WHQkI6km1Rhjqy5&gdpr=0 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=1067000970582424152&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
https://jelly.mdhv.io/v4/pixie?gdpr=0&gdpr_consent=

Request Chain 555

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6426327277908847192&expiration=1704614497

Request Chain 556

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B951624FAB8C4F00B53129B5A511D369

Request Chain 558

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=258ba699-6871-9a3b-ad79d527

564 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nasledard.shokodeal.ru/ 88 KB
17 KB 552ms
178ms Document
text/html 91.240.202.161
SERVINGA-UK

General

Check archive.org

Show headers Download Go to

Full URL

https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.240.202.161 Manchester, United Kingdom, ASN212228 (SERVINGA-UK, DE),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

751488b92384d971abd1821a36b7106b9d9f3284ff501d079ffee738f6431fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
age: 392
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300, s-maxage=900
cf-cache-status: HIT
cf-edge-cache: cache,platform=wordpress
cf-ray: 83a750b76f7b776f-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Dec 2023 08:01:15 GMT
expires: Sun, 24 Dec 2023 07:52:52 GMT
last-modified: Sun, 24 Dec 2023 07:47:52 GMT
server: nginx/1.24.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-clacks-overhead: GNU Terry Pratchett
x-server: ip-10-10-21-209.ca-central-1.compute.internal

GET
H2 200 style.min.css
c0.wp.com/c/6.4.2/wp-includes/css/dist/block-library/ 107 KB
13 KB 76ms
23ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Sun, 24 Dec 2023 08:01:15 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Sun, 05 Nov 2023 19:40:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 23 Dec 2024 08:01:15 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 11 KB
3 KB 75ms
23ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Sun, 24 Dec 2023 08:01:15 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 23 Dec 2024 08:01:15 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 4 KB
1 KB 74ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Sun, 24 Dec 2023 08:01:15 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 23 Dec 2024 08:01:15 GMT

GET
H2 200 style.min.css
boingboing.net/wp-content/themes/boing/assets/styles/ 89 KB
12 KB 117ms
45ms Stylesheet
text/css 104.22.41.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://boingboing.net/wp-content/themes/boing/assets/styles/style.min.css?ver=1703013827

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.41.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d0d1d10bd85ba5b22149a46589f319bdfc9d6463cc580a83d493b05be34b4e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 390865
alt-svc: h3=":443"; ma=86400
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 19 Dec 2023 19:23:47 GMT
server: cloudflare
etag: W/"164e6-60ce1ce3c4458-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=2592000
x-server: ip-10-10-21-215.ca-central-1.compute.internal
cf-ray: 83a750b87d9da1d8-YYZ
expires: Wed, 20 Dec 2023 19:26:50 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/12.9.1/css/ 99 KB
17 KB 73ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/12.9.1/css/jetpack.css

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6a360e4e3e7c65709b0ffefc54e4f116ea6d8c9909e68ff4578284ebaf07c5f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Sun, 24 Dec 2023 08:01:15 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 18 Dec 2023 16:25:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 23 Dec 2024 08:01:15 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/jquery/ 86 KB
29 KB 75ms
24ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/jquery.min.js

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Sun, 24 Dec 2023 08:01:15 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 23 Dec 2024 08:01:15 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/jquery/ 13 KB
5 KB 74ms
23ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Sun, 24 Dec 2023 08:01:15 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 23 Dec 2024 08:01:15 GMT

GET
H2 200 advanced.min.js Show response
boingboing.net/wp-content/plugins/advanced-ads/public/assets/js/ 7 KB
3 KB 113ms
42ms Script
application/javascript 104.22.41.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://boingboing.net/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.48.1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.41.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98ff2f173784b131e58f376088dfd9f53aedfcbc9feb5a65d5f90d671f9b8e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 390865
alt-svc: h3=":443"; ma=86400
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 14 Dec 2023 05:26:46 GMT
server: cloudflare
etag: W/"1d9d-60c71879d7528-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=2592000
x-server: ip-10-10-21-215.ca-central-1.compute.internal
cf-ray: 83a750b87da0a1d8-YYZ
expires: Wed, 20 Dec 2023 19:26:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
89 KB 110ms
49ms Script
application/javascript 142.251.40.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X0MTXTYEJ1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f10.1e100.net

Software

Google Tag Manager /

Resource Hash

03275b815b9b4f839842727bcd1cd0b205dbc4569a46b619cfbb8528b9ce3923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90316
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Dec 2023 08:01:15 GMT

GET
H2 200 native-loader.js Show response
video.unrulymedia.com/native/ 7 KB
7 KB 127ms
42ms Script
application/octet-stream 104.18.42.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/native-loader.js
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b8eb6f627d2b3b6087c9b80548a1822bfd63f5dcea868f996a4c5e0932863e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-amz-version-id: z_dySaxByB9wbNOD5Bjh5jqsWk6A7Mwx
cf-cache-status: HIT
x-amz-request-id: MN92479G0TQRBTPV
age: 3468
content-length: 6659
x-amz-id-2: oRJLmLBqqZjN50XuBqWnAYPDJQ76wNxdpWMRU0Oox+autrRsDzogZSwC5UM1FU2f69RZcpS97pU=
x-amz-expiration: expiry-date="Tue, 13 Nov 2029 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Mon, 14 Nov 2022 15:41:58 GMT
server: cloudflare
etag: "aa008fe9bcc41b4a3eb716f1d30027b2"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 83a750b89bb93a04-YYZ
expires: Sun, 24 Dec 2023 12:01:15 GMT

GET
H2 200 cls.css
a.pub.network/boingboing-net/ 1 KB
919 B 176ms
102ms Stylesheet
text/css 104.18.21.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/boingboing-net/cls.css
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 555b7185111adafc86047b2fe7b9922d8782d27650abc9f57e5d62ee4eafc0a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPr4ciCw03XG3GlPa-wllPxekjTiILxH1A9sPaN6QGu69HCSc75bsZ4PIbu6bMCSwPFE0QDlP18mlQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 20 Dec 2023 15:26:15 GMT
server: cloudflare
etag: W/"3af25813be5a11e5a4e0810363ed674a"
vary: Accept-Encoding
x-goog-hash: crc32c=b53CjA==, md5=OvJYE75aEeWk4IEDY+1nSg==
x-goog-generation: 1702324270931450
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 1314
cf-ray: 83a750b88c21543d-YYZ
expires: Sun, 24 Dec 2023 08:31:15 GMT

GET
H2 200 pubfig.min.js Show response
a.pub.network/boingboing-net/ 50 KB
19 KB 40ms
40ms Script
application/javascript 104.18.21.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/boingboing-net/pubfig.min.js
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f2b51ecfe83a20af8e2999be5af696495d98bbbdf76dfc2536ff42121767c24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 163785
x-guploader-uploadid: ABPtcPoRJ8QxK9yre2A4X0xclvN-Z5UZxm-AfqhfLkDZsWHETSXQZ49pKyA0jV6ix7zwOX9WYJ-pMdixYA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 19 Dec 2023 20:14:19 GMT
server: cloudflare
etag: W/"e9f440fdb9d2c42ded6eadadb9520bce"
vary: Accept-Encoding
x-goog-generation: 1703016859796491
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=6d56IQ==, md5=6fRA/bnSxC3tbq2tuVILzg==
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 51445
cf-ray: 83a750b97d56543d-YYZ
link: <https://d.pub.network/v2/sites/boingboing-net/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires: Sun, 24 Dec 2023 08:31:15 GMT

GET
H3 200 logo-boingboing.png
boingboing.net/wp-content/themes/boing/assets/images/ 548 B
1000 B 46ms
44ms Image
image/webp 104.22.41.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://boingboing.net/wp-content/themes/boing/assets/images/logo-boingboing.png

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.41.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac0581f2a0b5bacf612c624ca7f734ce5497e51d3ef5decb9c66b23168c492e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 297900
cf-polished: origFmt=png, origSize=895
content-disposition: inline; filename="logo-boingboing.webp"
alt-svc: h3=":443"; ma=86400
content-length: 548
x-clacks-overhead: GNU Terry Pratchett
cf-bgj: imgq:100,h2pri
last-modified: Fri, 18 Sep 2020 01:05:52 GMT
server: cloudflare
etag: "37f-5af8c1a2872f0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=2592000
x-server: ip-10-10-21-209.ca-central-1.compute.internal
accept-ranges: bytes
cf-ray: 83a750b99a9b36bb-YYZ
expires: Fri, 19 Jan 2024 21:16:15 GMT

GET
H2 200 boingboing-boing-boing-home-page.js Show response
widget.sellwild.com/boingboing/ 96 KB
34 KB 94ms
29ms Script
application/javascript 18.238.80.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sellwild.com/boingboing/boingboing-boing-boing-home-page.js
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-64.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 303eb0eb7f7b3b90209a5f1e4fe0a4a61718b7e1ab831cf7b8981c1385ca35a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 19:14:16 GMT
content-encoding: gzip
via: 1.1 0b4bd786c6b93c5bc7d37331a04a3fdc.cloudfront.net (CloudFront)
last-modified: Mon, 06 Nov 2023 18:42:08 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
age: 132420
etag: W/"3c4b426c5a795e1f4830dac644de1957"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1209600,public
x-amz-cf-id: F7_67k108eICw8XI6UtQQzixFprvEzEeGfe2lmGQmtcqcMpL9iUqQg==

GET
H2 200 image-cdn.js Show response
boingboing.net/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 701 B
487 B 90ms
43ms Script
application/javascript 104.22.41.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://boingboing.net/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.41.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 390865
alt-svc: h3=":443"; ma=86400
x-clacks-overhead: GNU Terry Pratchett
last-modified: Mon, 18 Dec 2023 21:28:30 GMT
server: cloudflare
etag: W/"2bd-60ccf6e674468-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=2592000
x-server: ip-10-10-21-209.ca-central-1.compute.internal
cf-ray: 83a750b87da1a1d8-YYZ
expires: Wed, 20 Dec 2023 19:26:50 GMT

GET
H2 200 advanced-ads-pro.min.js Show response
boingboing.net/wp-content/plugins/advanced-ads-pro/assets/js/ 8 KB
3 KB 47ms
45ms Script
application/javascript 104.22.41.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://boingboing.net/wp-content/plugins/advanced-ads-pro/assets/js/advanced-ads-pro.min.js?ver=2.25.2

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.41.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f789c41c9d0fc305900de5cdbc11c5a48a8285ac618ff0ab61a62e8fa596f1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 390865
alt-svc: h3=":443"; ma=86400
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 14 Dec 2023 05:26:51 GMT
server: cloudflare
etag: W/"1ec6-60c7187e64d98-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=2592000
x-server: ip-10-10-21-215.ca-central-1.compute.internal
cf-ray: 83a750b8cdd2a1d8-YYZ
expires: Wed, 20 Dec 2023 19:26:50 GMT

GET
H2 200 e-202351.js Show response
stats.wp.com/ 7 KB
3 KB 76ms
24ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202351.js
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT jfk
date: Sun, 24 Dec 2023 08:01:15 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1684464982353.1523
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 16 Dec 2024 16:24:54 GMT

GET
H2 200 scripts.min.js Show response
boingboing.net/wp-content/themes/boing/assets/scripts/ 559 B
393 B 43ms
43ms Script
application/javascript 104.22.41.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://boingboing.net/wp-content/themes/boing/assets/scripts/scripts.min.js?ver=6.4.2

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.41.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae2ab54ecd2cad042015098b4204c91744d04a669bf2278b6fcfe21f6425f98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 390865
alt-svc: h3=":443"; ma=86400
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 28 Jun 2023 02:26:39 GMT
server: cloudflare
etag: W/"22f-5ff2750442948-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=2592000
x-server: ip-10-10-21-209.ca-central-1.compute.internal
cf-ray: 83a750b8edf2a1d8-YYZ
expires: Wed, 20 Dec 2023 19:26:50 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 124ms
59ms Script
text/javascript 104.16.56.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://nasledard.shokodeal.ru/
Origin: https://nasledard.shokodeal.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83a750ba0f8236bf-YYZ

GET
BLOB 200
OK dc0e41d8-f20f-4a25-8d80-7695c8494f35
https://nasledard.shokodeal.ru/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://nasledard.shokodeal.ru/dc0e41d8-f20f-4a25-8d80-7695c8494f35
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 98ms
41ms Stylesheet
text/css 142.251.32.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Baskerville:400,400i,700|Raleway:400,600,700,800&display=fallback

Requested by

Host: boingboing.net
URL: https://boingboing.net/wp-content/themes/boing/assets/styles/style.min.css?ver=1703013827

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

890386ae8b81ef7704537cd1b68b540e3ff0f5ffdaf09be7e65f97b66ef53d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://boingboing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Dec 2023 08:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 08:01:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Dec 2023 08:01:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 188 KB
68 KB 65ms
63ms Script
application/javascript 142.251.40.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNJ24Q2

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Google Tag Manager /

Resource Hash

ef26fec1e6e23fa2527cff2cab1035f5840ae0514d5c3c9a10496998cac55dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69227
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Dec 2023 08:01:15 GMT

GET
H/1.1 200
OK skin.js Show response
player.aniview.com/script/custom/unruly/outstream/ 58 KB
14 KB 130ms
32ms Script
application/javascript 23.40.179.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/custom/unruly/outstream/skin.js?site_id=1021419
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.74 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-74.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 250e2915fe1cc935369030d50d2ed1ffae880c8c984f8f8557c5f1600a7bfa68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 24 Dec 2023 08:01:15 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ABPtcPr8eJKtGNUMLbXhiPfC7c7oKqb5Ki7lsAI6P2uuJRfMQ7EZrT0vGQpbUSLUEplqgRxdl4dln87PD3037dBK3kcD0wC0Kdc2
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 13166
Last-Modified: Fri, 03 Feb 2023 12:20:02 GMT
Server: UploadServer
ETag: "bf7c4b787feae0241663d6bdd96d320c"
Vary: Accept-Encoding
x-goog-generation: 1675426801992604
Content-Type: application/javascript
Content-Language: en
x-goog-hash: crc32c=kXKgiA==, md5=v3xLeH/q4CQWY9a92W0yDA==
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, no-transform, max-age=900
x-goog-stored-content-length: 13166
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Expires: Sun, 24 Dec 2023 08:16:15 GMT

GET
H2 202 pixels
aniview-diag-server.1rx.io/ 0
94 B 125ms
35ms Image
text/plain 69.194.241.38
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aniview-diag-server.1rx.io/pixels?adslotid=18c9ad7aff2406b2c6fa829&siteid=1021419&iframe=false&siteenv=html&page=https%3A%2F%2Fnasledard.shokodeal.ru%2F&clientver=1.0.0&pageloadid=18c9ad7aff2233e951b0c0c&cb=1703404875762&event=tag_load&message=Ani%20View%20Wrapper%20load%20on%20the%20page&event_time=2023-12-24%2008%3A01%3A15

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.194.241.38 , United States, ASN26120 (RHYTHMONE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
strict-transport-security: max-age=15768000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 93ms
30ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 24 Dec 2023 08:01:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: tU44YWpB4xVEnWweQkS0KAY/yI1w8i0mycwHtd0XZO4QHToLghCvWbiX6YsK4U9ZM0JKs0Ueo8pz4njEkReMWw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
48 KB 86ms
25ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:400,400i,700|Raleway:400,600,700,800&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nasledard.shokodeal.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 00:36:49 GMT
x-content-type-options: nosniff
age: 372266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 00:36:49 GMT

GET
H2 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 27 KB
27 KB 104ms
50ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:400,400i,700|Raleway:400,600,700,800&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nasledard.shokodeal.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:51:55 GMT
x-content-type-options: nosniff
age: 382160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27976
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 21:51:55 GMT

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 26 KB
27 KB 104ms
58ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:400,400i,700|Raleway:400,600,700,800&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nasledard.shokodeal.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:01 GMT
x-content-type-options: nosniff
age: 399734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27120
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 16:59:01 GMT

GET
H2 200 shutterstock_1771451024.jpg
i0.wp.com/boingboing.net/wp-content/uploads/2022/02/ 4 KB
5 KB 83ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2022/02/shutterstock_1771451024.jpg?resize=300%2C175&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

78275009aa91da11226f6f8d99e861e375ac921d927f1aa40c10547bf8950ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4270
x-nc: HIT jfk 3
last-modified: Fri, 22 Dec 2023 18:00:41 GMT
server: nginx
etag: "d4aec0746c9f77b1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2022/02/shutterstock_1771451024.jpg>; rel="canonical"
expires: Mon, 22 Dec 2025 06:00:41 GMT

GET
H2 200 Bridget-Ziegler-122223_3-1024x573-1.webp
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 5 KB
5 KB 91ms
30ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/Bridget-Ziegler-122223_3-1024x573-1.webp?resize=300%2C175&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e3bdfb840b0582c8c0d2ca82e1ea05a540d8c2ef3a64a601f8cdbc11fa2114

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4704
x-nc: HIT jfk 1
last-modified: Sat, 23 Dec 2023 18:04:09 GMT
server: nginx
etag: "f25fddbd6117c650"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/Bridget-Ziegler-122223_3-1024x573-1.webp>; rel="canonical"
expires: Tue, 23 Dec 2025 06:04:09 GMT

GET
H2 200 201106155802-05-virgin-hyperloop-exlarge-169.jpg
i0.wp.com/boingboing.net/wp-content/uploads/2020/11/ 8 KB
8 KB 99ms
39ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2020/11/201106155802-05-virgin-hyperloop-exlarge-169.jpg?resize=300%2C175&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

160ce118bc72caa7e3c749dd26265b1c9caecfb37ed97167e55b267a66635b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7994
x-nc: HIT jfk 1
last-modified: Fri, 22 Dec 2023 17:36:41 GMT
server: nginx
etag: "583c12f50eb84331"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2020/11/201106155802-05-virgin-hyperloop-exlarge-169.jpg>; rel="canonical"
expires: Mon, 22 Dec 2025 05:36:41 GMT

GET
H2 200 sale_312032_2023CompletePythonCertificationBootCampBundle_article_image.jpg
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 6 KB
6 KB 93ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/sale_312032_2023CompletePythonCertificationBootCampBundle_article_image.jpg?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a9f71e612027ba59bf5e5c8d0f8c154481a922593755887fbc33863aa6381be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5634
x-nc: HIT jfk 3
last-modified: Sun, 24 Dec 2023 01:00:16 GMT
server: nginx
etag: "47acd3cf5cdb3e8b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/sale_312032_2023CompletePythonCertificationBootCampBundle_article_image.jpg>; rel="canonical"
expires: Tue, 23 Dec 2025 13:00:16 GMT

GET
H2 200 sale_323688_article_image.jpg
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 2 KB
2 KB 69ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/sale_323688_article_image.jpg?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a0baba16a7df3b1ab6ffb99350d06d6a820cce06136d2b1bda95bb0eefd2dfca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1642
x-nc: HIT jfk 1
last-modified: Sat, 23 Dec 2023 22:15:37 GMT
server: nginx
etag: "4c0c5faab7ed0c02"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/sale_323688_article_image.jpg>; rel="canonical"
expires: Tue, 23 Dec 2025 10:15:37 GMT

GET
H2 200 shutterstock_1184617738-scaled.jpg
i0.wp.com/boingboing.net/wp-content/uploads/2023/11/ 4 KB
4 KB 83ms
36ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/11/shutterstock_1184617738-scaled.jpg?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

492f1442ddf90f0a62527d440f290a8f5dc5bb2beb6d6cc398a2608cac419549

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3588
x-nc: HIT jfk 1
last-modified: Mon, 18 Dec 2023 18:10:37 GMT
server: nginx
etag: "2f1be30b6c8a14d6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/11/shutterstock_1184617738-scaled.jpg>; rel="canonical"
expires: Thu, 18 Dec 2025 06:10:37 GMT

GET
H2 200 image-108.png
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 44 KB
44 KB 41ms
38ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/image-108.png?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f31022326ac0b6fc3f16980a7fb1999f7113bb1afc3987ff3371f4496ff7c7a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 44936
x-nc: HIT jfk 3
last-modified: Sat, 23 Dec 2023 17:22:44 GMT
server: nginx
etag: "372467f29d024ecf"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/image-108.png>; rel="canonical"
expires: Tue, 23 Dec 2025 05:22:44 GMT

GET
H2 200 306442_DollarFlightClubPremiumPlusLifetimeSubscription-7.jpg
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 7 KB
8 KB 50ms
47ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/306442_DollarFlightClubPremiumPlusLifetimeSubscription-7.jpg?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f1a1abe22e92ee46ab3ebc8048586adca741cf85937ccc05ab322d89aed07cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7646
x-nc: HIT jfk 3
last-modified: Sat, 23 Dec 2023 16:15:51 GMT
server: nginx
etag: "2566f50010cbd9d5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/306442_DollarFlightClubPremiumPlusLifetimeSubscription-7.jpg>; rel="canonical"
expires: Tue, 23 Dec 2025 04:15:51 GMT

GET
H2 200 Bridget-Ziegler-122223_3-1024x573-1.webp
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 3 KB
3 KB 55ms
52ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/Bridget-Ziegler-122223_3-1024x573-1.webp?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4ef5f5b8afa2047a08b1d2496a65b38ab8b4020246938571e854d7e50eedac0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2974
x-nc: HIT jfk 1
last-modified: Sat, 23 Dec 2023 15:08:07 GMT
server: nginx
etag: "67372aa0909e7882"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/Bridget-Ziegler-122223_3-1024x573-1.webp>; rel="canonical"
expires: Tue, 23 Dec 2025 03:08:07 GMT

GET
H2 200 220903230405-08-book-bans-school-changes-reaj-scaled.jpg
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 4 KB
5 KB 56ms
53ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/220903230405-08-book-bans-school-changes-reaj-scaled.jpg?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d2b6414e1e65911ee8edab4df4ce168e6de0e56384522de4f81dfbcbc6ad54b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4308
x-nc: HIT jfk 3
last-modified: Sat, 23 Dec 2023 14:25:34 GMT
server: nginx
etag: "05a33e7847e81723"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/220903230405-08-book-bans-school-changes-reaj-scaled.jpg>; rel="canonical"
expires: Tue, 23 Dec 2025 02:25:34 GMT

GET
H2 200 Screenshot-2023-12-22-at-3.59.03-PM.png
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 40 KB
41 KB 60ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/Screenshot-2023-12-22-at-3.59.03-PM.png?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

009e991ff22a0295dd85f23275124cfe91ee347a0b8b608796530e2acd43ad8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 41116
x-nc: HIT jfk 2
last-modified: Sat, 23 Dec 2023 14:03:35 GMT
server: nginx
etag: "ce8d0219e77f848a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/Screenshot-2023-12-22-at-3.59.03-PM.png>; rel="canonical"
expires: Tue, 23 Dec 2025 02:03:35 GMT

GET
H2 200 Screenshot-2023-12-22-at-2.47.59-PM.png
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 36 KB
36 KB 56ms
54ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/Screenshot-2023-12-22-at-2.47.59-PM.png?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

83508705690bebedce692e9ed468506cd89c1553af088ea141d7a793419b56df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 36612
x-nc: HIT jfk 3
last-modified: Sat, 23 Dec 2023 13:53:03 GMT
server: nginx
etag: "60c57e9270a62f10"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/Screenshot-2023-12-22-at-2.47.59-PM.png>; rel="canonical"
expires: Tue, 23 Dec 2025 01:53:03 GMT

GET
H2 200 sale_321113_MicrosoftWindows11Pro_article_image-7.jpg
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 5 KB
5 KB 60ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/sale_321113_MicrosoftWindows11Pro_article_image-7.jpg?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

62fa9b033ff200f0f36b75485ccbf11014d4d0166933ab1fac8290d8265e69b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4744
x-nc: HIT jfk 2
last-modified: Sat, 23 Dec 2023 01:16:14 GMT
server: nginx
etag: "307c2f44309fb3cc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/sale_321113_MicrosoftWindows11Pro_article_image-7.jpg>; rel="canonical"
expires: Mon, 22 Dec 2025 13:16:14 GMT

GET
H2 200 china-outrage-over-doctor-punching-patient-during-surgery-v0-qxpymerFtxmPZgWUbqovJ2oOYEqTAFPWCv0IiMjeeNA.webp
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 6 KB
7 KB 61ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/china-outrage-over-doctor-punching-patient-during-surgery-v0-qxpymerFtxmPZgWUbqovJ2oOYEqTAFPWCv0IiMjeeNA.webp?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

754f0be8302eecb358accc74b61f15a2cdf82293a82dd372d96a838f52074832

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6568
x-nc: HIT jfk 2
last-modified: Fri, 22 Dec 2023 21:24:04 GMT
server: nginx
etag: "09be065e17f254ff"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/china-outrage-over-doctor-punching-patient-during-surgery-v0-qxpymerFtxmPZgWUbqovJ2oOYEqTAFPWCv0IiMjeeNA.webp>; rel="canonical"
expires: Mon, 22 Dec 2025 09:24:04 GMT

GET
H2 200 image-107.png
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 31 KB
31 KB 61ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/image-107.png?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

54a4ae9a5486d4ae45c7b04e63465684d536e3e6553166af45193c9aac468d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 31572
x-nc: HIT jfk 3
last-modified: Fri, 22 Dec 2023 20:55:06 GMT
server: nginx
etag: "37d1ae66d1ee515d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/image-107.png>; rel="canonical"
expires: Mon, 22 Dec 2025 08:55:06 GMT

GET
H2 200 Sad_clown.jpg
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 5 KB
6 KB 61ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/Sad_clown.jpg?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e1b52c7fb6430d60a286bb1b55e2cdceb930eedc8b29ab259aecfd9168050ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5482
x-nc: HIT jfk 1
last-modified: Fri, 22 Dec 2023 20:40:04 GMT
server: nginx
etag: "8201ffa6b44eb6cd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/Sad_clown.jpg>; rel="canonical"
expires: Mon, 22 Dec 2025 08:40:04 GMT

GET
H2 200 shutterstock_1101418244-scaled.jpg
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 7 KB
8 KB 61ms
60ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/shutterstock_1101418244-scaled.jpg?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e38d4498fbe6aa564be267f7829489ddfff1d6d425f8882cc70f90d5574ffca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7310
x-nc: HIT jfk 2
last-modified: Fri, 22 Dec 2023 19:24:17 GMT
server: nginx
etag: "2fdf141f95806a62"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/shutterstock_1101418244-scaled.jpg>; rel="canonical"
expires: Mon, 22 Dec 2025 07:24:17 GMT

GET
H2 200 shutterstock_1813883672-scaled.jpg
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 7 KB
7 KB 61ms
60ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/shutterstock_1813883672-scaled.jpg?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

32acc40d2b27fd88dcb95256217a2a4871a5407c82e58033c89aadd9ea1d6417

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7010
x-nc: HIT jfk 4
last-modified: Fri, 22 Dec 2023 18:31:59 GMT
server: nginx
etag: "2f483508433a33d4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/shutterstock_1813883672-scaled.jpg>; rel="canonical"
expires: Mon, 22 Dec 2025 06:31:59 GMT

GET
H2 200 shutterstock_1771451024.jpg
i0.wp.com/boingboing.net/wp-content/uploads/2022/02/ 3 KB
3 KB 62ms
60ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2022/02/shutterstock_1771451024.jpg?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

730b20a2c4dc1e0a26b668ce68d69b92b15138c3c494585f3f939a65462e9acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3096
x-nc: HIT jfk 3
last-modified: Fri, 22 Dec 2023 17:30:54 GMT
server: nginx
etag: "514d1ee38f7a024f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2022/02/shutterstock_1771451024.jpg>; rel="canonical"
expires: Mon, 22 Dec 2025 05:30:54 GMT

GET
H2 200 OutdoorWorlddddd.jpg
i0.wp.com/boingboing.net/wp-content/uploads/2023/12/ 6 KB
7 KB 62ms
60ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/boingboing.net/wp-content/uploads/2023/12/OutdoorWorlddddd.jpg?resize=200%2C135&ssl=1

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d07c2ab1d34563b4bd3353767365a83e8d376afad5103debd2fc0c5b210ab16d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:15 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6530
x-nc: HIT jfk 4
last-modified: Fri, 22 Dec 2023 17:59:53 GMT
server: nginx
etag: "50dc904db6adcf20"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://boingboing.net/wp-content/uploads/2023/12/OutdoorWorlddddd.jpg>; rel="canonical"
expires: Mon, 22 Dec 2025 05:59:53 GMT

GET
H2 200 359 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 1537ms
180ms Script
application/javascript 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/359?url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ref=
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 269027ddf9abe6833d19f2ca5d34cab9cd471f0c74fb8766a91cfeb3493b49a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 24 Dec 2023 08:01:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 83a750c269eb3a08-YYZ

GET
H/1.1 401
Unauthorized zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ 0
0 560ms
95ms Script
text/html 143.198.98.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=560&friendly=friendly_55906680&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=55906680&encode=1&origin=https%3A%2F%2Fnasledard.shokodeal.ru%2F&referrer=https://nasledard.shokodeal.ru/
Requested by: Host: widget.sellwild.com
URL: https://widget.sellwild.com/boingboing/boingboing-boing-boing-home-page.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.198.98.80 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: bidstream-sfc-01.advertserve.org
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H/1.1 401
Unauthorized zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ 0
0 1318ms
96ms Script
text/html 143.198.98.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=560&friendly=friendly_34220476&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=34220476&encode=1&origin=https%3A%2F%2Fnasledard.shokodeal.ru%2F&referrer=https://nasledard.shokodeal.ru/
Requested by: Host: widget.sellwild.com
URL: https://widget.sellwild.com/boingboing/boingboing-boing-boing-home-page.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.198.98.80 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: bidstream-sfc-01.advertserve.org
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H/1.1 401
Unauthorized zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ 0
0 3306ms
93ms Script
text/html 143.198.98.80
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=561&friendly=friendly_65234404&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=65234404&encode=1&origin=https%3A%2F%2Fnasledard.shokodeal.ru%2F&referrer=https://nasledard.shokodeal.ru/
Requested by: Host: widget.sellwild.com
URL: https://widget.sellwild.com/boingboing/boingboing-boing-boing-home-page.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.198.98.80 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: bidstream-sfc-01.advertserve.org
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 listings-img-data-sm-fandom Show response
cache.sellwild.com/ 187 KB
142 KB 168ms
102ms Fetch
application/json 13.33.82.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.sellwild.com/listings-img-data-sm-fandom
Requested by: Host: widget.sellwild.com
URL: https://widget.sellwild.com/boingboing/boingboing-boing-boing-home-page.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.82.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-82-87.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac68fd3bda1a18567244b5e87d6d6472975952fbdbe5839592074b6e19b8965f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:16 GMT
content-encoding: gzip
via: 1.1 d58537e312a32f11086af17e2a952efc.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 144230
last-modified: Sun, 24 Dec 2023 07:49:42 GMT
server: AmazonS3
etag: "2bbcf8351300f1d8e0633289b309fdd9"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: grU2VCPB90LwKOTkHW6W_BKXWq_hGRggIogpxlwMcESz6MHN48Lo_w==

GET
H2 200 configs
d.pub.network/v2/sites/boingboing-net/ 54 KB
7 KB 1389ms
48ms Other
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/v2/sites/boingboing-net/configs?env=PROD
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 9d56064ab6af621d026510dd1fb206fc7dd5b9e8a36a335632cdc3e544c2e83b

Request headers

Referer: https://nasledard.shokodeal.ru/
Origin: https://nasledard.shokodeal.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:17 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 3227ms
57ms Script
application/javascript 192.184.68.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:19 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 31 Dec 2023 08:01:19 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 88ms
26ms Script
application/javascript 108.139.47.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-108.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 06:33:25 GMT
content-encoding: gzip
via: 1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 5271
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: QtinDfaQlUgcFtZJl55WENorgCcN7XpBWZiKruCvExmk3kifdmOegQ==

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 26ms
23ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=87954168&post=421667&tz=-8&srv=boingboing.net&j=1%3A12.9.1&host=nasledard.shokodeal.ru&ref=&fcp=854&rand=0.7414592731713274
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Dec 2023 08:01:15 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
boingboing.net/wp-includes/js/ 18 KB
5 KB 43ms
42ms Script
application/javascript 104.22.41.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://boingboing.net/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.41.69 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 390866
alt-svc: h3=":443"; ma=86400
x-clacks-overhead: GNU Terry Pratchett
last-modified: Sat, 01 Apr 2023 23:40:34 GMT
server: cloudflare
etag: W/"4904-5f84eda242260-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=2592000
x-server: ip-10-10-21-209.ca-central-1.compute.internal
cf-ray: 83a750bb3bc736bb-YYZ
expires: Wed, 20 Dec 2023 19:26:50 GMT

GET
H2 500 main.js
nasledard.shokodeal.ru/cdn-cgi/challenge-platform/scripts/jsd/ Frame C1A9 0
0 153ms
151ms Script
text/html 91.240.202.161
SERVINGA-UK

General

Check archive.org

Show headers Download Go to

Full URL: https://nasledard.shokodeal.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.240.202.161 Manchester, United Kingdom, ASN212228 (SERVINGA-UK, DE),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:16 GMT
server: nginx/1.24.0
content-length: 579
content-type: text/html

POST
H2 204 collect
analytics.google.com/g/ 0
259 B 111ms
38ms Ping
text/plain 142.251.40.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-X0MTXTYEJ1&gtm=45je3bt0v870172482&_p=1703404875761&_gaz=1&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=136449026.1703404876&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703404876&sct=1&seg=0&dl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&dt=Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things%20-%20Boing%20Boing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1121
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X0MTXTYEJ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s39-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 109ms
37ms Ping
text/plain 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X0MTXTYEJ1&cid=136449026.1703404876&gtm=45je3bt0v870172482&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X0MTXTYEJ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 51ms
50ms Script
application/javascript 142.251.40.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-790TYZG3KL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ24Q2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

822f983eb7bd6e714f4984d329d7f2709e6732489058be8bd0f48aa82df3cb39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86127
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Dec 2023 08:01:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 218ms
24ms Script
text/javascript 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNJ24Q2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 24 Dec 2023 07:51:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 567
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 24 Dec 2023 09:51:49 GMT

GET
H2 200 1174428159312267 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 104ms
102ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1174428159312267?v=2.9.138&r=stable&domain=nasledard.shokodeal.ru

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7e03c403f29c8d05210f0f5f716d46da1f65794d03a9ee78f8c0d24456dfff2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 24 Dec 2023 08:01:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: EHz8Vp2HQgpNKOwJokka9IiYnuxYQR6GokVnS4xdJW7ypiu2mU81gL8jFrCNh1PJD1oLtcRrRrQM9tJo7o2J3w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 skin-1021419.json Show response
video.unrulymedia.com/native/skins/ 530 B
809 B 165ms
164ms XHR
application/json 104.18.42.161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/skins/skin-1021419.json
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/custom/unruly/outstream/skin.js?site_id=1021419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.42.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b078277391a14575c00196a4bf23006ea032ec77c7c7d01cd1336cdc4f1fbe46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:16 GMT
x-amz-version-id: KjlnRn84PxntCG5mIoZF2TSpoD0tuCL3
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-request-id: P03ED27AEDTPJEWW
x-amz-server-side-encryption: AES256
x-amz-id-2: zs1IsKQxsHQEjneL1/fwpdTx4XkTLRYVmtnzXKOW1lEZ1kK4xZy6uxY0NGLHm+PwsZ8Uowzk0pLgrHFlAzStaA==
x-amz-expiration: expiry-date="Sat, 05 Oct 2030 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Fri, 06 Oct 2023 17:01:26 GMT
server: cloudflare
etag: W/"0ddd7b79e6ff8bed946f08e3af6c6d32"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: max-age=3600
cf-ray: 83a750bbdf653a04-YYZ

GET
H2 200 track
track1.aniview.com/ 0
142 B 372ms
33ms Image
text/plain 96.46.186.186
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=603f65a2e291680ef30af9c7&cid=6265145b67ce6a604d44ebf5&cb=1703404876120&r=nasledard.shokodeal.ru&stagid=62af35d851923c62777207b4&stplid=&cd10=&e=c9&cd11=1-run
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:16 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
142 B 371ms
32ms Image
text/plain 96.46.186.186
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=603f65a2e291680ef30af9c7&cid=6265145b67ce6a604d44ebf5&cb=1703404876120&r=nasledard.shokodeal.ru&stagid=62af35d851923c62777207b4&stplid=&cd10=1021419&e=c9&cd11=2-tag
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:16 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=7518287&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703404876123&ns_c=UTF-8&c7=https%3A%2F%2Fnasledard.shokodeal.ru%2F&c8=Boing%20Boing%20-%20A%20Directory%20of...
https://sb.scorecardresearch.com/b2?c1=2&c2=7518287&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703404876123&ns_c=UTF-8&c7=https%3A%2F%2Fnasledard.shokodeal.ru%2F&c8=Boing%20Boing%20-%20A%20Directory%20o...

0
224 B

33ms
32ms

Image
text/plain

108.139.47.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=7518287&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703404876123&ns_c=UTF-8&c7=https%3A%2F%2Fnasledard.shokodeal.ru%2F&c8=Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things%20-%20Boing%20Boing&c9=
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-108.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:16 GMT
via: 1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-amz-cf-id: cKA1DJ4TMtP16YwDRlz8OlL2-_C-DHZUQ0dpSNve_0aH6VU6-ku5VQ==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 24 Dec 2023 08:01:16 GMT
via: 1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=7518287&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703404876123&ns_c=UTF-8&c7=https%3A%2F%2Fnasledard.shokodeal.ru%2F&c8=Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things%20-%20Boing%20Boing&c9=
content-length: 0
x-amz-cf-id: -YjddfmomZYpQ-jquHZMfFMbNQYWSXPsEL90MnKWgXIiS-lZuq0UAg==

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c66a353a41d0dbbba01771df9c85216b38de3eb60d119e044e27e4a0e456dd37

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d84084ddbac30cee4fd1bba6af7f02459bf865eb8774053219773b353a6c1747

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 647a9f19e8a84fef49fb1878530915e3a25d502f92544534f5f8b33ba795d533

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fccb94c019c702f19cfd2dbae0b9f528cdece1f0bc949d7520bc74933036a8f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/jpeg

POST
H2 204 collect
www.google-analytics.com/g/ 0
176 B 95ms
39ms Ping
text/plain 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-790TYZG3KL&gtm=45je3bt0v869984757z8865882412&_p=1703404875761&gcd=11l1l1l1l1&dma=0&cid=136449026.1703404876&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703404876&sct=1&seg=0&dl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&dt=Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things%20-%20Boing%20Boing&en=page_view&_fv=1&_ss=1&tfd=1272
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-790TYZG3KL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s72-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 106ms
32ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1174428159312267&ev=PageView&dl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&rl=&if=false&ts=1703404876257&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703404876252.138092086&ler=empty&it=1703404876114&coo=false&rqm=GET

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 24 Dec 2023 08:01:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame D5E2 85 KB
30 KB 87ms
25ms Script
text/javascript 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/custom/unruly/outstream/skin.js?site_id=1021419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 15:02:36 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
107 B 39ms
37ms XHR
text/plain 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1014653869&t=pageview&_s=1&dl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ul=en-us&de=UTF-8&dt=Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things%20-%20Boing%20Boing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2115548544&gjid=686213&cid=136449026.1703404876&tid=UA-228667204-1&_gid=102393580.1703404876&_r=1&_slc=1&gtm=45He3bt0n81NNJ24Q2v865882412&gcd=11l1l1l1l1&dma=0&z=1301750945

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0cbeffd45bc753dbff63d81e8897b384362d839208c15f63a8913340d646f8d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 38ms
37ms XHR
text/plain 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-228667204-1&cid=136449026.1703404876&jid=2115548544&gjid=686213&_gid=102393580.1703404876&_u=YADAAEAAAAAAACAAI~&z=1932479514

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 24 Dec 2023 08:01:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 45ms
44ms Script
application/javascript 142.251.40.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S3DJCJEBJM&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Google Tag Manager /

Resource Hash

8dae39010aec4fc4dfb542b6f3436487197b3008a6279276084ac66dc771bed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82950
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Dec 2023 08:01:16 GMT

GET
H/1.1 200
OK spt Show response
tg1.unrulyvideo.com/api/adserver/ 23 KB
7 KB 233ms
30ms Script
text/javascript 23.200.88.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.unrulyvideo.com/api/adserver/spt?AV_TAGID=62af35d851923c62777207b4&AV_PUBLISHERID=603f65a2e291680ef30af9c7&AV_CDIM10=1021419
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/custom/unruly/outstream/skin.js?site_id=1021419
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.88.18 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cbcfcee6d93e14b23a8f9c1be1ba0a587050f2ecfb992881d73e46d9c9d4385d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Bamboo-C-SkSt: 1
Content-Encoding: gzip
X-Bamboo-C-SkFe: 1
X-Bamboo-C-S: BYPASS
Date: Sun, 24 Dec 2023 08:01:16 GMT
Connection: keep-alive
Content-Length: 6623
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Vary: Accept-Encoding, Origin
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Expires: Sun, 24 Dec 2023 08:06:16 GMT

GET
H2 200 track
track1.aniview.com/ 0
142 B 74ms
33ms Image
text/plain 96.46.186.186
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=603f65a2e291680ef30af9c7&cid=6265145b67ce6a604d44ebf5&cb=1703404876418&r=nasledard.shokodeal.ru&stagid=62af35d851923c62777207b4&stplid=&cd10=1021419&e=c9&cd11=3-getSiteData
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:16 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
143 B 72ms
32ms Image
text/plain 96.46.186.186
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=603f65a2e291680ef30af9c7&cid=6265145b67ce6a604d44ebf5&cb=1703404876418&r=nasledard.shokodeal.ru&stagid=62af35d851923c62777207b4&stplid=&cd10=1021419&e=c9&cd11=4-loadStudio
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:16 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 377ms
62ms Image
image/gif 142.250.176.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-228667204-1&cid=136449026.1703404876&jid=2115548544&_u=YADAAEAAAAAAACAAI~&z=1853264186

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 39ms
38ms Ping
text/plain 142.251.40.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-S3DJCJEBJM&gtm=45je3bt0v9134148836&_p=1703404875761&_gaz=1&gcd=11l1l1l1l2&dma=0&gdid=dZTNiMT&ul=en-us&sr=1600x1200&cid=136449026.1703404876&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&dt=Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things%20-%20Boing%20Boing&sid=1703404876&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1580
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DJCJEBJM&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s39-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 39ms
39ms Ping
text/plain 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S3DJCJEBJM&cid=136449026.1703404876&gtm=45je3bt0v9134148836&aip=1&dma=0&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DJCJEBJM&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
servt.unrulyvideo.com/ 0
143 B 156ms
41ms Image
text/plain 96.46.186.186
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.unrulyvideo.com/track?pid=603f65a2e291680ef30af9c7&cid=632c5d4e92169f17d861cb48&cb=1703404876656&r=nasledard.shokodeal.ru&stagid=62af35d851923c62777207b4&stplid=62b08bd1ff25cd1ac30f2fb8&d35=&cd10=1021419&e=playerLoaded
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:16 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H2 200 /
optimise.net/ Frame 0
0 121ms
44ms Preflight 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=boingboing.net&t=desktop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-expose-headers: fs-client-rtt
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Sun, 24 Dec 2023 08:01:17 GMT
expires: 0
fs-client-rtt: 10
pragma: no-cache
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google

GET
H3 200 / Show response
optimise.net/ 6 KB
6 KB 85ms
28ms Fetch
application/json 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=boingboing.net&t=desktop

Requested by

Host: a.pub.network
URL: https://a.pub.network/boingboing-net/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

2e15c4964ecdeeae79ebfb5400210729d5463525cfe78caa6e67288f1b618386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google
date: Sun, 24 Dec 2023 08:01:08 GMT
fs-client-rtt: 28
age: 9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5747
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-expose-headers: fs-client-rtt
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires: 0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 27ms
26ms Script
application/javascript 108.139.47.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/boingboing-net/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-108.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 06:33:25 GMT
content-encoding: gzip
via: 1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 5273
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: nEnwyzJG4xf4InB_YTWvvGuWxoQOB-z9Bjj3vInL5pNkPx-XTYejxw==

GET
H2 200 pubfig.engine.js Show response
a.pub.network/core/pubfig/5.28.0/ 363 KB
110 KB 39ms
39ms Script
application/javascript 104.18.21.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/pubfig/5.28.0/pubfig.engine.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/boingboing-net/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19a8a58b06d1b033e1f59e0ffa9f9e67c01d9afc5aec78328fdb901da7877be2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 163803
x-guploader-uploadid: ABPtcPrNkvSTNJ9Ci5-JLb_NuXf8BpJm3t8nu4Lft9gH0La7P-OOihT3-y6Kk1oNEK8vNXvMNgI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 19 Dec 2023 17:30:18 GMT
server: cloudflare
etag: W/"5b6a384c76af40c2840367f723143a49"
vary: Accept-Encoding
x-goog-hash: crc32c=MRC1sQ==, md5=W2o4THavQMKEA2f3IxQ6SQ==
x-goog-generation: 1703007018974873
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 371790
cf-ray: 83a750c2ac77543d-YYZ
expires: Sun, 24 Dec 2023 09:01:17 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
318 B 33ms
32ms Image
text/plain 108.139.47.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703404877247&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fnasledard.shokodeal.ru%2F&c8=Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things%20-%20Boing%20Boing&c9=
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-108.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:17 GMT
via: 1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-amz-cf-id: P4E_zePRIKv2-48afJlIwikzGSJseRLkGXcsoYNiVYoKqplmxjOwaw==
x-cache: Miss from cloudfront

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 412ms
75ms Script
text/javascript 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.28.0/pubfig.engine.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4e04c629cc620af00915adb8846b248d648af291c33a51a6c7a733745ac1610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29088
x-xss-protection: 0
server: cafe
etag: 739 / 19715 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 08:01:17 GMT

GET
H2 200 prebid-analytics-8.27.0.js Show response
a.pub.network/core/ 687 KB
219 KB 42ms
42ms Script
text/javascript 104.18.21.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.28.0/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32f5acbeaf7ccddc8ce13c49068b369302a2911e785fccba112eacb95524d90c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 77401
x-guploader-uploadid: ABPtcPrUTdm99vXRvJX0YyeS7E459bFGccP_6vl01HeSHOxsxrTUdpOIAVnwCeOnDjf5QuxH8ys
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 14 Dec 2023 17:02:40 GMT
server: cloudflare
etag: W/"7e0c4234982f9ce38492007cc357beca"
vary: Accept-Encoding
x-goog-hash: crc32c=meKL5Q==, md5=fgxCNJgvnOOEkgB8w1e+yg==
x-goog-generation: 1702573360105265
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 703135
cf-ray: 83a750c35cec543d-YYZ
expires: Mon, 25 Dec 2023 08:01:17 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 78ms
24ms Script
application/javascript 172.67.36.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?partner_id=359&sync=1&url=https%3A%2F%2Fnasledard.shokodeal.ru%2F
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/359?url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.36.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:17 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CADRK6PEVBEZB5
age: 6328
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 83a750c3d8334bc9-BUF
x-amz-id-2: flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=

GET
H2 200 359 Show response
p.ad.gt/api/v1/p/ 47 KB
15 KB 3220ms
56ms Script
application/javascript 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/359
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/359?url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39dcc3e5571fd13f5d44e2148a127945040c8bb6f2cfb53e1c0ada494500314e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 24 Dec 2023 08:01:09 GMT
server: cloudflare
age: 11
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83a750d77c9136ff-YYZ

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001703404877-OVQDG63P-6OWX%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&adnxs_id=1067000970582424152&gdpr=0

43 B
118 B

111ms
110ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&adnxs_id=1067000970582424152&gdpr=0
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:22 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a750e06c8b39e9-YYZ
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
an-x-request-uuid: af2d4525-a0b8-4972-bfa8-b79ed55e8680
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&adnxs_id=1067000970582424152&gdpr=0
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001703404877-OVQDG63P-6OWX&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001703404877-OVQDG63P-6OWX&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=06520073-fb72-4ed5-983e-803febf0635f&id=AU1D-0100-001703404877-OVQDG63P-6OWX

43 B
95 B

132ms
119ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=06520073-fb72-4ed5-983e-803febf0635f&id=AU1D-0100-001703404877-OVQDG63P-6OWX
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:17 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a750c69e3139e9-YYZ
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=06520073-fb72-4ed5-983e-803febf0635f&id=AU1D-0100-001703404877-OVQDG63P-6OWX
date: Sun, 24 Dec 2023 08:01:17 GMT
server: Kestrel
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001703404877-OVQDG63P-6OWX
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001703404877-OVQDG63P-6OWX
https://ids.ad.gt/api/v1/pbm_match?pbm=89650751-3BF3-4D23-9052-3F05C2D55689&id=AU1D-0100-001703404877-OVQDG63P-6OWX

43 B
118 B

119ms
118ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=89650751-3BF3-4D23-9052-3F05C2D55689&id=AU1D-0100-001703404877-OVQDG63P-6OWX
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:24 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a750f06dec39e9-YYZ
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=89650751-3BF3-4D23-9052-3F05C2D55689&id=AU1D-0100-001703404877-OVQDG63P-6OWX
date: Sun, 24 Dec 2023 08:01:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
696 B 8243ms
32ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001703404877-OVQDG63P-6OWX&gdpr=0
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 0190a17a18f2299b1b85aeb1793e601c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001703404877-OVQDG63P-6OWX&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001703404877...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001703404877-OVQDG63P-6OWX&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001703...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5242fdf3-107d-47a2-b8fa-e97d01d08b23%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=06520073-fb72-4ed5-983e-803febf0635f&ttd_puid=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&tapad_id=5242fdf3-107d-47a2-b8fa-e97d01d08b23

43 B
118 B

112ms
111ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&tapad_id=5242fdf3-107d-47a2-b8fa-e97d01d08b23
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:19 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a750cd7c9c39e9-YYZ
content-length: 43
content-type: image/gif

Redirect headers

date: Sun, 24 Dec 2023 08:01:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&tapad_id=5242fdf3-107d-47a2-b8fa-e97d01d08b23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001703404877-OVQDG63P-6OWX
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001703404877-OVQDG63P-6OWX&google_tc=
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&google_gid=CAESEKhcpaHdfzA6U9Njvx1vWoI&google_cver=1&google_ula=450542624,0

43 B
113 B

124ms
117ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&google_gid=CAESEKhcpaHdfzA6U9Njvx1vWoI&google_cver=1&google_ula=450542624,0
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:17 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a750c69e3239e9-YYZ
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&google_gid=CAESEKhcpaHdfzA6U9Njvx1vWoI&google_cver=1&google_ula=450542624,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001703404877-OVQDG63P-6OWX
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMzQwNDg3Ny1PVlFERzYzUC02T1dY

170 B
188 B

42ms
41ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMzQwNDg3Ny1PVlFERzYzUC02T1dY

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwMzQwNDg3Ny1PVlFERzYzUC02T1dY
date: Sun, 24 Dec 2023 08:01:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a750c69e3039e9-YYZ
content-type: text/html; charset=utf-8

GET
H2

200

amo_match
ids.ad.gt/api/v1/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001703404877-OVQDG63P-6OWX
https://ids.ad.gt/api/v1/amo_match?turn_id=3721385948713308019&id=AU1D-0100-001703404877-OVQDG63P-6OWX

43 B
118 B

106ms
104ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/amo_match?turn_id=3721385948713308019&id=AU1D-0100-001703404877-OVQDG63P-6OWX
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a750c89fc539e9-YYZ
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/amo_match?turn_id=3721385948713308019&id=AU1D-0100-001703404877-OVQDG63P-6OWX
pragma: no-cache
date: Sun, 24 Dec 2023 08:01:17 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001703404877-OVQDG63P-6OWX%26auid%3DAU...
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001703404877-OVQDG63P-6OWX%26auid...
https://ids.ad.gt/api/v1/openx?openx_id=9b0c319b-a4d1-4c37-b066-69c9471a2c05&id=AU1D-0100-001703404877-OVQDG63P-6OWX&auid=AU1D-0100-001703404877-OVQDG63P-6OWX

43 B
170 B

181ms
120ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=9b0c319b-a4d1-4c37-b066-69c9471a2c05&id=AU1D-0100-001703404877-OVQDG63P-6OWX&auid=AU1D-0100-001703404877-OVQDG63P-6OWX
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:33 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a75129b9c236c5-YYZ
content-length: 43
content-type: image/gif

Redirect headers

date: Sun, 24 Dec 2023 08:01:33 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://ids.ad.gt/api/v1/openx?openx_id=9b0c319b-a4d1-4c37-b066-69c9471a2c05&id=AU1D-0100-001703404877-OVQDG63P-6OWX&auid=AU1D-0100-001703404877-OVQDG63P-6OWX
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

ppnt_match
ids.ad.gt/api/v1/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001703404877-OVQDG63P-6OWX
https://ids.ad.gt/api/v1/ppnt_match?uid=Ebtx9v6avFz1&ev=1&pid=562316&id=AU1D-0100-001703404877-OVQDG63P-6OWX

43 B
95 B

108ms
107ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ppnt_match?uid=Ebtx9v6avFz1&ev=1&pid=562316&id=AU1D-0100-001703404877-OVQDG63P-6OWX
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:19 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a750ce8d5639e9-YYZ
content-length: 43
content-type: image/gif

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
location: https://ids.ad.gt/api/v1/ppnt_match?uid=Ebtx9v6avFz1&ev=1&pid=562316&id=AU1D-0100-001703404877-OVQDG63P-6OWX
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-db744d8c7-qphmw
expires: -1

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/8TlPs9_ElE3wQ2Gw5lJXkicRVtw/gpt_and_prebid/ 96 KB
22 KB 420ms
38ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/8TlPs9_ElE3wQ2Gw5lJXkicRVtw/gpt_and_prebid/config.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.28.0/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca77a13bf356c9a305f7030b969e3b32b828937cb213f8bb9a08c26548455968

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 13:24:38 GMT
server: cloudflare
x-amz-request-id: GJQHG50ZP9FTRX8C
age: 776
etag: W/"dfe065824893d7f95659180a0a8d200b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 83a750cba8ce5419-YYZ
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6MN1ICtShUGOEcNIf8DuZ6xo/67tWpY4+FAm5h6ORHR7kxQ1s31G7nKlhnWB3XtpOlgG6qfx50Q=

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://freestar-io.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=freestar-io&upapi=true

414 KB
96 KB

7292ms
50ms

Script
application/javascript

172.67.41.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=freestar-io&upapi=true
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dde7b947a88f2708565bf99cc45b0a4c4fd94f41d8f1d7c8dcc4d47ae1d49f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:26 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Sun, 24 Dec 2023 07:44:32 GMT
server: cloudflare
age: 894
etag: "a31978bc34a1d97a1a5aef39ad7c175e"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 83a750fbdb6536ce-YYZ
content-length: 97699

Redirect headers

date: Sun, 24 Dec 2023 08:01:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeyidpc%2B0rpPdpjLJeL68XFHPCseGdAak%2FKy70vOgc5ailV6JJIpJE99QdyGDAIHQl0LOLKRJ4DV%2B8aMHMGj0hOTWKS4hn7RctUw0SI1LA86hA8cOeY5QKHuOqSRFLauj17zZay29TSNGlHeNJqRIg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=freestar-io&upapi=true
cache-control: max-age=3600
cf-ray: 83a750cdfb6d4bc7-BUF
expires: Sun, 24 Dec 2023 09:01:19 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 108 B
297 B 35ms
34ms XHR
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=359&sync=1&domain=nasledard.shokodeal.ru&url=https://nasledard.shokodeal.ru/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?partner_id=359&sync=1&url=https%3A%2F%2Fnasledard.shokodeal.ru%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d2ec1aa405da7068c3f24d33885a6957e91d5796ec0cd7f0d3e40cdfabe744

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:17 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 83a750c4dd7a4bc3-BUF

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 99ms
35ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=359&sync=1&domain=nasledard.shokodeal.ru&url=https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 83a750c4ad714bc3-BUF
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 08:01:17 GMT
debug: OPTIONS block
expires: Mon, 23 Dec 2024 08:01:17 GMT
server: cloudflare

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
95 B 107ms
107ms Image
image/gif 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001703404877-OVQDG63P-6OWX&halo_id=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a750cbfb6439e9-YYZ
content-length: 43
content-type: image/gif

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 25ms
24ms Script
text/javascript 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 07:56:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 23 Dec 2024 07:56:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 67 B
79 B 101ms
48ms XHR
application/json 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nasledard.shokodeal.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95fb54d34a080832d20a2a5de4c270995f6f9ae80ec2681e90f2d9b5b262b83f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55
x-xss-protection: 0
expires: Sun, 24 Dec 2023 08:01:17 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
9 KB 26ms
26ms Script
application/javascript 172.67.36.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.28.0/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.36.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:17 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CADRK6PEVBEZB5
age: 6328
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 83a750c6d9c94bc9-BUF
x-amz-id-2: flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=

GET
H2 200 IIQUniversalID.js Show response
a.pub.network/core/intentIQ/20230622/ 55 KB
13 KB 40ms
40ms Script
text/javascript 104.18.21.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.28.0/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 163801
x-guploader-uploadid: ABPtcPqlQ9LLOxD_dfzEsGeUtT9bncMhzfMUre8Ufl-gPrfORxPe1zy27dsMm0eliI3QTAhvNMxTbQZS7w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 22 Jun 2023 23:15:14 GMT
server: cloudflare
etag: W/"c45a15a8a50c2a275e14695cf631d08d"
vary: Accept-Encoding
x-goog-hash: crc32c=6m2COg==, md5=xFoVqKUMKideFGlc9jHQjQ==
x-goog-generation: 1687475714790007
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 56442
cf-ray: 83a750c6df3f543d-YYZ
expires: Sun, 24 Dec 2023 09:01:17 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 388ms
31ms Script
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.28.0/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 07:03:40 GMT
content-encoding: gzip
via: 1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront), 1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:11 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 3459
x-amz-server-side-encryption: AES256
etag: W/"bab82e5d8801f394c1ef53a45dc29542"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: _bbndcYhyzoxKTGhJwbx_O6E4SSKWt6vDWe3FQD2uMzzpIqrU5bviw==

GET
H2 200 ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/ 91 B
911 B 116ms
53ms XHR
text/html 13.226.34.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&jsver=5.4&iiqidtype=2&iiqpcid=651ed139-3f9e-4ee1-aa41-f7675d87c3c7&iiqpciddate=1703404877944&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=695_1703404877944&cttl=43200000&rrtt=0&dud=0&abtg=A&vrref=nasledard.shokodeal.ru&japbjs=true&japs=false
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-99.ewr53.r.cloudfront.net
Software: /
Resource Hash: fd65c396a579db2b79c5e5df1f3bf3f8c37d57e02535f527f188f4747087a462

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
via: 1.1 1f4c9bd672bb89060a69b305de06ad0e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
pragma: no-cache
access-control-max-age: 3600
vary: Origin
content-type: text/html
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-methods: POST, GET
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: 0S6v9Y0UGwYH3_D5re7Z3CmKJCeHk-mHwy87Lc2uDQRDpUrLxJxTZA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain

https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=168345&iiqidtype=2&iiqpcid=651ed139-3f9e-4ee1-aa41-f7675d87c3c7&iiqpciddate=1703404877944&tsr...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=168345&iiqidtype=2&iiqpcid=651ed139-3f9e-4ee1-aa41-f7675d87c3c7&iiqpciddate=1703404877944&ts...

43 B
937 B

98ms
73ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=168345&iiqidtype=2&iiqpcid=651ed139-3f9e-4ee1-aa41-f7675d87c3c7&iiqpciddate=1703404877944&tsrnd=460_1703404877946&vrref=nasledard.shokodeal.ru&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=ajT7DykrFe&nc=false&trid=2031240876
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:19 GMT
via: 1.1 686217785c5aa257660a5a0c173f7be8.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: msPNwIK4qbtjWNmFy7lfOP_b6RELCBJ9ZuLMv2BIP3mH-HEEidv0DQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:19 GMT
via: 1.1 686217785c5aa257660a5a0c173f7be8.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=168345&iiqidtype=2&iiqpcid=651ed139-3f9e-4ee1-aa41-f7675d87c3c7&iiqpciddate=1703404877944&tsrnd=460_1703404877946&vrref=nasledard.shokodeal.ru&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=ajT7DykrFe&nc=false&trid=2031240876
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: n54X59MwASf4D0sNIMsxepFsJA5hBg6vq_eqXE-WZAtS53i2upQcAg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 42ms
41ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83a750c84e994bc3-BUF
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 08:01:18 GMT
debug: rtd-nx-ny
server: cloudflare

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 36ms
36ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83a750c85eb54bc3-BUF
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 08:01:18 GMT
debug: rtd-nx-ny
server: cloudflare

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 35ms
35ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83a750c86ec24bc3-BUF
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 08:01:18 GMT
debug: rtd-nx-ny
server: cloudflare

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 109ms
31ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&domain=nasledard.shokodeal.ru&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 24 Dec 2023 08:01:18 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 240711
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 liveView.php Show response
live.primis.tech/live/ 47 KB
18 KB 1131ms
44ms Script
text/javascript 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=115605&cbuster=1703404878&pubUrl=https://nasledard.shokodeal.ru/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,551,1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.28.0/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: a12d543c2e94db7f7ac727f018193a53df28cb7818cacb921d6d49b8c822fb6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:19 GMT
content-encoding: gzip
via: 1.1 265f86fb756e20f9d3cb8bee2056224c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: JFK52-P5
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZmVMuJO7tPWmEn9swqPzURrkNtXZmEpBeHOl_b7p7T727TFy_ggCGw==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 47ms
46ms Script
application/javascript 192.184.68.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.28.0/pubfig.engine.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:19 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 31 Dec 2023 08:01:19 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
85 B 36ms
35ms Fetch
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-ny
access-control-allow-headers: *
content-length: 27
cf-ray: 83a750c89eda4bc3-BUF

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
82 B 45ms
45ms Fetch
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-ny
access-control-allow-headers: *
content-length: 27
cf-ray: 83a750c89edb4bc3-BUF

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
82 B 44ms
43ms Fetch
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-ny
access-control-allow-headers: *
content-length: 27
cf-ray: 83a750c89edc4bc3-BUF

GET
H2 200 json Show response
gum.criteo.com/sid/ 352 B
1021 B 347ms
32ms Fetch
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&domain=nasledard.shokodeal.ru&cw=1&lsw=1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1cf29f37c87f0bac8850b128ed5ae93162fc5a27242c0ce0ebbccb814c722b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:18 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1244793
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
674 B 47ms
46ms Fetch
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8ce0dbff9666916e7afa9b1bf404aa531c046b507eb59f95aab2ada3aee546d4

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Tue, 23 Jan 2024 08:01:18 GMT

GET
H2 200 fslogo-green.svg
a.pub.network/core/imgs/ 1 KB
1 KB 51ms
48ms Image
image/svg+xml 104.18.21.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.pub.network/core/imgs/fslogo-green.svg
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1758
x-guploader-uploadid: ABPtcPpFyHhe7LOrf4kdKQdjdx_VDFSlFwuOgmQXhXsQPeN83Ac7QnNCOv6vr8vTvyjZ_XuGiWWDuW3Pcg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 08 Sep 2020 17:04:37 GMT
server: cloudflare
etag: W/"326d6cbd977657e1205bd616d1f2faca"
vary: Accept-Encoding
x-goog-hash: crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
x-goog-generation: 1599584677716817
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 1193
cf-ray: 83a750c89866543d-YYZ
expires: Sun, 24 Dec 2023 09:01:18 GMT

POST
H2 200 cookie_sync Show response
s2s.t13.io/ 2 KB
836 B 1358ms
45ms Fetch
application/json 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/cookie_sync
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 4089419cd138bdc7d0b5744c2e7f8d246d5b8eee0b9df122f50b871d4ea0146e

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:19 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617
expires: 0

POST auction
s2s.t13.io/openrtb2/ 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
201 B 115ms
31ms Fetch 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.27.0&cb=8557254789&lsavail=1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:18 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET imp
g2.gumgum.com/hbid/ 0
0

POST /
colossusssp.com/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET
H2 200 analytics.min.js Show response
a.pub.network/core/analytics/1.2.5/ 13 KB
5 KB 37ms
37ms Script
application/javascript 104.18.21.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.28.0/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.21.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150abf5d65851c215b785dc90f363002897279f75a0f466caa6c92534a20a2d7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 163804
x-guploader-uploadid: ABPtcPqHJ1C5JnslZsgprxv6f54CXcITs8j9I2NqOjQpqEmAwGcaEcO62Dv_UkuLEu8kSAxCpFI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 04 Oct 2023 16:03:51 GMT
server: cloudflare
etag: W/"defe674f4bb712938099078798b0a1bc"
vary: Accept-Encoding
x-goog-hash: crc32c=JGNbPw==, md5=3v5nT0u3EpOAmQeHmLChvA==
x-goog-generation: 1696435431727744
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 13192
cf-ray: 83a750c99959543d-YYZ
expires: Sun, 24 Dec 2023 09:01:18 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202311070952/ 264 KB
84 KB 288ms
287ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202311070952/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/8TlPs9_ElE3wQ2Gw5lJXkicRVtw/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a01182e6fdcb9d6404cec91d484d2d88f1b61bea42c2556bbf530a9fdf5fa4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 14:58:58 GMT
server: cloudflare
x-amz-request-id: Y3QJJMHYKF3AK95G
age: 2161641
etag: W/"a420a6b303c09adc585ff7b7dfabbd31"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 83a750cd89ee5419-YYZ
alt-svc: h3=":443"; ma=86400
x-amz-id-2: i+/csC3UED5bRuXHaItjqYJqKY6dU+q7tE3HnjhTc7N9MB8xu401wa1iaNesWJDDqkJC/DljoCk=

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 713 B
393 B 80ms
79ms Fetch
text/plain 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf2dd052844f461ae52bd59de2456cc532fb97cc934ebd71198aec262578020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7f43b403927f3c6822c21c6dc4e2a28f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E43A 6 KB
3 KB 1171ms
46ms Document
text/html 142.251.41.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7f43b403927f3c6822c21c6dc4e2a28f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:01:19 GMT
expires: Mon, 23 Dec 2024 08:01:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
358 B 81ms
80ms Fetch
text/plain 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3722609924732315&correlator=3900152569402108&eid=44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=15184186%3A6203160%2Cboingboing_728x90_970x90_970x250_320x50_ATF%2Cboingboing_300x250_300x600_Right_2%2Cboingboing_300x250_300x600_Right_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x250%7C970x90%7C728x90%2C300x600%7C160x600%7C120x600%7C300x250%2C300x600%7C160x600%7C120x600%7C300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703404878870&lmt=1703404072&adxs=315%2C978%2C978&adys=216%2C1029%2C1556&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&vis=1&psz=984x287%7C304x622%7C304x622&msz=984x272%7C304x622%7C304x622&fws=0%2C0%2C512&ohw=0%2C0%2C0&ga_vid=136449026.1703404876&ga_sid=1703404879&ga_hid=1014653869&ga_fc=true&dlt=1703404875509&idt=2348&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D5434a174-8abf-461e-8cf1-8de0e4788f1d%26floors_id%3De74f03%26floors_hour%3D7%26fs_placementName%3Dboingboing_728x90_970x90_970x250_320x50_ATF%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Db3b1f795-cf27-432a-a190-81ab7086c303%26floors_id%3Dad9641%26floors_hour%3D7%26fs_placementName%3Dboingboing_300x250_300x600_Right_2%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%7Cfsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D65c1de76-dce1-40e9-8f53-972e85462578%26floors_id%3Dad9641%26floors_hour%3D7%26fs_placementName%3Dboingboing_300x250_300x600_Right_3%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout&cust_params=fsitf%3DYYYYYYYYYY------------------------------%26fs_session_id%3D27636239-b943-4a4e-a04f-0e943f029918%26fs_pageview_id%3D75b8ca3955a70fd0b256d94d37239f58%26user-agent%3DChrome%26testGroup%3Dfdb500daf1dc11ef085938ddb39ba30e%26fs_iiq_enabled%3Dtrue%26floors_user%3D1%26floors_rtt%3D28%26fs_clientservermask%3D221333333233333232112%26fs_testgroup%3Doptimised&adks=3144564924%2C3541013931%2C1088460337&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e62f6c7c530baad434c29e094b74e19a69ab13144da53e0b3e748914656633c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
google-lineitem-id: -2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ 35 B
296 B 169ms
28ms Image
image/gif 23.44.201.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=4de1d301-71b2-4966-a67f-8d231df5e36f&cid=&crid=315461417&adunit_count=1&dn=nasledard.shokodeal.ru&requrl=https://nasledard.shokodeal.ru/&istop=true&event=client_timeout&value=1&rd=685
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:19 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 24 Dec 2023 08:01:19 GMT

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 117ms
45ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Dec 2023 08:01:19 GMT

POST auction
s2s.t13.io/openrtb2/ 0
0

GET imp
g2.gumgum.com/hbid/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST /
colossusssp.com/ 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
200 B 37ms
37ms Fetch 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.27.0&cb=62604711630&lsavail=1&bundle=61K2fF9nVlpMcFVJQ0Q4NkV3emk0TW9yVHhWM2syNGYlMkJhdVc1cnI1cE1iallxWm1SWWpuNUF5dHZGaFdRSDFuNzNydjk5UVNvRlRJWll5OGlNVUQ3TDNVNGUzelI5a21WTmFueWZBT251QlZmb28lMkJFT09QZWwlMkYwM1JFMXkzWjdxOW9PYQ

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

112.128.160.34.bc.googleusercontent.com

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:17 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 bootstrap.js Show response
cdn.browsiprod.com/bootstrap/ 35 KB
11 KB 15447ms
43ms Script
application/javascript 18.173.219.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.28.0/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.219.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-21.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3f48c9d80f4f4a6360437b1d44e91684428a008caf42d71cf23c8f2bcc8987d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: w6Ha68pJacUnuHVEsK5t0V6hDTkI3luf
content-encoding: br
via: 1.1 1ecf1db0c771b8f74edd4bd269377c1e.cloudfront.net (CloudFront)
date: Sun, 24 Dec 2023 07:27:17 GMT
last-modified: Mon, 11 Dec 2023 09:04:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 2058
x-amz-server-side-encryption: AES256
etag: W/"a5c7623fd48021f30f35d232712086d5"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=3600
x-amz-cf-id: 1kri8FAxcuMVwxcJZS2UJaT2zEyh3B2r74T8tvH5aZFGtZHFywi3gA==

GET
H2 200 floors Show response
api.floors.dev/sgw/v1/ 4 KB
4 KB 30ms
29ms Fetch
application/json 34.160.128.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.floors.dev/sgw/v1/floors?d=boingboing.net&t=desktop&k=1&r=1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.28.0/pubfig.engine.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

b393d85e91addcb7e2e2be5ed7a73c377596dcec1c7fcbc6766252f3a33a8261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
x-api-key: 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google
date: Sat, 23 Dec 2023 20:35:30 GMT
age: 41150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3753
pragma: no-cache
cache-status: stale
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires: 0

OPTIONS
H2 200 floors
api.floors.dev/sgw/v1/ Frame 0
0 1184ms
98ms Preflight 34.160.128.112
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.floors.dev/sgw/v1/floors?d=boingboing.net&t=desktop&k=1&r=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.128.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

112.128.160.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload;

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
cache-status: uncacheable
content-length: 0
date: Sun, 24 Dec 2023 08:01:20 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000;includeSubDomains;preload;
via: 1.1 google

GET
H2 200 rules-p-gz35SZjJgwWt-.js Show response
rules.quantcount.com/ 160 B
642 B 1141ms
27ms Script
application/javascript 13.226.34.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-gz35SZjJgwWt-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-100.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6068c4c478eeefffa48642b056e34d68990ef7e72de45962666f4e7c551ed6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 07:59:08 GMT
via: 1.1 94344436af750794f6bc9899d89d3a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:10:17 GMT
server: AmazonS3
etag: "0a8f752eb994dff9c82850b66826b161"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Jam4YH2cKr1urL7zbF1ODF_8MPMpk5HF0NkYfdg8LIBjgZcxS8KG8A==

GET
H2 200 rules-p-UeXruRVtZz7w6.js Show response
rules.quantcount.com/ 2 KB
1 KB 1109ms
25ms Script
application/javascript 13.226.34.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-100.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 07:55:49 GMT
content-encoding: gzip
via: 1.1 94344436af750794f6bc9899d89d3a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 332
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
server: AmazonS3
etag: W/"cbc97d16c77ea1fcbbf42d246001e982"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 7bZHQQHsvdX6iRyPuZodP0Hbf8ChPqKP2TUQDfVMQXwC3MSTmk1q3w==

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 95ms
45ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 7f290a8994f2df2dcd627bf8e21448315db2c5fba3b88558eb9ab91f531baf7a

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:19 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H2 200 c
c.pub.network/v2/ Frame 0
0 600ms
44ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Dec 2023 08:01:19 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 344ms
32ms XHR
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Dec 2023 08:01:19 GMT

GET
H2 200 0ab198dd-b265-462a-ae36-74e163ad6159 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
831 B 94ms
24ms Script
application/javascript 18.173.132.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/0ab198dd-b265-462a-ae36-74e163ad6159
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-21.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 8c9fed449b21234fe52a857f944ac4936083a01aeda3198f5fd17f530e210d1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 07:28:06 GMT
via: 1.1 3e2f727ea310e2e3b32b1270aac06aea.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P2
age: 1994
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: 5x73v7-MMcNrkO8YwqJ6ieNINBnGpAoXCdiCSdKmv3ImxAXf45xNIA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
1 KB 37ms
37ms XHR
application/json 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnasledard.shokodeal.ru&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 0eda13bf855220cdec6aaace454f32733f52fcac0bacb575e459b5b081ee9c52

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
via: 1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1054
x-amz-cf-id: LgtUCviHUMN3O5S31AlrO1cmYvPGxS0AxXioBFNA5oyABEaucsTTmw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
467 B 228ms
50ms XHR
text/javascript 108.138.126.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnasledard.shokodeal.ru%2F&pid=Jo3KXjPvBYArF&cb=0&ws=1600x1200&v=23.1211.1645&t=685&slots=%5B%7B%22sd%22%3A%22boingboing_728x90_320x50_Adhesion%22%2C%22s%22%3A%5B%221x1%22%2C%22300x50%22%2C%22320x50%22%2C%22468x60%22%2C%22728x90%22%2C%22970x90%22%2C%22300x100%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F15184186%2C6203160%2Fboingboing_728x90_320x50_Adhesion%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.126.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:19 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 fcce23e7f4e791fa67223a305c4debb8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P4
x-amz-rid: 5S0PJMCMH6SNQ9X3KN0J
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: JFZl1uwYZsc2nWNquIOc9v_aaTwO6HjZsMUiZj8n0Q0zIEWwp6j6Ew==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
467 B 219ms
47ms XHR
text/javascript 108.138.126.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnasledard.shokodeal.ru%2F&pid=Jo3KXjPvBYArF&cb=1&ws=1600x1200&v=23.1211.1645&t=685&slots=%5B%7B%22sd%22%3A%22boingboing_728x90_970x90_970x250_320x50_ATF%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C6203160%2Fboingboing_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%22boingboing_300x250_300x600_Right_2%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C6203160%2Fboingboing_300x250_300x600_Right_2%22%7D%2C%7B%22sd%22%3A%22boingboing_300x250_300x600_Right_3%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C6203160%2Fboingboing_300x250_300x600_Right_3%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.126.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:19 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 fcce23e7f4e791fa67223a305c4debb8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P4
x-amz-rid: A0D632TRNNGW39D9RGCP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: DKmssxeG88oJtbrd2bLrx-cpfNn2Om0wjJFoW-wpTGoN6YdZphXSdw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 1409ms
85ms XHR
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:21 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: EhflRrg2Dfc84rSVkdUoWSmyrKtxPPk4aLhNWGMl9mB_pynf6cllZg==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 1141ms
28ms Script
application/javascript 23.14.152.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.14.152.251 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-14-152-251.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sun, 24 Dec 2023 08:16:21 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 80ms
28ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: KNY29QN45MVGW8S4
age: 2783
etag: W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 83a750d80ec34bc7-BUF
x-amz-id-2: mBalHHT+POONn3rG2rjjcverig52+u65oL2xnTphyM9XbtgQ8esnFmFV5NAbPDdalZBT7I0zLzM=

GET
H3

200

setuid
s2s.t13.io/
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=&gdpr_consent=&us_privacy=
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQJ7AAZ4-1B-CRAW

86 B
115 B

50ms
46ms

Image
image/png

34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2s.t13.io/setuid?bidder=rubicon&uid=LQJ7AAZ4-1B-CRAW
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
content-encoding: gzip
via: 1.1 google
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s2s.t13.io/setuid?bidder=rubicon&uid=LQJ7AAZ4-1B-CRAW
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d67ad46d58ddbab9fb03c088eabaaff8
Expires: 0

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ 35 B
296 B 29ms
29ms Image
image/gif 23.44.201.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=f5db83f1-60ad-4c1d-be22-1ae389b8c539&cid=&crid=315461417|315461417|315461417&adunit_count=3&dn=nasledard.shokodeal.ru&requrl=https://nasledard.shokodeal.ru/&istop=true&event=client_timeout&value=3&rd=685
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:20 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 24 Dec 2023 08:01:20 GMT

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 95ms
45ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 7f290a8994f2df2dcd627bf8e21448315db2c5fba3b88558eb9ab91f531baf7a

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:19 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H2 200 c
c.pub.network/v2/ Frame 0
0 100ms
44ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Dec 2023 08:01:19 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 35ms
34ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83a750d52d104bc3-BUF
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 08:01:20 GMT
debug: rtd-nx-ny
server: cloudflare

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 36ms
35ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83a750d52d264bc3-BUF
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 08:01:20 GMT
debug: rtd-nx-ny
server: cloudflare

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 40ms
39ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83a750d54d444bc3-BUF
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 08:01:20 GMT
debug: rtd-nx-ny
server: cloudflare

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
82 B 34ms
34ms Fetch
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-ny
access-control-allow-headers: *
content-length: 27
cf-ray: 83a750d55d4e4bc3-BUF

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
82 B 35ms
34ms Fetch
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-ny
access-control-allow-headers: *
content-length: 27
cf-ray: 83a750d56d504bc3-BUF

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
82 B 34ms
33ms Fetch
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-ny
access-control-allow-headers: *
content-length: 27
cf-ray: 83a750d58d574bc3-BUF

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
82 B 43ms
42ms Fetch
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-ny
access-control-allow-headers: *
content-length: 27
cf-ray: 83a750d58d594bc3-BUF

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 38ms
37ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83a750d54d464bc3-BUF
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 08:01:20 GMT
debug: rtd-nx-ny
server: cloudflare

POST
H2 200 auction Show response
s2s.t13.io/openrtb2/ 6 KB
2 KB 184ms
182ms Fetch
application/json 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 3bc71d3b49da10693b202f78aadb8a948514bd36953eca124d0885c4b4e02ff6

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 google
x-prebid: pbs-java/2.3.0
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2415
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
200 B 40ms
40ms Fetch 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=144&profileId=185&av=36&wv=8.27.0&bundle=61K2fF9nVlpMcFVJQ0Q4NkV3emk0TW9yVHhWM2syNGYlMkJhdVc1cnI1cE1iallxWm1SWWpuNUF5dHZGaFdRSDFuNzNydjk5UVNvRlRJWll5OGlNVUQ3TDNVNGUzelI5a21WTmFueWZBT251QlZmb28lMkJFT09QZWwlMkYwM1JFMXkzWjdxOW9PYQ&cb=66630942873

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 KB
11 KB 264ms
254ms Fetch
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

d04f6c78aa57a45d32e119faae88f5511f139a7a8099c460210c95d7ccb5cffe

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
an-x-request-uuid: 43969e2b-6a9c-4669-8255-d4a12d223773
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 / Show response
colossusssp.com/ 2 B
142 B 225ms
116ms Fetch
application/json 173.237.69.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.237.69.220 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: openresty /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:20 GMT
access-control-allow-credentials: true
server: openresty
content-length: 2
content-type: application/json

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 55ms
49ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880246&to=600&pubProvidedId=%5B%5D&aun=boingboing_728x90_320x50_Adhesion&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_728x90_320x50_Adhesion%2Fboingboing_728x90_320x50_Adhesion&maxw=970&maxh=90&si=80405&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a9c63c2fe5dff25f9295a322f4749e6ec286a417bbdce334334db644861ce4e2

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 56ms
52ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880247&to=600&pubProvidedId=%5B%5D&aun=boingboing_728x90_320x50_Adhesion&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_728x90_320x50_Adhesion%2Fboingboing_728x90_320x50_Adhesion&maxw=970&maxh=90&si=80403&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4deb2323cb21b0d727ace1727c167ed94b92a98db224ae1660239839daf8b319

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 53ms
51ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880247&to=600&pubProvidedId=%5B%5D&aun=boingboing_728x90_320x50_Adhesion&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_728x90_320x50_Adhesion%2Fboingboing_728x90_320x50_Adhesion&maxw=970&maxh=90&si=80404&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6a60def58f699f4bb516e6dcfc63f64339661819a346ec1463c39a55494edf57

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 55ms
53ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880247&to=600&pubProvidedId=%5B%5D&aun=boingboing_728x90_320x50_Adhesion&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_728x90_320x50_Adhesion%2Fboingboing_728x90_320x50_Adhesion&t=pbtibqqw&pi=2&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e97644295523c5c353c8188214f12970487821db5fc652b06fa71d2832413f50

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 events
bidder.criteo.com/csm/ 0
200 B 32ms
32ms Ping
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:20 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 70C1 5 KB
2 KB 38ms
36ms Script
text/javascript 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=115605&cbuster=1703404878&pubUrl=https://nasledard.shokodeal.ru/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,551,1&cbuster=1703404880&pubUrlAuto=https%3A%2F%2Fnasledard.shokodeal.ru%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=115605&cbuster=1703404878&pubUrl=https://nasledard.shokodeal.ru/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,551,1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: 33815e03c315c9153e34ebf143ec60b7c521acbce03c8bff6aef1aeff05dcef2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 265f86fb756e20f9d3cb8bee2056224c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: JFK52-P5
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QG9PbMs1yPWLcIh6nqradmiJLAV4Sdpmyn5HlYFez5sACY9QBiAhRQ==

POST
H3 200 auction Show response
s2s.t13.io/openrtb2/ 1 KB
562 B 158ms
158ms Fetch
application/json 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: f56af1d489f98103a5c074514c84309cd1457e10057de85a6ceffe57e0b7aeb0

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 google
x-prebid: pbs-java/2.3.0
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 542
expires: 0

POST
H2 200 / Show response
colossusssp.com/ 2 B
143 B 83ms
51ms Fetch
application/json 173.237.69.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.237.69.220 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: openresty /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:20 GMT
access-control-allow-credentials: true
server: openresty
content-length: 2
content-type: application/json

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 56ms
54ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880324&to=600&pubProvidedId=%5B%5D&aun=boingboing_728x90_970x90_970x250_320x50_ATF&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_728x90_970x90_970x250_320x50_ATF%2Fboingboing_728x90_970x90_970x250_320x50_ATF&maxw=970&maxh=250&si=80403&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 48ms
47ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880324&to=600&pubProvidedId=%5B%5D&aun=boingboing_728x90_970x90_970x250_320x50_ATF&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_728x90_970x90_970x250_320x50_ATF%2Fboingboing_728x90_970x90_970x250_320x50_ATF&maxw=970&maxh=250&si=80404&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 79be35d8710e517903b84c733357be97a979277fcf571cd836f9e98e6c80613b

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 146 B
970 B 173ms
171ms Fetch
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

46c7b5c67e5f902ea0801065d872fa37f0e66df6c7fb80ef0e7ef0bd9a9574d4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
an-x-request-uuid: 8bd772c7-9d8e-4a77-bbe6-83b89ca479ea
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 146
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
200 B 35ms
34ms Fetch 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H3 200 deflate.min.js Show response
live.primis.tech/main/js/ Frame 70C1 13 KB
8 KB 39ms
38ms Script
application/javascript 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/main/js/deflate.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=115605&cbuster=1703404878&pubUrl=https://nasledard.shokodeal.ru/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,551,1&cbuster=1703404880&pubUrlAuto=https%3A%2F%2Fnasledard.shokodeal.ru%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: 407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 09:50:11 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
etag: W/"64db4a53-3217"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YptzDAzvR4uQhgLWUV1ZHBLE-WOJ0D15nyvtu2_07jCjfP0OMh1P-Q==

GET
H3 200 omweb-v1.min.js Show response
live.primis.tech/content/omid/static/ Frame 70C1 39 KB
20 KB 43ms
41ms Script
application/javascript 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/omid/static/omweb-v1.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=115605&cbuster=1703404878&pubUrl=https://nasledard.shokodeal.ru/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,551,1&cbuster=1703404880&pubUrlAuto=https%3A%2F%2Fnasledard.shokodeal.ru%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: 01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:19 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 08:33:07 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
etag: W/"64d0ac43-9c3c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -k2pe7Nq_OnMDnLj54feWTg1eQdHYqET85jC3J4S3Rx5IyLcP6CAIg==

GET
H3 200 omid-session-client-v1.js Show response
live.primis.tech/content/omid/static/ Frame 70C1 64 KB
20 KB 41ms
40ms Script
application/javascript 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/omid/static/omid-session-client-v1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=115605&cbuster=1703404878&pubUrl=https://nasledard.shokodeal.ru/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,551,1&cbuster=1703404880&pubUrlAuto=https%3A%2F%2Fnasledard.shokodeal.ru%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: 0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 08:33:07 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
etag: W/"64d0ac43-1013e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: af2S3icEadWkZ2LqZ4P0qdqjZTbg937lubRZdOhcvtaHHCt7FjaZ0w==

GET
H3 200 hls.0.12.4_3.min.js Show response
live.primis.tech/content/video/hls/ Frame 70C1 258 KB
115 KB 40ms
39ms Script
application/javascript 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=115605&cbuster=1703404878&pubUrl=https://nasledard.shokodeal.ru/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,551,1&cbuster=1703404880&pubUrlAuto=https%3A%2F%2Fnasledard.shokodeal.ru%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 12:48:35 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
etag: W/"623b1723-409bc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Ij2BB9Y-D4QoSKGmyX8FVEC1fVoYHmpB0N_eqUjxmozhIPlCNs6L9w==
expires: Mon, 23 Dec 2024 08:01:20 GMT

GET
H3 200 prebidVid.7.16.0_19.min.js Show response
live.primis.tech/content/prebid/ Frame 70C1 552 KB
276 KB 38ms
37ms Script
application/javascript 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=115605&cbuster=1703404878&pubUrl=https://nasledard.shokodeal.ru/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,551,1&cbuster=1703404880&pubUrlAuto=https%3A%2F%2Fnasledard.shokodeal.ru%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: 9bbc75a0a2b151cd0d0695a5e2096cb0655302daecb12241849319087b419f46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
last-modified: Thu, 14 Dec 2023 13:16:41 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
etag: W/"657b0039-8a1f4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: i6-shSXNzwe6WjWFYzvQ6yBfJS8jC9prcUeM0w2sJ_5625XmcuQRPw==
expires: Mon, 23 Dec 2024 08:01:20 GMT

GET
H3 200 liveVideo.php Show response
live.primis.tech/live/ Frame 70C1 671 KB
261 KB 103ms
102ms Script
text/html 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=115605&cbuster=1703404878&pubUrl=https://nasledard.shokodeal.ru/&x=400&y=272&playerApiId=freestarPrimisPlayer&schain=1.0,1!freestar.com,551,1&cbuster=1703404880&pubUrlAuto=https%3A%2F%2Fnasledard.shokodeal.ru%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: 963cf63a75b478730d7d3aaea0b443dbd34fd2f04eb8c7fc2bc2939a4903969d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:19 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: M2xFKbTgfprPKaKZ_s9ifSTVphQYytJ7zGVr0brRXvka19KLd0Dbcw==

POST
H2 204 events
bidder.criteo.com/csm/ 0
200 B 32ms
31ms Ping
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:20 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H3 200 auction Show response
s2s.t13.io/openrtb2/ 1 KB
560 B 235ms
235ms Fetch
application/json 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 8320329bcf9f1a4dcf1a9d140dac7b845a5abfe7ac2223ca861e0edb10b107c1

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 google
x-prebid: pbs-java/2.3.0
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 540
expires: 0

POST
H2 200 / Show response
colossusssp.com/ 2 B
142 B 54ms
53ms Fetch
application/json 173.237.69.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.237.69.220 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: openresty /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:20 GMT
access-control-allow-credentials: true
server: openresty
content-length: 2
content-type: application/json

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 KB
11 KB 352ms
352ms Fetch
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

ca5836133f8e897ad60cf4fa2aef1408ef6b3d0b6e67e70efbe086333ff7f318

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
an-x-request-uuid: 2e830d41-0744-40a0-9b47-19ee18df7d28
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
200 B 32ms
32ms Fetch 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 48ms
48ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880385&to=600&pubProvidedId=%5B%5D&aun=boingboing_300x250_300x600_Right_2&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_300x250_300x600_Right_2%2Fboingboing_300x250_300x600_Right_2&pv=ccc06647-776d-46ba-8dad-5a9eacfc6193&maxw=300&maxh=600&si=80402&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3599e93cc9b08daf016d986a12e0a08190cc1af3675f625f3a6af0368f9ce334

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 45ms
45ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880385&to=600&pubProvidedId=%5B%5D&aun=boingboing_300x250_300x600_Right_2&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_300x250_300x600_Right_2%2Fboingboing_300x250_300x600_Right_2&pv=ccc06647-776d-46ba-8dad-5a9eacfc6193&maxw=300&maxh=600&si=80401&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3599e93cc9b08daf016d986a12e0a08190cc1af3675f625f3a6af0368f9ce334

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 46ms
46ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880385&to=600&pubProvidedId=%5B%5D&aun=boingboing_300x250_300x600_Right_2&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_300x250_300x600_Right_2%2Fboingboing_300x250_300x600_Right_2&pv=ccc06647-776d-46ba-8dad-5a9eacfc6193&maxw=300&maxh=600&si=80406&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3599e93cc9b08daf016d986a12e0a08190cc1af3675f625f3a6af0368f9ce334

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 337 B
172 B 77ms
76ms Fetch
text/plain 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3722609924732315&correlator=3900152569402108&eid=44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=15184186%3A6203160%2Cboingboing_728x90_970x90_970x250_320x50_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=5&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Da72d2249cd077eed%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MYfKGHR0GRW6Zv8mcRiSAdgP4zieg&gpic=UID%3D00000a048fc03459%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MbMhnz73m7xkVzfsktyD6OXA9V26g&abxe=1&dt=1703404880519&lmt=1703404072&adxs=315&adys=216&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&vis=1&psz=984x287&msz=984x272&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=136449026.1703404876&ga_sid=1703404879&ga_hid=1014653869&ga_fc=true&dlt=1703404875509&idt=2348&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D5434a174-8abf-461e-8cf1-8de0e4788f1d%26floors_id%3D14294e%26floors_hour%3D20%26fs_placementName%3Dboingboing_728x90_970x90_970x250_320x50_ATF%26fs_ad_product%3Dbanner%26fsbid%3D0%26amznbid%3D2%26amznp%3D2&cust_params=fsitf%3DYYYYYYYYYY------------------------------%26fs_session_id%3D27636239-b943-4a4e-a04f-0e943f029918%26fs_pageview_id%3D75b8ca3955a70fd0b256d94d37239f58%26user-agent%3DChrome%26testGroup%3Dfdb500daf1dc11ef085938ddb39ba30e%26fs_iiq_enabled%3Dtrue%26floors_user%3D1%26floors_rtt%3D28%26fs_clientservermask%3D221333333233333232112%26fs_testgroup%3Doptimised&adks=3144564924&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dad9a9810ec49ae2bee90fe098c7f327bee59907979047e2e6f921f0fd50d5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 326 B
172 B 77ms
76ms Fetch
text/plain 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3722609924732315&correlator=3900152569402108&eid=44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=15184186%3A6203160%2Cboingboing_728x90_320x50_Adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=6&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Da72d2249cd077eed%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MYfKGHR0GRW6Zv8mcRiSAdgP4zieg&gpic=UID%3D00000a048fc03459%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MbMhnz73m7xkVzfsktyD6OXA9V26g&abxe=1&dt=1703404880543&lmt=1703404072&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&vis=1&psz=338x-1&msz=300x-1&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=136449026.1703404876&ga_sid=1703404879&ga_hid=1014653869&ga_fc=true&dlt=1703404875509&idt=2348&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D142619b2-769b-4052-a35a-eb91efcd92ef%26floors_id%3D19ab16%26floors_hour%3D20%26fs_placementName%3Dboingboing_728x90_320x50_Adhesion%26fs_ad_product%3DstickyFooter%26fsbid%3D0%26amznbid%3D2%26amznp%3D2%26fspbg%3Dfreestar%26hb_auction_id%3D10b7d105-d2bd-4334-b257-e2b4d02da16b%26freestar_path%3D%252F%26freestar_domain%3Dboingboing.net%26custom_bidder_size%3Dttdfsx_300x50%26hb_format%3Dbanner%26hb_adid%3D385ab0a6a1ec695e%26hb_bidder%3Dttdfsx%26hb_size%3D300x50%26hb_pb%3D0.02&cust_params=fsitf%3DYYYYYYYYYY------------------------------%26fs_session_id%3D27636239-b943-4a4e-a04f-0e943f029918%26fs_pageview_id%3D75b8ca3955a70fd0b256d94d37239f58%26user-agent%3DChrome%26testGroup%3Dfdb500daf1dc11ef085938ddb39ba30e%26fs_iiq_enabled%3Dtrue%26floors_user%3D1%26floors_rtt%3D28%26fs_clientservermask%3D221333333233333232112%26fs_testgroup%3Doptimised&adks=3134032077&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95ab242ddb3346980a0988cb0e04e3734496c55e91d44715dda89988e2515bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 auction Show response
s2s.t13.io/openrtb2/ 1 KB
559 B 403ms
403ms Fetch
application/json 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 071ab59e01963712c729f5fef46b3ff967f122da12b332f82f81c16e79e40f8b

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 google
x-prebid: pbs-java/2.3.0
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 539
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 45ms
44ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880564&to=600&pubProvidedId=%5B%5D&aun=boingboing_300x250_300x600_Right_3&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_300x250_300x600_Right_3%2Fboingboing_300x250_300x600_Right_3&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=300&maxh=600&si=80402&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 46ms
45ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880564&to=600&pubProvidedId=%5B%5D&aun=boingboing_300x250_300x600_Right_3&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_300x250_300x600_Right_3%2Fboingboing_300x250_300x600_Right_3&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=300&maxh=600&si=80401&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 47ms
47ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880564&to=600&pubProvidedId=%5B%5D&aun=boingboing_300x250_300x600_Right_3&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_300x250_300x600_Right_3%2Fboingboing_300x250_300x600_Right_3&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=300&maxh=600&si=80406&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
8 KB 253ms
253ms Fetch
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

8de368f17cf8be55849e926c9e7e1def820dc0c0ddce8b0f923801a10b30688b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
an-x-request-uuid: f61ba5f9-df27-4889-a6d3-cba9640f79e3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
200 B 32ms
31ms Fetch 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:20 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 / Show response
colossusssp.com/ 2 B
142 B 113ms
113ms Fetch
application/json 173.237.69.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.237.69.220 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: openresty /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:20 GMT
access-control-allow-credentials: true
server: openresty
content-length: 2
content-type: application/json

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D41F 16 KB
6 KB 364ms
29ms Document
text/html 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=150442
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sun, 24 Dec 2023 08:01:20 GMT
expires: Tue, 26 Dec 2023 01:48:42 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

POST
H2 204 events
bidder.criteo.com/csm/ 0
200 B 31ms
30ms Ping
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H3 200 primisslate.css
live.primis.tech/content/video/css/ 18 KB
7 KB 36ms
36ms Stylesheet
text/css 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/css/primisslate.css
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: 5904191bceefb2eeb3a93b27faf9c6be9b3e7980c3e0b8683b76c2a7faa1baa8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 09:00:55 GMT
server: nginx
x-amz-cf-pop: JFK52-P5
etag: W/"656ee6c7-47bd"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: RfH-0lewkIHhMkSkffRbhSJA4E4juzS_OeGAL6CUjITpfrblzlfW3A==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 70C1 282 KB
70 KB 29ms
29ms Script
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 07:03:40 GMT
content-encoding: gzip
via: 1.1 157ebd6865840045fc8b5ed1cce7e466.cloudfront.net (CloudFront), 1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:12 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 3460
x-amz-server-side-encryption: AES256
etag: W/"bab82e5d8801f394c1ef53a45dc29542"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: VuhOt6krxB8L2VK9ABPa-04ExzRzp77QVXbXK-OtuZCZur4dcah2wQ==

GET
H2 200 ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/ Frame 70C1 79 B
801 B 50ms
44ms XHR
text/html 13.226.34.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&dbsaved=false&iiqidtype=2&iiqpcid=651ed139-3f9e-4ee1-aa41-f7675d87c3c7&iiqpciddate=1703404877944&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=400_1703404880659&fbp=1806657216&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ref=nasledard.shokodeal.ru
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-99.ewr53.r.cloudfront.net
Software: /
Resource Hash: 2cc68352e24af72b7d652d0f52e83d536a037559a5350021c139074c215aafe0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
via: 1.1 1f4c9bd672bb89060a69b305de06ad0e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
pragma: no-cache
access-control-max-age: 3600
vary: Origin
content-type: text/html
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-methods: POST, GET
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: LyFF7_NNK5fJcbsxFJqSPR3BkNHZFnFIXM4rEwNv2weHELYd6lqnbg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1 43 B
954 B 43ms
39ms Image
image/gif 18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=328178&dbsaved=false&iiqidtype=2&iiqpcid=651ed139-3f9e-4ee1-aa41-f7675d87c3c7&iiqpciddate=1703404877944&tsrnd=486_1703404880660&fbp=1806657216&vrref=https%3A%2F%2Fnasledard.shokodeal.ru%2F&jsver=5.09
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
via: 1.1 686217785c5aa257660a5a0c173f7be8.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: 1aR-7vRDUlaV36SxPwRhCOIVIPx8-n2IQPpqi8LtcqF5Zi9hUYAUtA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
200 B 671ms
669ms Ping
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
82 B 38ms
36ms Fetch
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-ny
access-control-allow-headers: *
content-length: 27
cf-ray: 83a750d88e974bc3-BUF

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 39ms
38ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83a750d84e804bc3-BUF
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 08:01:20 GMT
debug: rtd-nx-ny
server: cloudflare

GET
H2 200 pixel;r=1007037531;source=wp;rf=0;a=p-gz35SZjJgwWt-;url=https%3A%2F%2Fnasledard.shokodeal.ru%2F;uht=2;fpan=1;fpa=P0-1036540493-1703404879116;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr...
pixel.quantserve.com/ 35 B
371 B 77ms
48ms Image
image/gif 192.184.68.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1007037531;source=wp;rf=0;a=p-gz35SZjJgwWt-;url=https%3A%2F%2Fnasledard.shokodeal.ru%2F;uht=2;fpan=1;fpa=P0-1036540493-1703404879116;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=shokodeal.ru;dst=0;et=1703404880676;tzo=600;ogl=locale.en_US%2Ctype.website%2Ctitle.Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things%2Curl.https%3A%2F%2Fboingboing%252Enet%2F%2Csite_name.Boing%20Boing%2Cimage.https%3A%2F%2Fi0%252Ewp%252Ecom%2Fboingboing%252Enet%2Fwp-content%2Fuploads%2F2022%2F06%2Fbbstacked%252Ejpg%3Ffit%3D15%2Cimage%3Awidth.1500%2Cimage%3Aheight.1047%2Cimage%3Atype.image%2Fjpeg;ses=9f5d5f28-9b44-4d11-89ec-011a003f2174;mdl=

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=733948822;labels=title.Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fnasledard.shokodeal.ru%2F;uht=2;fpan=1;fpa=P0-1036540493...
pixel.quantserve.com/ 35 B
371 B 75ms
47ms Image
image/gif 192.184.68.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=733948822;labels=title.Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fnasledard.shokodeal.ru%2F;uht=2;fpan=1;fpa=P0-1036540493-1703404879116;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=shokodeal.ru;dst=0;et=1703404880680;tzo=600;ogl=locale.en_US%2Ctype.website%2Ctitle.Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things%2Curl.https%3A%2F%2Fboingboing%252Enet%2F%2Csite_name.Boing%20Boing%2Cimage.https%3A%2F%2Fi0%252Ewp%252Ecom%2Fboingboing%252Enet%2Fwp-content%2Fuploads%2F2022%2F06%2Fbbstacked%252Ejpg%3Ffit%3D15%2Cimage%3Awidth.1500%2Cimage%3Aheight.1047%2Cimage%3Atype.image%2Fjpeg;ses=9f5d5f28-9b44-4d11-89ec-011a003f2174;mdl=

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
82 B 45ms
45ms Fetch
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-ny
access-control-allow-headers: *
content-length: 27
cf-ray: 83a750d8dea74bc3-BUF

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 48ms
37ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83a750d88e954bc3-BUF
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 08:01:20 GMT
debug: rtd-nx-ny
server: cloudflare

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 48ms
46ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 7f290a8994f2df2dcd627bf8e21448315db2c5fba3b88558eb9ab91f531baf7a

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
655 B 38ms
38ms Script
text/javascript 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 07:26:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 24 Dec 2023 08:26:44 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 37ms
36ms Script
text/javascript 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f10.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 07:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 24 Dec 2023 08:39:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
540 B 42ms
40ms Stylesheet
text/css 142.251.32.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins&display=swap

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 07:27:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Dec 2023 08:01:20 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C327 16 KB
6 KB 69ms
31ms Document
text/html 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=150442
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sun, 24 Dec 2023 08:01:20 GMT
expires: Tue, 26 Dec 2023 01:48:42 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3

200

ProfilesEngineServlet Show response
sync.intentiq.com/profiles_engine/ Frame C150
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%26adv...
https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26gdpr%3D0%26gdpr_consent%3D%...
https://live.primis.tech/live/liveCS.php?source=external&gdpr=0&gdpr_consent=&advId=98&advUuid=36918c6d-c7ef-4c79-ba2e-e1b310f90c1c
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=36918c6d-c7ef-4c79-ba2e-e1b310f90c1c

43 B
863 B

37ms
37ms

Document
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=36918c6d-c7ef-4c79-ba2e-e1b310f90c1c
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif
date: Sun, 24 Dec 2023 08:01:33 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma: no-cache
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-id: EFn8HDcdKR63jJzP78rs8px10mON6Eumv9sYfFc3qKrDlih3jnZpKA==
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront

Redirect headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-store
content-type: text/html; charset=utf-8
date: Sun, 24 Dec 2023 08:01:33 GMT
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1486637409&3rdpcid=36918c6d-c7ef-4c79-ba2e-e1b310f90c1c
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: nginx
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
x-amz-cf-id: tab3inKem7-ONVxJ0BeTtCVeLsy1yqla5pTNILQMeMQ6iWBnfSD75w==
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront

OPTIONS
H2 200 c
c.pub.network/v2/ Frame 0
0 50ms
49ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Dec 2023 08:01:20 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 70C1 35 KB
6 KB 57ms
56ms XHR
application/json 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTA2NlUlRaZcZGViXmYlM2MlNmA5YWM1NmMkOTY4ODUmNwAyMxZ2nWQ2NTqvZWJuZTRxNzJyNmp0MTt1MDY4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNRFxmTDNnpFcHVaZYryy5TTJNrU56QTVZV00kTacNrE9UWTRPRFV6TzcBqzRgoGgOnyUmWW1WnVyXVTBnRFccWyRwM05ERTROVEElT0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01ETXcOnzp0TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TXcVMx5Un3qNQXA5LaVeNmRXZmByYUkZMDZdp2Q4qC14pz53rUgfomyORGcRQz5RrxgiYXRWSaMzqzyxX2NioaRyoaRsnWQ9NDAkNTU0MSZ2nWRsY29hqGVhqF9xZXNwPVyiqSgBp2gyZCgFpGymo2RyKmE3X1BlnW1cplZ2nWRsY29hqGVhqF90nXRfZT1Zo3UeQXNeZWQeRXBcp29xZSfkN19QpzygnXMzqzyxX2NioaRyoaRsZHVlYXRco249OTQ2JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTp1MTIzrD00MDAzrT0lNmIzpHVvVXJfPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMlMxQmMwM0NUYmMTMjN0Q3QwpmMmEmNmMlMmUmOTMkMmAmNTqEN0I0MmMmMmA3RDqCNTM2MwZENDY3QTYlNDp1NwZCNTx1ODRBNxI0QmZFNEU2RwYlMmI3NDp2NUE0NmU2Nwt2MwQmMmU3OTY0NTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmpmMwqEN0I2NwMkN0Q3QwRDMmtmOTM4MmE3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NDIhODt1NvZaZW9Mo25aPS03OC44NmM2JaVmZXJJpEFxZHI9MTA3LwE3NS4kMDIhMTxlJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMwAhMC42MDx5LwEjOSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFzpzVyp3Rupv5wo20yMxM1NTEyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1ODqyNTUjM2U5NwpzY2J1p3Rypw0kNmAmNDA0ODtjODx0JzNwpGE9MSZwY3BuQ29hp2VhqD0kLS0g
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: bcef162b014339b3d9e16ec5e2d6305bd222f03b98ec4a903955c4d8a7a9a0a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 6066
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: jGAQpx9EWfkbNdhKlgrZhiUl1236nYf3NB8owEsu7Tu_XMRuTBciUg==

GET
H3 200 liveView.php
live.primis.tech/live/ 0
344 B 43ms
42ms Image
text/html 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTpjMmQjNDt4MCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE1NwA1JaN0YT0jJat9NDAjJax9MwplJaZcZF9jYXNmRG9gYWyhPW5up2kyZGFlZC5mnG9eo2RyYWjhpaUzp3VvSWQ9ozFmoGVxYXJxLaNbo2giZGVuoC5lqSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaNxn3Y9JaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmMlRDMkMmIlRDMlMmQ1RwMkMmA3RDqCNmMmMTM3MmImNTM5MmEmMDM1N0Q3QwQmMmMmMDqEN0I1MmYlNxQ0NwqBNwI0NmU2NxI1OTU4NEE2QwRDNxU0RTZGNwImMwp0NmY1QTQ3NTY2ODYlNDMmNTp5NwQ1MTNEM0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMDMjN0Q3QwU5MmImNmMlN0Q3QwY2MmE3RDqCNEMmODM5MmtmMTqERxVGRSZxnWFcZD0zqXNypxyjQWRxpw0kMDphMTp1LwEjMv4kOTIzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTIjLwAhNwA5OS4kMDxyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY1ODqyNTUjM2U5NwpzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTEzY2NjYUNioaNyoaQ9MS0gLSZwYaVmqGVlPTE3MDM0MDQ4ODA4MDIzqWyxPVNyn2yhZG9TUGkurWVlNwU4N2U1NTA2YwVuMSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZhYXNfZWRupzQhp2uin29xZWFfLaJ1JTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPWycpSZjrGyxPTt5NGQjMWFzYwuxNDE1NwUlMDVwOTuwYWY2NWRyYmZx
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QXZ1UWkn_C82f6af-nZ_05y_GfPOPJCgJf18YedxcwG-tQbGDZQuKA==

GET
H2 200 p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame 70C1 35 B
210 B 48ms
44ms Image
image/gif 192.184.68.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.27975.space.115605,adsize.400x272

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1
Redirect Chain

https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=sekindo&gdpr=0&gdpr_consent=
https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=sekindo&bidswitch_custom_parameter=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd
https://x.bidswitch.net/sync?dsp_id=317&user_id=9c9264f1451658e21d84d7e4ef495bd4&expires=30&ssp=sekindo&bsw_param=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd
https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd

43 B
863 B

39ms
37ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: eJHlzJei8MF37Fzg9tq-Wp5ehYRGqclaxHn6HTRc_8XyWqwfE8Q7dQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1267919208&3rdpcid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: g_9YD2S45wqsmrSFy6-_fxVSBj9mXEQQBIYN-rT0H5amPFrD_Rc1kQ==

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1
Redirect Chain

https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D
https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=9ae2a05d-6f4b-4b88-8d4d-15887f7e5bba&gdpr_consent=null&gdpr=0
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=9ae2a05d-6f4b-4b88-8d4d-15887f7e5bba

43 B
864 B

40ms
39ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=9ae2a05d-6f4b-4b88-8d4d-15887f7e5bba
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: HsWTAZwEH6wblKXi4Z3q9475vvYZllI88ucPb8iCy5fdROaKZ88Jfg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=417208643&3rdpcid=9ae2a05d-6f4b-4b88-8d4d-15887f7e5bba
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: W031AnrmBikRXO7eLzcfzviQ0WXbcncvttC3n8YDuP_25i529scOrw==

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=191923&gdpr=0&gdpr_consent=&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D99%26advUuid%3D&gdpr=0&gdpr_consent=&s=191923&C=1
https://live.primis.tech/live/liveCS.php?source=external&advId=99&advUuid=ZYflVG8tfarUEZN0xqK2lwAA%261263
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZYflVG8tfarUEZN0xqK2lwAA%261263

43 B
862 B

34ms
34ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZYflVG8tfarUEZN0xqK2lwAA%261263
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:24 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: eYx5i6XXbb0RoxB5KTrE2SLC2uemDumftwC0RL2V2R2EHfweArc77w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:24 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2120880633&3rdpcid=ZYflVG8tfarUEZN0xqK2lwAA%261263
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: XXDfe2jonzktk6tNINy0lAaq2Q7YfgSmvcpBnOpGDfPcZaAeBgqYyQ==

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=3049164651886911251109
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=3049164651886911251109

43 B
863 B

39ms
37ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=3049164651886911251109
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: HAnskXO44zwv9rr_bTq-f1juUuk0tvO27n8hLpRaptPTQPxC6l_Eow==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=259151345&3rdpcid=3049164651886911251109
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 1H8UMD9QMrvUduaXkATgNQIo1Y7-kFtDTx-kpabosr8m7S2rcTa7YA==

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent=
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQJ7AB14-J-6834&gdpr=0
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ7AB14-J-6834

43 B
861 B

37ms
36ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ7AB14-J-6834
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: dWAHvKcx-pFIda_s2OemTpoBe7IySY3D0Lrzg-tdajsbtAUWP9i8ag==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ7AB14-J-6834
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: vrilNpdQ4ZecVEfBBM6Wj7m6qrYGjsHzC27p5mPWKZMdMh9wDNX-Dw==

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1
Redirect Chain

https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58818/sync?redir=true&gdpr=0&gdpr_consent=&verify=true
https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-TtCVVyhE2uJF2AJTF5iIVRRjj5WGZbn1~A
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-TtCVVyhE2uJF2AJTF5iIVRRjj5WGZbn1~A

43 B
862 B

39ms
35ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-TtCVVyhE2uJF2AJTF5iIVRRjj5WGZbn1~A
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: zx-2i9_mc8ZaCO0wCCldO8beSDGdDfm78TOBtqDogXnBsVjbE0u71A==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1028935272&3rdpcid=y-TtCVVyhE2uJF2AJTF5iIVRRjj5WGZbn1~A
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: d2FQezhvenSIz8MvW5AvzuyqR7QvjN7MND7VjLuq97Cc1CLp2Df5jg==

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1
Redirect Chain

https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=0e429d77bd9a4993aaacbe8ed5a340e3
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=0e429d77bd9a4993aaacbe8ed5a340e3

43 B
862 B

35ms
34ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=0e429d77bd9a4993aaacbe8ed5a340e3
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: b0bO2UKIQ8EmEg2rboTPdnc-4dja_rVKPqok_MY3wh9A7xl9xmyFpw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=584182936&3rdpcid=0e429d77bd9a4993aaacbe8ed5a340e3
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qN_uSUAaXlhZXxtU1HKuhLem-hsPqb_Q-emUSRxppPa33m2qBMJNNQ==

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1
Redirect Chain

https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=6587e5503e967&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E
https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3464064835721631000V10
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3464064835721631000V10

43 B
863 B

53ms
52ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3464064835721631000V10
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:24 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: GB7RqwojPpgHzzipP7f4Wiu3a_Y_C3Tbu1D8_3NRxgGINHqB7P3IBw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:23 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1723987475&3rdpcid=3464064835721631000V10
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: S-EUyWsj1pC_8ooKxmbWS40gZDbPI4pZCO6yBxp52KfuRcZo3T5C1A==

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID&sovrn_retry=true
https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=H36BjLZHD0I_8YN-TemHg7ic
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H36BjLZHD0I_8YN-TemHg7ic

43 B
864 B

68ms
68ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H36BjLZHD0I_8YN-TemHg7ic
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: GOSKUnx5KMN0P29yKD_95DbcGr_BcjU5HxVq5fTBVqxGDMUzc1fwjQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=396218182&3rdpcid=H36BjLZHD0I_8YN-TemHg7ic
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: w0fi-iG1fKQWviIgxZWr5XbND6EM3XWOVm0Y-YrzDZmcSbrAfu-T9w==

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=
https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=5242c14bc6ee0b5b49d4dde4a4ab3b8&gdpr_consent=&gdpr=0
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=5242c14bc6ee0b5b49d4dde4a4ab3b8

43 B
863 B

34ms
34ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=5242c14bc6ee0b5b49d4dde4a4ab3b8
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:23 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: vFro9Kng42_lzGNkHhttjs8O3D8FySxjJSZaf35DVK-H9IAVREfGzg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:23 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=484859127&3rdpcid=5242c14bc6ee0b5b49d4dde4a4ab3b8
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qqrCqaIJsq_pnCurcLHax4d_sTDkddsVSuCDbIoQacB61uQQszdlLg==

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1
Redirect Chain

https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D
https://live.primis.tech/live/liveCS.php?source=external&advId=138&advUuid=2a2f467e-6502-4a2f-bca6-d172fd2e353a
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=2a2f467e-6502-4a2f-bca6-d172fd2e353a

43 B
863 B

36ms
36ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=2a2f467e-6502-4a2f-bca6-d172fd2e353a
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: lbwmA_K-icE2Xie-49WO-ReOqPyljTvKVIuTF6wCYmdl7esU_EnpSQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2136778551&3rdpcid=2a2f467e-6502-4a2f-bca6-d172fd2e353a
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: EZ19Js3yYtGW9XrCHOp4KwVN9MioGC2STR1XTebYHkBAy26hfour1w==

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=21&redirectUri=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D140%26advUuid%3D%5Bssb_sync_pid%5D&gdpr=0&...
https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=5513585797723259336
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5513585797723259336

43 B
864 B

37ms
35ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5513585797723259336
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:23 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: tF844PwKzxZU-7IDv4yyaIC8cFdkU0I_RikWPLWxF5Vj2HqUMyaL5w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1881119486&3rdpcid=5513585797723259336
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: u5O89YQgdhbTBdQC1xXu9MnAN_S2iX1d07uovGZ_lTBL4NITWNYW9Q==

GET
H2 200 cookie
cm.adform.net/ Frame 70C1 43 B
106 B 438ms
107ms Image
image/gif 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D143%26advUuid%3D%24UID
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:23 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 70C1
Redirect Chain

https://match.sharethrough.com/universal/v1?supply_id=Wog2sp89&gdpr=0&gdpr_consent=
https://live.primis.tech/live/liveCS.php?source=external&advId=144&advUuid=465f9c0b-c13d-4108-9e74-edb29105c1bd&gdpr=0
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=465f9c0b-c13d-4108-9e74-edb29105c1bd

43 B
863 B

36ms
35ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=465f9c0b-c13d-4108-9e74-edb29105c1bd
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:23 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: uQA_Op713PJonn0sovY9P8lJbOSPBHzvzB2-XFNGqw8-G_sVxYO12Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=2011327056&3rdpcid=465f9c0b-c13d-4108-9e74-edb29105c1bd
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: GShuAbCh8wFHL2AVK5sMPtOikdaUjtoBOFkhyeTbI2pp2PVQZRc-uw==

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 70C1
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=primis&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/rmpssp?sub=primis&zcc=1&cb=1703404883456
https://ad.turn.com/r/cs?pid=45&rndcb=6403989308
https://sync.1rx.io/usersync/turn/3721385948713308019?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005

42 B
255 B

609ms
25ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 24 Dec 2023 08:01:27 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005
date: Sun, 24 Dec 2023 08:01:27 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX8ab9fef8c33c434a99694f3f0c4f4f99005
content-type: text/html

GET
H2 200 vid657bebae4d6be774185068.jpg
video.primis.tech/uploads/cn1/video/users/converted/31067/video_623c2709ac573196885360/ 7 KB
8 KB 138ms
32ms Image
image/jpeg 18.164.116.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn1/video/users/converted/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.jpg?cbuster=1702620142
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-41.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 54c329dde5ba0a752f60ecc3bb5eb92a31ffb8904c539d76d0a47e100d62659f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:59:32 GMT
via: 1.1 397dd692cad53f0026fab5b236c0a518.cloudfront.net (CloudFront), 1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3, JFK50-P6
age: 28908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7311
last-modified: Fri, 15 Dec 2023 06:05:44 GMT
server: nginx
etag: "3c4a868090fe335527d3915562a9f23a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: WgmCKZsM-bwgiYALPh1bnPLOPCMB_q4mS0k9GOrQVhmjIOXwN1zpBg==
expires: Sun, 24 Dec 2023 23:59:32 GMT

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 70C1 35 KB
6 KB 57ms
55ms XHR
application/json 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTA2NlUlRaZcZGViXmYlM2MlNmA5YWM1NmMkOTY4ODUmNwAyMxZ2nWQ2NTqvZWJuZTRxNzJyNmp0MTt1MDY4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNRFxmTDNnpFcHVaZYryy5TTJNrU56QTVZV00kTacNrE9UWTRPRFV6TzcBqzRgoGgOnyUmWW1WnVyXVTBnRFccWyRwM05ERTROVEElT0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01ETXcOnzp0TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TXcVMx5Un3qNQXA5LaVeNmRXZmByYUkZMDZdp2Q4qC14pz53rUgfomyORGcRQz5RrxgiYXRWSaMzqzyxX2NioaRyoaRsnWQ9NDAkNTU0MSZ2nWRsY29hqGVhqF9xZXNwPVyiqSgBp2gyZCgFpGymo2RyKmE3X1BlnW1cplZ2nWRsY29hqGVhqF90nXRfZT1Zo3UeQXNeZWQeRXBcp29xZSfkN19QpzygnXMzqzyxX2NioaRyoaRsZHVlYXRco249OTQ2JaBfYWNyoWVhqFN0pzVuoVR5pGU9MSZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTp1MTIzrD02MmIzrT0mNTYzpHVvVXJfPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMlMxQmMwM0NUYmMTMjN0Q3QwpmMmEmNmMlMmUmOTMkMmAmNTqEN0I0MmMmMmA3RDqCNTM2MwZENDY3QTYlNDp1NwZCNTx1ODRBNxI0QmZFNEU2RwYlMmI3NDp2NUE0NmU2Nwt2MwQmMmU3OTY0NTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmpmMwqEN0I2NwMkN0Q3QwRDMmtmOTM4MmE3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NDIhODt1NvZaZW9Mo25aPS03OC44NmM2JaVmZXJJpEFxZHI9MTA3LwE3NS4kMDIhMTxlJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMwAhMC42MDx5LwEjOSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFzpzVyp3Rupv5wo20yMxM1NTEyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1ODqyNTUjM2U5NwpzY2J1p3Rypw0kNmAmNDA0ODtjOTIjJzNwpGE9MSZwY3BuQ29hp2VhqD0kLS0g
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: d961d244f2f7a843fda237662f31f3bd39c004cff0b3d5666b3ac5fa1fc04163

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 5799
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: pj4PccP73DPUO7AOi3AgSTAlG-UJXqnmnHRT2RUtWJNN5vw1RwSeGA==

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 70C1 35 KB
6 KB 86ms
75ms XHR
application/json 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTA2NlUlRaZcZGViXmYlM2MlNmA5YWM1NmMkOTY4ODUmNwAyMxZ2nWQ2NTqvZWJuZTRxNzJyNmp0MTt1MDY4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNRFxmTDNnpFcHVaZYryy5TTJNrU56QTVZV00kTacNrE9UWTRPRFV6TzcBqzRgoGgOnyUmWW1WnVyXVTBnRFccWyRwM05ERTROVEElT0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01ETXcOnzp0TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TXcVMx5Un3qNQXA5LaVeNmRXZmByYUkZMDZdp2Q4qC14pz53rUgfomyORGcRQz5RrxgiYXRWSaMzqzyxX2NioaRyoaRsnWQ9NDAkNTU0MSZ2nWRsY29hqGVhqF9xZXNwPVyiqSgBp2gyZCgFpGymo2RyKmE3X1BlnW1cplZ2nWRsY29hqGVhqF90nXRfZT1Zo3UeQXNeZWQeRXBcp29xZSfkN19QpzygnXMzqzyxX2NioaRyoaRsZHVlYXRco249OTQ2JaBfYWNyoWVhqFN0pzVuoVR5pGU9MSZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTp1MTIzrD02MmIzrT0mNTYzpHVvVXJfPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMlMxQmMwM0NUYmMTMjN0Q3QwpmMmEmNmMlMmUmOTMkMmAmNTqEN0I0MmMmMmA3RDqCNTM2MwZENDY3QTYlNDp1NwZCNTx1ODRBNxI0QmZFNEU2RwYlMmI3NDp2NUE0NmU2Nwt2MwQmMmU3OTY0NTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmpmMwqEN0I2NwMkN0Q3QwRDMmtmOTM4MmE3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NDIhODt1NvZaZW9Mo25aPS03OC44NmM2JaVmZXJJpEFxZHI9MTA3LwE3NS4kMDIhMTxlJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMwAhMC42MDx5LwEjOSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFzpzVyp3Rupv5wo20yMxM1NTEyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1ODqyNTUjM2U5NwpzY2J1p3Rypw0kNmAmNDA0ODtjOTIkJzNwpGE9MSZwY3BuQ29hp2VhqD0kLS0g
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: 447e59d4f64e365dd2fedef6a6793c309f93025c80c5459689a48a7872eb5e7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 6066
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: nBLmVXO7n7mJAWtTvzB_5S-LO5-JXeylb10lY-WCJf8s80uAdzfJuA==

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 70C1 35 KB
6 KB 83ms
74ms XHR
application/json 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTA2NlUlRaZcZGViXmYlM2MlNmA5YWM1NmMkOTY4ODUmNwAyMxZ2nWQ2NTqvZWJuZTRxNzJyNmp0MTt1MDY4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNRFxmTDNnpFcHVaZYryy5TTJNrU56QTVZV00kTacNrE9UWTRPRFV6TzcBqzRgoGgOnyUmWW1WnVyXVTBnRFccWyRwM05ERTROVEElT0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01ETXcOnzp0TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TXcVMx5Un3qNQXA5LaVeNmRXZmByYUkZMDZdp2Q4qC14pz53rUgfomyORGcRQz5RrxgiYXRWSaMzqzyxX2NioaRyoaRsnWQ9NDAkNTU0MSZ2nWRsY29hqGVhqF9xZXNwPVyiqSgBp2gyZCgFpGymo2RyKmE3X1BlnW1cplZ2nWRsY29hqGVhqF90nXRfZT1Zo3UeQXNeZWQeRXBcp29xZSfkN19QpzygnXMzqzyxX2NioaRyoaRsZHVlYXRco249OTQ2JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTp1MTIzrD02MmIzrT0mNTYzpHVvVXJfPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMlMxQmMwM0NUYmMTMjN0Q3QwpmMmEmNmMlMmUmOTMkMmAmNTqEN0I0MmMmMmA3RDqCNTM2MwZENDY3QTYlNDp1NwZCNTx1ODRBNxI0QmZFNEU2RwYlMmI3NDp2NUE0NmU2Nwt2MwQmMmU3OTY0NTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmpmMwqEN0I2NwMkN0Q3QwRDMmtmOTM4MmE3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NDIhODt1NvZaZW9Mo25aPS03OC44NmM2JaVmZXJJpEFxZHI9MTA3LwE3NS4kMDIhMTxlJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMwAhMC42MDx5LwEjOSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFzpzVyp3Rupv5wo20yMxM1NTEyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1ODqyNTUjM2U5NwpzY2J1p3Rypw0kNmAmNDA0ODtjOTIlJzNwpGE9MSZwY3BuQ29hp2VhqD0kLS0g
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: 50fbef945ab4af56a32d6eccd0ec1c96525c20bceff99c0d38f954785921977a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 6064
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: IhmPT9fclrvI_2fhXX1PpqiU27-rzxaakFz00vx-IUu6dqF8sS5NWg==

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 70C1 35 KB
6 KB 85ms
76ms XHR
application/json 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTA2NlUlRaZcZGViXmYlM2MlNmA5YWM1NmMkOTY4ODUmNwAyMxZ2nWQ2NTqvZWJuZTRxNzJyNmp0MTt1MDY4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNRFxmTDNnpFcHVaZYryy5TTJNrU56QTVZV00kTacNrE9UWTRPRFV6TzcBqzRgoGgOnyUmWW1WnVyXVTBnRFccWyRwM05ERTROVEElT0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01ETXcOnzp0TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TXcVMx5Un3qNQXA5LaVeNmRXZmByYUkZMDZdp2Q4qC14pz53rUgfomyORGcRQz5RrxgiYXRWSaMzqzyxX2NioaRyoaRsnWQ9NDAkNTU0MSZ2nWRsY29hqGVhqF9xZXNwPVyiqSgBp2gyZCgFpGymo2RyKmE3X1BlnW1cplZ2nWRsY29hqGVhqF90nXRfZT1Zo3UeQXNeZWQeRXBcp29xZSfkN19QpzygnXMzqzyxX2NioaRyoaRsZHVlYXRco249OTQ2JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTp1MTIzrD02MmIzrT0mNTYzpHVvVXJfPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMlMxQmMwM0NUYmMTMjN0Q3QwpmMmEmNmMlMmUmOTMkMmAmNTqEN0I0MmMmMmA3RDqCNTM2MwZENDY3QTYlNDp1NwZCNTx1ODRBNxI0QmZFNEU2RwYlMmI3NDp2NUE0NmU2Nwt2MwQmMmU3OTY0NTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmpmMwqEN0I2NwMkN0Q3QwRDMmtmOTM4MmE3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NDIhODt1NvZaZW9Mo25aPS03OC44NmM2JaVmZXJJpEFxZHI9MTA3LwE3NS4kMDIhMTxlJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMwAhMC42MDx5LwEjOSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFzpzVyp3Rupv5wo20yMxM1NTEyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1ODqyNTUjM2U5NwpzY2J1p3Rypw0kNmAmNDA0ODtjOTIlJzNwpGE9MSZwY3BuQ29hp2VhqD0kLS0g
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: ba121f7a08d858cdb446a135362a4d05a6b70b58133318801d2f74538327a1ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 5797
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: 12RVlZlH5gDBmhw3WnEiuyoqNimouCvHlcyopaoyo-jtnrskUUJTRg==

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 70C1 35 KB
6 KB 67ms
58ms XHR
application/json 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTA2NlUlRaZcZGViXmYlM2MlNmA5YWM1NmMkOTY4ODUmNwAyMxZ2nWQ2NTqvZWJuZTRxNzJyNmp0MTt1MDY4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNRFxmTDNnpFcHVaZYryy5TTJNrU56QTVZV00kTacNrE9UWTRPRFV6TzcBqzRgoGgOnyUmWW1WnVyXVTBnRFccWyRwM05ERTROVEElT0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01ETXcOnzp0TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TXcVMx5Un3qNQXA5LaVeNmRXZmByYUkZMDZdp2Q4qC14pz53rUgfomyORGcRQz5RrxgiYXRWSaMzqzyxX2NioaRyoaRsnWQ9NDAkNTU0MSZ2nWRsY29hqGVhqF9xZXNwPVyiqSgBp2gyZCgFpGymo2RyKmE3X1BlnW1cplZ2nWRsY29hqGVhqF90nXRfZT1Zo3UeQXNeZWQeRXBcp29xZSfkN19QpzygnXMzqzyxX2NioaRyoaRsZHVlYXRco249OTQ2JaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTp1MTIzrD00MDAzrT0lMwUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMlMxQmMwM0NUYmMTMjN0Q3QwpmMmEmNmMlMmUmOTMkMmAmNTqEN0I0MmMmMmA3RDqCNTM2MwZENDY3QTYlNDp1NwZCNTx1ODRBNxI0QmZFNEU2RwYlMmI3NDp2NUE0NmU2Nwt2MwQmMmU3OTY0NTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmpmMwqEN0I2NwMkN0Q3QwRDMmtmOTM4MmE3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NDIhODt1NvZaZW9Mo25aPS03OC44NmM2JaVmZXJJpEFxZHI9MTA3LwE3NS4kMDIhMTxlJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMwAhMC42MDx5LwEjOSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFzpzVyp3Rupv5wo20yMxM1NTEyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1ODqyNTUjM2U5NwpzY2J1p3Rypw0kNmAmNDA0ODtjOTImJzNwpGE9MSZwY3BuQ29hp2VhqD0kLS0g
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: 64a65fbed8814d5679f236c3a04a875ae99d37969bbd61059b420f967196736c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 5804
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: B6y98nN1ZUVpBWZmpd516RgOn9GeBbR12c1In1Z22BwRIwc7CgOyuw==

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 70C1 35 KB
6 KB 81ms
75ms XHR
application/json 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYmMTA2NlUlRaZcZGViXmYlM2MlNmA5YWM1NmMkOTY4ODUmNwAyMxZ2nWQ2NTqvZWJuZTRxNzJyNmp0MTt1MDY4Lz1jNCUmRaRinlUmRGV3o2qJQ0FaSW1Gp1c5STZJQ0cJVXcJMU5cSXNDnUFaSUNBnWRIoHqJnz9aSWgjWFZDSUgzUS5yq29aSUNBZ0ygoHcwrUx2SUNKUWNgoHRuWE1cTEFiZ0yDQWqJox4kWWyJNxyDSXZxWEJmYwJGn2N5OWcvnxV2ZG1fn1cXOHZxWE5fY25NqyxlOXVxoVZ5ZEqWn0k6TXuNRFxmTDNnpFcHVaZYryy5TTJNrU56QTVZV00kTacNrE9UWTRPRFV6TzcBqzRgoGgOnyUmWW1WnVyXVTBnRFccWyRwM05ERTROVEElT0M1qGNEUWyMQW9aSUNBZ0ygNWynnUx2SURFM01ETXcOnzp0TURBp0NcQWqJQ0FcWyubq0ydo2qNVGN3TXcVMx5Un3qNQXA5LaVeNmRXZmByYUkZMDZdp2Q4qC14pz53rUgfomyORGcRQz5RrxgiYXRWSaMzqzyxX2NioaRyoaRsnWQ9NDAkNTU0MSZ2nWRsY29hqGVhqF9xZXNwPVyiqSgBp2gyZCgFpGymo2RyKmE3X1BlnW1cplZ2nWRsY29hqGVhqF90nXRfZT1Zo3UeQXNeZWQeRXBcp29xZSfkN19QpzygnXMzqzyxX2NioaRyoaRsZHVlYXRco249OTQ2JaBfYWNyoWVhqFN0pzVuoVR5pGU9MSZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTp1MTIzrD00MDAzrT0lMwUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMmMxQmMTMlMxQmMwM0NUYmMTMjN0Q3QwpmMmEmNmMlMmUmOTMkMmAmNTqEN0I0MmMmMmA3RDqCNTM2MwZENDY3QTYlNDp1NwZCNTx1ODRBNxI0QmZFNEU2RwYlMmI3NDp2NUE0NmU2Nwt2MwQmMmU3OTY0NTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmpmMwqEN0I2NwMkN0Q3QwRDMmtmOTM4MmE3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NDIhODt1NvZaZW9Mo25aPS03OC44NmM2JaVmZXJJpEFxZHI9MTA3LwE3NS4kMDIhMTxlJaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxYkMwAhMC42MDx5LwEjOSgTYWZupzxyMxY1MmphMmYzp2NbYWyhPTEhMCUlQmEyMwFzpzVyp3Rupv5wo20yMxM1NTEyMxMkJaBfYXyypxFjnUyxPWZlZWVmqGFlUHJcoWymUGkurWVlJzF2YWyfQ2FgpGFcZ25mPSZcp0FjpEcmPTAzY3N1qWyxPTY1ODqyNTUjM2U5NwpzY2J1p3Rypw0kNmAmNDA0ODtjOTImJzNwpGE9MSZwY3BuQ29hp2VhqD0kLS0g
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: 522cad5d91b99ef45db4389bfd8324f675f3267a1108822f56cab6b2da72a60b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 5799
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: eekrcoPoCLUWiNDCZiZqspN0xJ6az3rzwF-9hx3UqWvDfKf_LFOwww==

POST
H3 200 auction Show response
s2s.t13.io/openrtb2/ 1 KB
559 B 206ms
206ms Fetch
application/json 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 1dd9c58999802f4078bd67bc0aa0b877f4e7da2f59f3426740eec774acace015

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
via: 1.1 google
x-prebid: pbs-java/2.3.0
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 539
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 45ms
45ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880964&to=600&pubProvidedId=%5B%5D&aun=boingboing_728x90_970x90_970x250_320x50_ATF&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_728x90_970x90_970x250_320x50_ATF%2Fboingboing_728x90_970x90_970x250_320x50_ATF&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=970&maxh=250&si=80403&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:20 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 46ms
45ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404880964&to=600&pubProvidedId=%5B%5D&aun=boingboing_728x90_970x90_970x250_320x50_ATF&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_728x90_970x90_970x250_320x50_ATF%2Fboingboing_728x90_970x90_970x250_320x50_ATF&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=970&maxh=250&si=80404&pi=3&bf=970x250%2C970x90%2C728x90&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
200 B 37ms
36ms Fetch 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:20 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 / Show response
colossusssp.com/ 2 B
142 B 116ms
115ms Fetch
application/json 173.237.69.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.237.69.220 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: openresty /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:21 GMT
access-control-allow-credentials: true
server: openresty
content-length: 2
content-type: application/json

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
8 KB 261ms
261ms Fetch
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

fa20a5fca12690e5633dddcb212deaeb624be0db07bd6edd63dface62a52f082

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
an-x-request-uuid: 50b293cc-74bf-4a26-93d1-297a34e3c2a7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
167 B 423ms
113ms XHR
text/html 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/359
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: text/plain

Response headers

date: Sun, 24 Dec 2023 08:01:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
cf-ray: 83a750dc19705431-YYZ

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
108 B 1223ms
113ms Script
text/html 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=a9ba55e3e690c7567ac9e5d3978a2401&url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/359
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a750f0f89038e5-YYZ
content-type: text/html; charset=utf-8

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 26ms
25ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nasledard.shokodeal.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:13:50 GMT
x-content-type-options: nosniff
age: 413251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 13:13:50 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 328 B
168 B 74ms
73ms Fetch
text/plain 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3722609924732315&correlator=3900152569402108&eid=44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=15184186%3A6203160%2Cboingboing_300x250_300x600_Right_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C120x600%7C300x250&ifi=7&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Da72d2249cd077eed%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MYfKGHR0GRW6Zv8mcRiSAdgP4zieg&gpic=UID%3D00000a048fc03459%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MbMhnz73m7xkVzfsktyD6OXA9V26g&abxe=1&dt=1703404881069&lmt=1703404072&adxs=978&adys=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&vis=1&psz=304x622&msz=304x622&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=136449026.1703404876&ga_sid=1703404879&ga_hid=1014653869&ga_fc=true&dlt=1703404875509&idt=2348&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3Db3b1f795-cf27-432a-a190-81ab7086c303%26floors_id%3Dc300b1%26floors_hour%3D20%26fs_placementName%3Dboingboing_300x250_300x600_Right_2%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%26amznbid%3D2%26amznp%3D2&cust_params=fsitf%3DYYYYYYYYYY------------------------------%26fs_session_id%3D27636239-b943-4a4e-a04f-0e943f029918%26fs_pageview_id%3D75b8ca3955a70fd0b256d94d37239f58%26user-agent%3DChrome%26testGroup%3Dfdb500daf1dc11ef085938ddb39ba30e%26fs_iiq_enabled%3Dtrue%26floors_user%3D1%26floors_rtt%3D28%26fs_clientservermask%3D221333333233333232112%26fs_testgroup%3Doptimised&adks=3541013931&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc850a513155e0f9d5f7b8bfcd2df7a5b94bd8295d4d039b64416785ddf920e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 70C1 6 KB
3 KB 53ms
50ms XHR
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:22 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 5a8a3f9dea8033ff97627e0a0c6df032.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: OWVQ63aPb0ngwJXDwOOBLEQVsZb70uCbj5vkP4yTWmAsTEMrJRYCag==

POST
H3 200 auction Show response
s2s.t13.io/openrtb2/ 1 KB
562 B 176ms
175ms Fetch
application/json 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 07027f1c44ff22a9816dc4d2392760ef20c1b6b78e9e1f1037dd2376006885ad

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
via: 1.1 google
x-prebid: pbs-java/2.3.0
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 542
expires: 0

POST
H2 200 / Show response
colossusssp.com/ 2 B
142 B 123ms
122ms Fetch
application/json 173.237.69.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.237.69.220 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: openresty /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:21 GMT
access-control-allow-credentials: true
server: openresty
content-length: 2
content-type: application/json

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
8 KB 374ms
371ms Fetch
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

33e2b32a308c4e845fed0ef42febecb65315c406fb7d15feeb6a6d8199001bd2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
an-x-request-uuid: 54e8e205-388c-4774-8514-004d097736a4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 54ms
51ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404881140&to=600&pubProvidedId=%5B%5D&aun=boingboing_728x90_320x50_Adhesion&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_728x90_320x50_Adhesion%2Fboingboing_728x90_320x50_Adhesion&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=970&maxh=90&si=80405&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 47ms
45ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404881140&to=600&pubProvidedId=%5B%5D&aun=boingboing_728x90_320x50_Adhesion&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_728x90_320x50_Adhesion%2Fboingboing_728x90_320x50_Adhesion&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=970&maxh=90&si=80403&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 48ms
47ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404881140&to=600&pubProvidedId=%5B%5D&aun=boingboing_728x90_320x50_Adhesion&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_728x90_320x50_Adhesion%2Fboingboing_728x90_320x50_Adhesion&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=970&maxh=90&si=80404&pi=3&bf=970x90%2C728x90%2C468x60%2C320x100%2C300x100%2C320x50%2C300x50%2C1x1&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 54ms
53ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404881140&to=600&pubProvidedId=%5B%5D&aun=boingboing_728x90_320x50_Adhesion&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_728x90_320x50_Adhesion%2Fboingboing_728x90_320x50_Adhesion&pv=2f909994-4bb9-470c-9576-20accc930ae6&t=pbtibqqw&pi=2&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2857ee996f534945aa552f612d2aee133177c25c35dde3a11322955e79603cab

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
200 B 33ms
32ms Fetch 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:20 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 0ab198dd-b265-462a-ae36-74e163ad6159 Show response
config.aps.amazon-adsystem.com/configs/ Frame 70C1 564 B
829 B 26ms
24ms Script
application/javascript 18.173.132.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/0ab198dd-b265-462a-ae36-74e163ad6159
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-21.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 8c9fed449b21234fe52a857f944ac4936083a01aeda3198f5fd17f530e210d1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 07:28:06 GMT
via: 1.1 3e2f727ea310e2e3b32b1270aac06aea.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P2
age: 1995
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: jWaMXwAD7PyVGSLhMi8meFvli_Xd5oDoqtzar5_DJQiB5N6J0y2ZiQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 70C1 1 KB
1 KB 36ms
35ms XHR
application/json 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnasledard.shokodeal.ru&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 0eda13bf855220cdec6aaace454f32733f52fcac0bacb575e459b5b081ee9c52

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:18 GMT
via: 1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
age: 2
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1054
x-amz-cf-id: 1u189c1CbdF9uTcDOOGIAFPUFI69nTOQFTHq4Vt3jBeotpr9mVMGlw==

POST auction
prebid-server.rubiconproject.com/openrtb2/ Frame 70C1 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 70C1 0
121 B 365ms
27ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 70C1 142 B
963 B 151ms
150ms XHR
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

9835cd3815b4a493041c8d18331936bd622bb7a694136b9bd00078a8ed3cc8ce

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
an-x-request-uuid: acb44024-cfbb-4852-9721-c8f0322fee1f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 142
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 70C1 23 B
468 B 47ms
46ms XHR
text/javascript 108.138.126.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnasledard.shokodeal.ru%2F&pid=c8soROL6tD4ku&cb=0&ws=1x1&v=23.1211.1645&t=2000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A500%2C%22id%22%3A%22aps_primis_oustream_ron%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A75%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22%257B%2522hadronId%2522%253A%252206066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0%2522%257D%22%7D%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.126.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:21 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 fcce23e7f4e791fa67223a305c4debb8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P4
x-amz-rid: X81TPD71Q3JHCQB7W3RQ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: r650SIBqAlwQzI8wVEGNpxq3WBC3BgS7cmbGxPlE_tm5wo_mWPO9Ig==

GET
H3 200 liveView.php
live.primis.tech/live/ 43 B
400 B 41ms
40ms Image
image/gif 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNmAmNDA0ODtjJaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTplNwAlNmYzrD02MmIzrT0mNTYzoXN0YT0kNmI1OTEjNSZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPW5up2kyZGFlZC5mnG9eo2RyYWjhpaUzp3VvSWQ9ozFmoGVxYXJxLaNbo2giZGVuoC5lqSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaVmZXJJpEFxZHI9MTA3LwE3NS4kMDIhMTxlJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwElMC4jLwYjOTxhMTA5JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTt3ZTU1MDNyOTY3JaJ2ow0xr1ZQX1JWTy9NQUNST30zYXR0ZW1jqE11oHRcpGkcZXI9MwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzpGkuY2VgZW50U3RlZWFgVHyjZT0mJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0kJzNwpGFDo25mZW50PTEgLS0zY2J1p3Rypw0kNmAmNDA0ODtkMwAjJaVcZD1TZWgcozRiU1BfYXyypwY1ODqyNTUjNzI1YTEzpHVvVXJfPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1cnXEzpHucZD1uZGIkODJyZDVvOTRxMzE2MGZuMzY4MmU0ZTI4YmBzNt==
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: image/gif
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9eVxzY7Ki9XtI_UQJQOaUlE24Wvldx7YrsXcvTgxpco7aGNeUbqF-Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D41F 2 KB
3 KB 331ms
24ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26746215&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: d092570d513f984ad3acb93dc48fa35639e5964497e8e217246c70c7533be8ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 24 Dec 2023 08:01:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 204 events
bidder.criteo.com/csm/ 0
200 B 31ms
31ms Ping
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 52ms
51ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 7f290a8994f2df2dcd627bf8e21448315db2c5fba3b88558eb9ab91f531baf7a

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:21 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H2 200 vid657bebae4d6be774185068.jpg
video.primis.tech/uploads/cn1/video/users/converted/31067/video_623c2709ac573196885360/ 7 KB
8 KB 34ms
33ms Image
image/jpeg 18.164.116.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn1/video/users/converted/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.jpg?cbuster=1702620142
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-41.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 54c329dde5ba0a752f60ecc3bb5eb92a31ffb8904c539d76d0a47e100d62659f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 23:59:32 GMT
via: 1.1 397dd692cad53f0026fab5b236c0a518.cloudfront.net (CloudFront), 1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3, JFK50-P6
age: 28908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7311
last-modified: Fri, 15 Dec 2023 06:05:44 GMT
server: nginx
etag: "3c4a868090fe335527d3915562a9f23a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: WyQUsMO85P4-N6RahqBwRr-JAI3cMforRn7YvccOI63zZelii_0flw==
expires: Sun, 24 Dec 2023 23:59:32 GMT

GET
H2

200

pd Show response
u.openx.net/w/1.0/ Frame 4E7B
Redirect Chain

https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba

880 B
842 B

53ms
52ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: aa0682906a7cefae2ede64720b93f77f56a781aa48b7363ce8cfc610f88c8a5f

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 546
content-type: text/html
date: Sun, 24 Dec 2023 08:01:33 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Dec 2023 08:01:33 GMT
location: https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6272 52 KB
17 KB 15517ms
47ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 8993
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 24 Dec 2023 08:01:36 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 309, 9720
X-Served-By: cache-lga13626-LGA, cache-yyz4577-YYZ
X-Timer: S1703404897.856661,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3E21 16 KB
6 KB 35ms
26ms Document
text/html 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=150441
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sun, 24 Dec 2023 08:01:21 GMT
expires: Tue, 26 Dec 2023 01:48:42 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8AE9 281 B
555 B 3932ms
28ms Document
text/html 23.47.170.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-170-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 24 Dec 2023 08:01:25 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK iframe Show response
sync.colossusssp.com/ Frame 6EC7 2 KB
1 KB 15517ms
44ms Document
text/html 172.240.155.116
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.colossusssp.com/iframe?pbjs=1&coppa=0

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.240.155.116 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

4a9680d7a74bdf39dc97330dc17bfca15f0909a49e674de127333c56723d14a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 24 Dec 2023 08:01:36 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Transfer-Encoding: chunked

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame EC87 3 KB
2 KB 15514ms
51ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1172
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 83a7513d7cc839db-YYZ
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Dec 2023 08:01:36 GMT
expires: Sun, 24 Dec 2023 12:01:36 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 2745
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
2 KB

39ms
39ms

Document
text/html

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: 8ccc505a1d1489fd2a41430b288eb95c960b6ac50f611a206a028b1e41944954

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1343
content-type: text/html; charset=utf-8
date: Sun, 24 Dec 2023 08:01:22 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 24 Dec 2023 08:01:22 GMT
location: /sync?&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pbcas Show response
ads.yieldmo.com/ Frame 129D 1 KB
1 KB 812ms
43ms Document
text/html 18.209.117.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.117.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-117-110.compute-1.amazonaws.com
Software: /
Resource Hash: e3823656b9af0cd879cc58e876df6157e1f15722f98aa6ed116f2ea5388bf989

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 24 Dec 2023 08:01:22 GMT
pragma: no-cache
vary: accept-encoding

GET
H2

200

cookiesyncredir
bttrack.com/pixel/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=themediagrid

35 B
305 B

1129ms
38ms

Image
image/gif

192.132.33.67
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=themediagrid

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Server

192.132.33.67 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

67.bidtellect.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-servername: Track004-iad
pragma: no-cache
date: Sun, 24 Dec 2023 08:01:00 GMT
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: private,no-cache
content-length: 35
expires: -1

Redirect headers

Location: //bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=themediagrid
Date: Sun, 24 Dec 2023 08:01:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

OPTIONS
H3 200 c
c.pub.network/v2/ Frame 0
0 46ms
45ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Dec 2023 08:01:21 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ 35 B
296 B 30ms
29ms Image
image/gif 23.44.201.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=6cac9860-9a80-43c8-b5cf-e360198b6699&cid=&crid=315461417&adunit_count=1&dn=nasledard.shokodeal.ru&requrl=https://nasledard.shokodeal.ru/&istop=true&event=client_timeout&value=1&rd=685
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:24 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 24 Dec 2023 08:01:24 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 328 B
169 B 75ms
73ms Fetch
text/plain 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3722609924732315&correlator=3900152569402108&eid=44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=15184186%3A6203160%2Cboingboing_300x250_300x600_Right_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C120x600%7C300x250&ifi=8&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Da72d2249cd077eed%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MYfKGHR0GRW6Zv8mcRiSAdgP4zieg&gpic=UID%3D00000a048fc03459%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MbMhnz73m7xkVzfsktyD6OXA9V26g&abxe=1&dt=1703404881394&lmt=1703404072&adxs=978&adys=1556&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&vis=1&psz=304x622&msz=304x622&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=136449026.1703404876&ga_sid=1703404879&ga_hid=1014653869&ga_fc=true&dlt=1703404875509&idt=2348&prev_scp=fsrefresh%3D0%26fsrebid%3D1%26fs_uuid%3D65c1de76-dce1-40e9-8f53-972e85462578%26floors_id%3D94b49d%26floors_hour%3D20%26fs_placementName%3Dboingboing_300x250_300x600_Right_3%26fs_ad_product%3Dbanner%26fsbid%3D0%26amznbid%3D2%26amznp%3D2%26fspbg%3Dfreestar%26hb_auction_id%3D6cac9860-9a80-43c8-b5cf-e360198b6699%26freestar_path%3D%252F%26freestar_domain%3Dboingboing.net%26custom_bidder_size%3Dappnexus_300x600%26hb_format%3Dbanner%26hb_adid%3D497cf1fcc866e0fc%26hb_bidder%3Dappnexus%26hb_size%3D300x600%26hb_pb%3D0.26&cust_params=fsitf%3DYYYYYYYYYY------------------------------%26fs_session_id%3D27636239-b943-4a4e-a04f-0e943f029918%26fs_pageview_id%3D75b8ca3955a70fd0b256d94d37239f58%26user-agent%3DChrome%26testGroup%3Dfdb500daf1dc11ef085938ddb39ba30e%26fs_iiq_enabled%3Dtrue%26floors_user%3D1%26floors_rtt%3D28%26fs_clientservermask%3D221333333233333232112%26fs_testgroup%3Doptimised&adks=1088460337&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fdcb491fe43ed791543ad9a8a6ab4a32a4eb1da33bfaac78f68c276a602aa59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 35ms
19ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83a750dcffd94bc3-BUF
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 08:01:21 GMT
debug: rtd-nx-ny
server: cloudflare

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
82 B 37ms
36ms Fetch
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-ny
access-control-allow-headers: *
content-length: 27
cf-ray: 83a750dd2fe24bc3-BUF

POST
H2 204 events
bidder.criteo.com/csm/ 0
200 B 32ms
31ms Ping
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 70C1 54 KB
17 KB 29ms
28ms Script
application/javascript 23.14.152.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.14.152.251 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-14-152-251.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:24 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sun, 24 Dec 2023 08:16:24 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 70C1 151 KB
33 KB 28ms
27ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: KNY29QN45MVGW8S4
age: 2784
etag: W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 83a750dd38084bc7-BUF
x-amz-id-2: mBalHHT+POONn3rG2rjjcverig52+u65oL2xnTphyM9XbtgQ8esnFmFV5NAbPDdalZBT7I0zLzM=

POST
H3 200 auction Show response
s2s.t13.io/openrtb2/ 1 KB
560 B 214ms
213ms Fetch
application/json 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 8a4f098b5b2491e03a173e37a2eb829f0585acdb1a0178fdd22c75f9d9f2b649

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
via: 1.1 google
x-prebid: pbs-java/2.3.0
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 540
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
7 KB 202ms
202ms Fetch
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

bafb024848eef1a75ab7c20d728c908d70bc11b8fb68f430aad1ad8188f10090

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
an-x-request-uuid: 681a31a8-f4f6-485f-a55d-79cbba8ade3b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 49ms
48ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404881530&to=600&pubProvidedId=%5B%5D&aun=boingboing_300x250_300x600_Right_2&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_300x250_300x600_Right_2%2Fboingboing_300x250_300x600_Right_2&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=300&maxh=600&si=80402&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 47ms
44ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404881530&to=600&pubProvidedId=%5B%5D&aun=boingboing_300x250_300x600_Right_2&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_300x250_300x600_Right_2%2Fboingboing_300x250_300x600_Right_2&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=300&maxh=600&si=80401&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 49ms
47ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404881530&to=600&pubProvidedId=%5B%5D&aun=boingboing_300x250_300x600_Right_2&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_300x250_300x600_Right_2%2Fboingboing_300x250_300x600_Right_2&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=300&maxh=600&si=80406&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2c1c6cd1145190a9defbe2cfff60d0b24d8e2578d91f7cf91bb19f526a52a91e

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
200 B 38ms
37ms Fetch 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 / Show response
colossusssp.com/ 2 B
142 B 56ms
55ms Fetch
application/json 173.237.69.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.237.69.220 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: openresty /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:21 GMT
access-control-allow-credentials: true
server: openresty
content-length: 2
content-type: application/json

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
82 B 38ms
37ms Fetch
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-ny
access-control-allow-headers: *
content-length: 27
cf-ray: 83a750de28644bc3-BUF

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 37ms
37ms Preflight
application/json 172.67.23.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 83a750dde8524bc3-BUF
content-length: 0
content-type: application/json
date: Sun, 24 Dec 2023 08:01:21 GMT
debug: rtd-nx-ny
server: cloudflare

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 8540
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gp...
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3...

2 KB
874 B

58ms
57ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f337a88969f74ebc1ada9b236ece90b3d9e8210f393cd8116c309d1344238858

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83a750f1d91c39f2-YYZ
content-encoding: br
content-type: text/html
date: Sun, 24 Dec 2023 08:01:24 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWFXRHkomgwXPdpcTyAlptm6Bw7qZ7j3rsW28Fu%2BlywzY11lZEqmt6SsygTLU51Xnwnum%2FTIegnBr3feuecDSxwJDZfsgXPx08JCi%2BPZg4N39XOjS2fsyOv7qAtYagHjn%2BsYtLZCswuyWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83a750f178d139f2-YYZ
content-length: 0
date: Sun, 24 Dec 2023 08:01:24 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrEVWFxgO76d8p48duvZ5zoqZAQ37SNl4VFwJqCllCIiSNvlB%2BUhIkzDHeGbnZF0NCrPC6Wai37sPd9ZGlQrAtX5IrTaSatCY9QmZP8pevwzuTR74D5X8tRl2v1aYJ3hc4jpPRx5aeDEXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 326 B
174 B 79ms
75ms Fetch
text/plain 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3722609924732315&correlator=3900152569402108&eid=44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=15184186%3A6203160%2Cboingboing_728x90_320x50_Adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C300x100%7C320x100&ifi=9&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3Da72d2249cd077eed%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MYfKGHR0GRW6Zv8mcRiSAdgP4zieg&gpic=UID%3D00000a048fc03459%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MbMhnz73m7xkVzfsktyD6OXA9V26g&abxe=1&dt=1703404881600&lmt=1703404072&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&vis=1&psz=338x-1&msz=300x-1&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=136449026.1703404876&ga_sid=1703404879&ga_hid=1014653869&ga_fc=true&dlt=1703404875509&idt=2348&prev_scp=fsrefresh%3D0%26fsrebid%3D2%26fs_uuid%3D142619b2-769b-4052-a35a-eb91efcd92ef%26floors_id%3D19ab16%26floors_hour%3D20%26fs_placementName%3Dboingboing_728x90_320x50_Adhesion%26fs_ad_product%3DstickyFooter%26fsbid%3D0%26amznbid%3D2%26amznp%3D2%26fspbg%3Dfreestar%26hb_auction_id%3Df8d2c9f3-7e70-4211-affb-e377405f4766%26freestar_path%3D%252F%26freestar_domain%3Dboingboing.net%26custom_bidder_size%3Dappnexus_728x90%26hb_format%3Dbanner%26hb_adid%3D5614f15b5f28e81e%26hb_bidder%3Dappnexus%26hb_size%3D728x90%26hb_pb%3D0.73&cust_params=fsitf%3DYYYYYYYYYY------------------------------%26fs_session_id%3D27636239-b943-4a4e-a04f-0e943f029918%26fs_pageview_id%3D75b8ca3955a70fd0b256d94d37239f58%26user-agent%3DChrome%26testGroup%3Dfdb500daf1dc11ef085938ddb39ba30e%26fs_iiq_enabled%3Dtrue%26floors_user%3D1%26floors_rtt%3D28%26fs_clientservermask%3D221333333233333232112%26fs_testgroup%3Doptimised&adks=3134032077&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fd769f687ff945f85577f1df0d9de046ee4e063c46797813a9eb125f063aff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
200 B 31ms
31ms Ping
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:20 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H3 200 auction Show response
s2s.t13.io/openrtb2/ 1 KB
555 B 170ms
170ms Fetch
application/json 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 4687901176012aaf047909d7686e2c6dc12381bdec68086be308a76c47d96b04

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
via: 1.1 google
x-prebid: pbs-java/2.3.0
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 535
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
200 B 33ms
29ms Fetch 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 / Show response
colossusssp.com/ 2 B
142 B 123ms
114ms Fetch
application/json 173.237.69.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.237.69.220 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: openresty /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:21 GMT
access-control-allow-credentials: true
server: openresty
content-length: 2
content-type: application/json

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 51ms
42ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404881674&to=600&pubProvidedId=%5B%5D&aun=boingboing_300x250_300x600_Right_3&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_300x250_300x600_Right_3%2Fboingboing_300x250_300x600_Right_3&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=300&maxh=600&si=80402&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 55ms
47ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404881674&to=600&pubProvidedId=%5B%5D&aun=boingboing_300x250_300x600_Right_3&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_300x250_300x600_Right_3%2Fboingboing_300x250_300x600_Right_3&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=300&maxh=600&si=80401&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 1 KB
1 KB 54ms
46ms Fetch
application/json 34.193.134.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1703404881674&to=600&pubProvidedId=%5B%5D&aun=boingboing_300x250_300x600_Right_3&hadronId=06066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0&criteoId=sO-HAF9TdHB5YTg0eUFqNHVGZFRlaHk3MGZHQXBra2t6ZWlOT2p5dVFSQ0habURsS1NjenNtTVFFSkpwelhzeHBwZUtaUWEzTUJ6M0FBQ2RkSGc4OElhUUs5dyUzRCUzRA&pubcid=0ab4f41d-10b5-4bce-b824-d616dc532d47&tdid=06520073-fb72-4ed5-983e-803febf0635f&gpid=%2F15184186%2Fboingboing_300x250_300x600_Right_3%2Fboingboing_300x250_300x600_Right_3&pv=2f909994-4bb9-470c-9576-20accc930ae6&maxw=300&maxh=600&si=80406&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fnasledard.shokodeal.ru%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.27.0%22%7D&ogu=https%3A%2F%2Fboingboing.net%2F&ns=10240
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.134.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-134-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0b0b965297c64e3dc3533ce3173cc1d9ae668375f1a56120bfe24dfec4fead70

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
7 KB 201ms
199ms Fetch
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

c8961bda8e5d73da9d0723d9aee829ad39698d8f1418aa6db05493c32fc23382

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
an-x-request-uuid: 05b8f08b-9a6b-4c2e-b35a-51f1cd5ae282
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

dcm Show response
s.amazon-adsystem.com/ Frame 2AE4
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=89650751-3BF3-4D23-9052-3F05C2D55689&redir=true&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=89650751-3BF3-4D23-9052-3F05C2D55689&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

69ms
68ms

Document
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=89650751-3BF3-4D23-9052-3F05C2D55689&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 24 Dec 2023 08:01:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: HF56W6KBJ2SBC9QXXFFE

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 24 Dec 2023 08:01:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=89650751-3BF3-4D23-9052-3F05C2D55689&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: YPF53Y6CX7CDEGT4N8J4

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 7AAD
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIaUhFN0xEOHNBQUJiTi1zYWpoZw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://sync.technoratimedia.com/services?uid=AAHiHE7LD8sAABbN-sajhg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3DCCB24E123ADE44AB92F926491896CFED%26att%3D1%26pid%3D82%26cb%3Dhttps%...
https://sync.technoratimedia.com/services?srv=cs&nuid=CCB24E123ADE44AB92F926491896CFED&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
https://rtb-csync.smartadserver.com/redir?partneruserid=AAHiHE7LD8sAABbN-sajhg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5513585797723259336&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?ev=AAHiHE7LD8sAABbN-sajhg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5513585797723259336%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5513585797723259336&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAHiHE7...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHiHE7LD8sAABbN-sajhg&gdpr=0&gdpr_consent=

42 B
199 B

26ms
25ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHiHE7LD8sAABbN-sajhg&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 24 Dec 2023 08:01:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 24 Dec 2023 08:01:28 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAHiHE7LD8sAABbN-sajhg&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H3 200 setuid Show response
s2s.t13.io/ Frame 20A3 0
14 B 59ms
58ms Document
text/html 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=89650751-3BF3-4D23-9052-3F05C2D55689
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html
date: Sun, 24 Dec 2023 08:01:22 GMT
expires: 0
pragma: no-cache
via: 1.1 google

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D41F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iWUHUTvzTSOQUj8FwtVWiQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

31ms
30ms

Image
text/html

23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:21 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=150441
accept-ranges: bytes
content-length: 5622
expires: Tue, 26 Dec 2023 01:48:42 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame D41F
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=89650751-3BF3-4D23-9052-3F05C2D55689
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D5242fdf3-107d-47a2-b8fa-e97d01d08b23%252C%252C
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1067000970582424152&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C

95 B
124 B

47ms
46ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1067000970582424152&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C

Requested by

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
an-x-request-uuid: 2a8f8615-02d6-4696-a1bc-04c84e6e4c85
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1067000970582424152&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 403 FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame D41F 0
0 382ms
45ms Image
text/html 40.76.134.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2089650751-3BF3-4D23-9052-3F05C2D55689&rnd=RND
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2

200

xuid
eb2.3lift.com/ Frame D41F
Redirect Chain

https://eb2.3lift.com/xuid?mid=7976&xuid=89650751-3BF3-4D23-9052-3F05C2D55689&dongle=u6nf&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=89650751-3BF3-4D23-9052-3F05C2D55689&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

39ms
38ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=89650751-3BF3-4D23-9052-3F05C2D55689&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 24 Dec 2023 08:01:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7976&xuid=89650751-3BF3-4D23-9052-3F05C2D55689&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date: Sun, 24 Dec 2023 08:01:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D41F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODk2NTA3NTEtM0JGMy00RDIzLTkwNTItM0YwNUMyRDU1Njg5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

2592ms
30ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 24 Dec 2023 08:01:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D41F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOhDzaCJYA712p7RCKhy7Kw&google_cver=1

42 B
346 B

2592ms
29ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOhDzaCJYA712p7RCKhy7Kw&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 24 Dec 2023 08:01:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOhDzaCJYA712p7RCKhy7Kw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync-pm.ads.yieldmo.com/ Frame D41F
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B951624FAB8C4F00B53129B5A511D369
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D89650751-3BF3-4D23-9052-3F05C2D55689%26gdpr%3D0%26gdpr_consent%3...
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=

43 B
613 B

1193ms
43ms

Image
image/gif

3.225.53.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 3.225.53.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-53-72.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:25 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

location: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
date: Sun, 24 Dec 2023 08:01:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D41F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=06520073-fb72-4ed5-983e-803febf0635f&gdpr=0&gdpr_consent=

42 B
332 B

2005ms
26ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=06520073-fb72-4ed5-983e-803febf0635f&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 24 Dec 2023 08:01:23 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=06520073-fb72-4ed5-983e-803febf0635f&gdpr=0&gdpr_consent=
date: Sun, 24 Dec 2023 08:01:21 GMT
server: Kestrel
content-length: 355

GET
H2 200 89650751-3BF3-4D23-9052-3F05C2D55689
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D41F 43 B
602 B 3149ms
41ms Image
image/gif 54.144.174.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/89650751-3BF3-4D23-9052-3F05C2D55689?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.144.174.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame D41F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=89650751-3BF3-4D23-9052-3F05C2D55689&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=89650751-3BF3-4D23-9052-3F05C2D55689&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7AirhihE2uXAeSG0WsrtjbvVKmHinDo-~A&gdpr=0

0
260 B

109ms
25ms

Image
text/plain

162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7AirhihE2uXAeSG0WsrtjbvVKmHinDo-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:22 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7AirhihE2uXAeSG0WsrtjbvVKmHinDo-~A&gdpr=0
date: Sun, 24 Dec 2023 08:01:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame D41F
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5d76d17d2062396&is_secure=true&networkId=17100&version=1&nuid=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABlK4lXBTyYQN6eTnuAAAAAAA&expiration=1703491283&nuid=89650751-3BF3-4D23-9052-3F05C2D55689&...
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=

0
285 B

132ms
39ms

Image
text/plain

3.210.93.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 3.210.93.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-93-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:24 GMT

Redirect headers

location: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
date: Sat, 23 Dec 2023 08:54:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 95
content-type: text/html; charset=utf-8

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D41F
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8c31b69d-1a38-431e-9d70-8193fead3720&gdpr=0&gdpr_consent=

1 B
315 B

26ms
25ms

Image
text/html

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8c31b69d-1a38-431e-9d70-8193fead3720&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 24 Dec 2023 08:01:29 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=8c31b69d-1a38-431e-9d70-8193fead3720&gdpr=0&gdpr_consent=
Date: Sun, 24 Dec 2023 08:01:29 GMT
Connection: keep-alive
X-CI-RTID: 0c4ab9af-3f7f-4af6-9735-d0f0420edd22
Content-Length: 205
Content-Type: text/html; charset=utf-8

POST
H2 204 events
bidder.criteo.com/csm/ 0
200 B 32ms
32ms Ping
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 47ms
44ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 7f290a8994f2df2dcd627bf8e21448315db2c5fba3b88558eb9ab91f531baf7a

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:22 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H3 200 c
c.pub.network/v2/ Frame 0
0 59ms
59ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Dec 2023 08:01:22 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 129D 170 B
188 B 48ms
44ms Image
image/png 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M3pWMUx3d2xsMXd5U2t0SXZtenk=

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 129D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3zV1Lwwll1wySktIvmzy
https://ads.yieldmo.com/v000/sync?tdid=06520073-fb72-4ed5-983e-803febf0635f

43 B
610 B

43ms
41ms

Image
image/gif

18.209.117.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?tdid=06520073-fb72-4ed5-983e-803febf0635f
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol: H2
Server: 18.209.117.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-117-110.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

location: https://ads.yieldmo.com/v000/sync?tdid=06520073-fb72-4ed5-983e-803febf0635f
date: Sun, 24 Dec 2023 08:01:22 GMT
server: Kestrel
content-length: 181

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 129D
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3zV1Lwwll1wySktIvmzy
https://dpm.demdex.net/ibs:dpid=540&dpuuid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=67669841489322485280803933297627857586&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C

95 B
124 B

47ms
46ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=67669841489322485280803933297627857586&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

dcs: dcs-prod-usw2-2-v050-05b4d4d19.edge-usw2.demdex.com 2 ms
pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: HAHXGVahQuw=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=67669841489322485280803933297627857586&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 129D
Redirect Chain

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
https://ads.yieldmo.com/v000/sync?userid=1067000970582424152&pn_id=an

43 B
598 B

43ms
40ms

Image
image/gif

18.209.117.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?userid=1067000970582424152&pn_id=an
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol: H2
Server: 18.209.117.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-117-110.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
an-x-request-uuid: da4b43e6-7874-47e4-81e8-2d263f36355a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.yieldmo.com/v000/sync?userid=1067000970582424152&pn_id=an
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sn.ashx
pmp.mxptint.net/ Frame 129D
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
https://pmp.mxptint.net/sn.ashx?&gdpr=-1&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10E2F3A93_B3AD5E90&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

33ms
33ms

Image
image/gif

38.98.69.175
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe

Protocol

HTTP/1.1

Server

38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-386409683; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires: -1
Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:23 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=-386409683; includeSubDomains
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://pmp.mxptint.net/sn.ashx?ak=1
date: Sun, 24 Dec 2023 08:01:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

xuid
eb2.3lift.com/ Frame 2745
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=06520073-fb72-4ed5-983e-803febf0635f&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
354 B

37ms
36ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=06520073-fb72-4ed5-983e-803febf0635f&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 24 Dec 2023 08:01:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=3658&xuid=06520073-fb72-4ed5-983e-803febf0635f&dongle=0cfd&gdpr=0&gdpr_consent=
date: Sun, 24 Dec 2023 08:01:22 GMT
server: Kestrel
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame 2745
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzA0OTE2NDY1MTg4NjkxMTI1MTEwOQ%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

32ms
31ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 2745
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEMwc7zuxsQBUHMbM5b5CGY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

38ms
37ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEMwc7zuxsQBUHMbM5b5CGY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 24 Dec 2023 08:01:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEEMwc7zuxsQBUHMbM5b5CGY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2745
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzA0OTE2NDY1MTg4NjkxMTI1MTEwOQ%3D%3D

170 B
188 B

44ms
43ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzA0OTE2NDY1MTg4NjkxMTI1MTEwOQ%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzA0OTE2NDY1MTg4NjkxMTI1MTEwOQ%3D%3D
date: Sun, 24 Dec 2023 08:01:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 2745 0
630 B 1148ms
62ms Image
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3049164651886911251109&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8BE1D8AB37CA4CDBA8AB2E43E840B2A2 Ref B: YTO01EDGE0817 Ref C: 2023-12-24T08:01:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNPNr7XEoj0NbuxSfe7Q==

GET
H2

200

xuid
eb2.3lift.com/ Frame 2745
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/3049164651886911251109?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-MXAkxJ1E2oSJVS6IXd0HJM6d5P0qDbvcyVesp3F.gw--~A&dongle=0883

37 B
354 B

34ms
34ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-MXAkxJ1E2oSJVS6IXd0HJM6d5P0qDbvcyVesp3F.gw--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 24 Dec 2023 08:01:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sun, 24 Dec 2023 08:01:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-MXAkxJ1E2oSJVS6IXd0HJM6d5P0qDbvcyVesp3F.gw--~A&dongle=0883
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 2745
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3049164651886911251109&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
https://x.bidswitch.net/sync?dsp_id=70&user_id=766899071072940048&ssp=triplelift
https://eb2.3lift.com/xuid?mid=2409&xuid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
355 B

1095ms
33ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 24 Dec 2023 08:01:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sun, 24 Dec 2023 08:01:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 2745 43 B
363 B 1366ms
31ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:23 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 377868
expires: Sun, 24 Dec 2023 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 2745
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=1067000970582424152&dongle=4d58&gdpr=0&gdpr_consent=

37 B
354 B

34ms
33ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=1067000970582424152&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 24 Dec 2023 08:01:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
an-x-request-uuid: 01c145fe-19e7-4640-b3bc-d5e38e2d3a9c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://eb2.3lift.com/xuid?mid=3335&xuid=1067000970582424152&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/prebid/ Frame 2745 43 B
1 KB 39ms
36ms Image
image/gif 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=3049164651886911251109

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
an-x-request-uuid: 4298255b-3e31-449e-a3d8-bec8642d7703
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
282 B 6680ms
123ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

c4257748e4ed71d2f76d51cd34872ff1c2ce1b5142b89486b7ec7187e7dadc56

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 337 B
172 B 77ms
76ms Fetch
text/plain 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3722609924732315&correlator=3900152569402108&eid=44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=15184186%3A6203160%2Cboingboing_728x90_970x90_970x250_320x50_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=10&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3Da72d2249cd077eed%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MYfKGHR0GRW6Zv8mcRiSAdgP4zieg&gpic=UID%3D00000a048fc03459%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MbMhnz73m7xkVzfsktyD6OXA9V26g&abxe=1&dt=1703404882457&lmt=1703404072&adxs=315&adys=216&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&vis=1&psz=984x287&msz=984x272&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=136449026.1703404876&ga_sid=1703404879&ga_hid=1014653869&ga_fc=true&dlt=1703404875509&idt=2348&prev_scp=fsrefresh%3D0%26fsrebid%3D2%26fs_uuid%3D5434a174-8abf-461e-8cf1-8de0e4788f1d%26floors_id%3D14294e%26floors_hour%3D20%26fs_placementName%3Dboingboing_728x90_970x90_970x250_320x50_ATF%26fs_ad_product%3Dbanner%26fsbid%3Dtimeout%26amznbid%3D2%26amznp%3D2&cust_params=fsitf%3DYYYYYYYYYY------------------------------%26fs_session_id%3D27636239-b943-4a4e-a04f-0e943f029918%26fs_pageview_id%3D75b8ca3955a70fd0b256d94d37239f58%26user-agent%3DChrome%26testGroup%3Dfdb500daf1dc11ef085938ddb39ba30e%26fs_iiq_enabled%3Dtrue%26floors_user%3D1%26floors_rtt%3D28%26fs_clientservermask%3D221333333233333232112%26fs_testgroup%3Doptimised&adks=3144564924&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d9454d5eeec46f4da2181501822a53eaaae4124beb536d499c745559855a558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

setuid
s2s.t13.io/
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%2...
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=3464064835721631000V10

86 B
115 B

46ms
45ms

Image
image/png

34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=3464064835721631000V10
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:24 GMT
content-encoding: gzip
via: 1.1 google
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sun, 24 Dec 2023 08:01:24 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=3464064835721631000V10
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Sun, 24 Dec 2023 08:01:24 GMT

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 45ms
43ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 7f290a8994f2df2dcd627bf8e21448315db2c5fba3b88558eb9ab91f531baf7a

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:22 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H3 200 c
c.pub.network/v2/ Frame 0
0 45ms
45ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Dec 2023 08:01:22 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 328 B
167 B 89ms
88ms Fetch
text/plain 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3722609924732315&correlator=3900152569402108&eid=44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=15184186%3A6203160%2Cboingboing_300x250_300x600_Right_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C120x600%7C300x250&ifi=11&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3Da72d2249cd077eed%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MYfKGHR0GRW6Zv8mcRiSAdgP4zieg&gpic=UID%3D00000a048fc03459%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MbMhnz73m7xkVzfsktyD6OXA9V26g&abxe=1&dt=1703404882876&lmt=1703404072&adxs=978&adys=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&vis=1&psz=304x622&msz=304x622&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=136449026.1703404876&ga_sid=1703404879&ga_hid=1014653869&ga_fc=true&dlt=1703404875509&idt=2348&prev_scp=fsrefresh%3D0%26fsrebid%3D2%26fs_uuid%3Db3b1f795-cf27-432a-a190-81ab7086c303%26floors_id%3Dc300b1%26floors_hour%3D20%26fs_placementName%3Dboingboing_300x250_300x600_Right_2%26fs_ad_product%3Dbanner%26fsbid%3D0%26amznbid%3D2%26amznp%3D2%26fspbg%3Dfreestar%26hb_auction_id%3Dca209314-8969-4528-840e-0ec8078c52d5%26freestar_path%3D%252F%26freestar_domain%3Dboingboing.net%26custom_bidder_size%3Dappnexus_300x250%26hb_format%3Dbanner%26hb_adid%3D614adc1ab62c1ae2%26hb_bidder%3Dappnexus%26hb_size%3D300x250%26hb_pb%3D1.34&cust_params=fsitf%3DYYYYYYYYYY------------------------------%26fs_session_id%3D27636239-b943-4a4e-a04f-0e943f029918%26fs_pageview_id%3D75b8ca3955a70fd0b256d94d37239f58%26user-agent%3DChrome%26testGroup%3Dfdb500daf1dc11ef085938ddb39ba30e%26fs_iiq_enabled%3Dtrue%26floors_user%3D1%26floors_rtt%3D28%26fs_clientservermask%3D221333333233333232112%26fs_testgroup%3Doptimised&adks=3541013931&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555ffb359054e16a584c96605f8d9b727d55dac7abe9c3130ab18add37fd9eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 liveView.php
live.primis.tech/live/ 0
345 B 41ms
39ms Image
text/html 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTpjMmQjNDt4MCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE1NwA1JaN0YT0jJat9NDAjJax9MwplJaZcZF9jYXNmRG9gYWyhPW5up2kyZGFlZC5mnG9eo2RyYWjhpaUzp3VvSWQ9ozFmoGVxYXJxLaNbo2giZGVuoC5lqSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaNxn3Y9JaVmZXJJpEFxZHI9MTA3LwE3NS4kMDIhMTxlJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwElMC4jLwYjOTxhMTA5JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTt3ZTU1MDNyOTY3JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0kJzNwpGFDo25mZW50PTEgLS0zY2J1p3Rypw0kNmAmNDA0ODtmMDQmJaVcZD1TZWgcozRiU1BfYXyypwY1ODqyNTUjNzI1YTEzpHVvVXJfPWu0qHBmJTNBJTJGJTJGozFmoGVxYXJxLaNbo2giZGVuoC5lqSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1cnXEzpHucZD01NzY2NTqwODQ4Y2Q1OWNyZzJzYmI1ZTMlYwZvNwQ5Nt==
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:22 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JWzOgxS0HW0TmAky0wEGFzBS0hxB71fQQWUiizGwymwQEatJROjCtg==

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 45ms
44ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 7f290a8994f2df2dcd627bf8e21448315db2c5fba3b88558eb9ab91f531baf7a

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:23 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H3 200 c
c.pub.network/v2/ Frame 0
0 44ms
43ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Dec 2023 08:01:23 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 328 B
168 B 80ms
79ms Fetch
text/plain 142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3722609924732315&correlator=3900152569402108&eid=44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=15184186%3A6203160%2Cboingboing_300x250_300x600_Right_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C120x600%7C300x250&ifi=12&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3Da72d2249cd077eed%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MYfKGHR0GRW6Zv8mcRiSAdgP4zieg&gpic=UID%3D00000a048fc03459%3AT%3D1703404878%3ART%3D1703404878%3AS%3DALNI_MbMhnz73m7xkVzfsktyD6OXA9V26g&abxe=1&dt=1703404883175&lmt=1703404072&adxs=978&adys=1556&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&vis=1&psz=304x622&msz=304x622&fws=512&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=136449026.1703404876&ga_sid=1703404879&ga_hid=1014653869&ga_fc=true&dlt=1703404875509&idt=2348&prev_scp=fsrefresh%3D0%26fsrebid%3D2%26fs_uuid%3D65c1de76-dce1-40e9-8f53-972e85462578%26floors_id%3D94b49d%26floors_hour%3D20%26fs_placementName%3Dboingboing_300x250_300x600_Right_3%26fs_ad_product%3Dbanner%26fsbid%3D0%26amznbid%3D2%26amznp%3D2%26fspbg%3Dfreestar%26hb_auction_id%3D7951c73d-bfdf-42e1-b789-c5eb2860e887%26freestar_path%3D%252F%26freestar_domain%3Dboingboing.net%26custom_bidder_size%3Dappnexus_300x600%26hb_format%3Dbanner%26hb_adid%3D6166a641ceae76c7%26hb_bidder%3Dappnexus%26hb_size%3D300x600%26hb_pb%3D0.88&cust_params=fsitf%3DYYYYYYYYYY------------------------------%26fs_session_id%3D27636239-b943-4a4e-a04f-0e943f029918%26fs_pageview_id%3D75b8ca3955a70fd0b256d94d37239f58%26user-agent%3DChrome%26testGroup%3Dfdb500daf1dc11ef085938ddb39ba30e%26fs_iiq_enabled%3Dtrue%26floors_user%3D1%26floors_rtt%3D28%26fs_clientservermask%3D221333333233333232112%26fs_testgroup%3Doptimised&adks=1088460337&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73568d9650a32f10073e2d0bf89baa215a8c0049bd3b88816f5b94fc3566aa48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

setuid
s2s.t13.io/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58827/sync?redir=true&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-MifaKW5E2uJyaqqKKO5MF8f6YD7llsAH~A

86 B
115 B

45ms
44ms

Image
image/png

34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-MifaKW5E2uJyaqqKKO5MF8f6YD7llsAH~A
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:23 GMT
content-encoding: gzip
via: 1.1 google
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

location: https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-MifaKW5E2uJyaqqKKO5MF8f6YD7llsAH~A
date: Sun, 24 Dec 2023 08:01:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 44ms
43ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 7f290a8994f2df2dcd627bf8e21448315db2c5fba3b88558eb9ab91f531baf7a

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:23 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H3 200 c
c.pub.network/v2/ Frame 0
0 46ms
45ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Dec 2023 08:01:23 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H3

200

setuid
s2s.t13.io/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D
https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd

86 B
115 B

51ms
50ms

Image
image/png

34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:24 GMT
content-encoding: gzip
via: 1.1 google
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

Location: https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd
Date: Sun, 24 Dec 2023 08:01:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame D41F 0
48 B 37ms
24ms Script
text/plain 162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:22 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 46ms
44ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 7f290a8994f2df2dcd627bf8e21448315db2c5fba3b88558eb9ab91f531baf7a

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:24 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H3 200 c
c.pub.network/v2/ Frame 0
0 44ms
43ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Dec 2023 08:01:24 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C327 5 KB
6 KB 26ms
25ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10196625&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 2a38c2a5bb5e5d22dafaaa3f6734533a884ffdae086e41052f9192bfa548ac5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 24 Dec 2023 08:01:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

/ Show response
ce.lijit.com/beacon/prebid-server/ Frame 7604
Redirect Chain

https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%...
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%...

2 KB
1 KB

2426ms
34ms

Document
text/html

63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: ef4ea74dd180abcb53a2dcca80e4cd6f362f9a8930753f3c8e608aa59cfa5c7a

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding: gzip
Content-Length: 766
Content-Type: text/html
Date: Sun, 24 Dec 2023 08:01:26 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
Vary: Accept-Encoding, User-Agent
X-Sovrn-Pod: ad_ap3dca1

Redirect headers

Content-length: 0
Location: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID

GET
H2

200

sync Show response
sync-pm.ads.yieldmo.com/ Frame 3286
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1067000970582424152&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D89650751-3BF3-4D23-9052-3F05C2D55689%26gdpr%3D0%26gdpr_consent%3...
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=

43 B
613 B

1197ms
44ms

Document
image/gif

3.225.53.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.53.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-53-72.compute-1.amazonaws.com
Software: /
Resource Hash: d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-length: 43
content-type: image/gif;charset=utf-8
date: Sun, 24 Dec 2023 08:01:25 GMT
pragma: no-cache

Redirect headers

cache-control: no-store, no-cache, private
date: Sun, 24 Dec 2023 08:01:23 GMT
location: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 4E5C 0
267 B 12745ms
42ms Document
image/gif 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 0
content-type: image/gif
date: Sun, 24 Dec 2023 08:01:37 GMT
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server: c

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 987C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

51ms
51ms

Document
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZYflVAAJQ5kLrwBU
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Sun, 24 Dec 2023 08:01:24 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yyz4556-YYZ
x-timer: S1703404885.527799,VS0,VE20

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Sun, 24 Dec 2023 08:01:24 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZYflVAAJQ5kLrwBU
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yyz4556-YYZ
x-timer: S1703404884.475037,VS0,VE21

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 2912
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd&gdpr=0&gdpr_consent=&us_privacy=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=36b5e0d6-f1a9-4c45-9ebe-a704f0fe01cf&ssp=pubmatic&gdpr=0
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
0

30ms
29ms

Document
text/plain

8.28.7.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,max-age=86400
date: Sun, 24 Dec 2023 08:01:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Sun, 24 Dec 2023 08:01:24 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

sync Show response
sync-pm.ads.yieldmo.com/ Frame 5F25
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=L2roZ3xq5WA0PeZkemv9aX085mE0a-AxLGhtD3jK
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D89650751-3BF3-4D23-9052-3F05C2D55689%26gdpr%3D0%26gdpr_consent%3...
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=

43 B
613 B

1193ms
41ms

Document
image/gif

3.225.53.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.53.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-53-72.compute-1.amazonaws.com
Software: /
Resource Hash: d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-length: 43
content-type: image/gif;charset=utf-8
date: Sun, 24 Dec 2023 08:01:25 GMT
pragma: no-cache

Redirect headers

cache-control: no-store, no-cache, private
date: Sun, 24 Dec 2023 08:01:24 GMT
location: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET bridge
cm.adgrx.com/ Frame F3B3 0
0

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame DC93
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
418 B

114ms
103ms

Document
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 83a7511fcf3aa1da-YYZ
content-length: 43
content-type: image/gif; charset=utf-8
date: Sun, 24 Dec 2023 08:01:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 83a7511f1ecea1da-YYZ
content-type: text/html
date: Sun, 24 Dec 2023 08:01:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 2200

GET
H2

200

sync Show response
sync-pm.ads.yieldmo.com/ Frame BE38
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=969470221362856718
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D89650751-3BF3-4D23-9052-3F05C2D55689%26gdpr%3D0%26gdpr_consent%3...
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=

43 B
614 B

1162ms
40ms

Document
image/gif

3.225.53.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.53.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-53-72.compute-1.amazonaws.com
Software: /
Resource Hash: d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-length: 43
content-type: image/gif;charset=utf-8
date: Sun, 24 Dec 2023 08:01:25 GMT
pragma: no-cache

Redirect headers

cache-control: no-store, no-cache, private
date: Sun, 24 Dec 2023 08:01:22 GMT
location: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AA50
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-VseCc0jUpxV70YNFp8ifGuvZsA&gdpr=0&gdpr_consent=

42 B
525 B

600ms
22ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-VseCc0jUpxV70YNFp8ifGuvZsA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 24 Dec 2023 08:01:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Sun, 24 Dec 2023 08:01:27 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-VseCc0jUpxV70YNFp8ifGuvZsA&gdpr=0&gdpr_consent=

GET pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame A659 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7A77
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RtHr2DBw1Rhjqy5&gdpr=0&gdpr_consent=

42 B
221 B

26ms
25ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RtHr2DBw1Rhjqy5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 24 Dec 2023 08:01:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sun, 24 Dec 2023 08:01:38 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RtHr2DBw1Rhjqy5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-07acfe1844a059670@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame DD21 43 B
362 B 44ms
24ms Document
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 08:01:23 GMT
expires: Sun, 24 Dec 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 401887
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET pubmatic
ad.mrtnsvr.com/sync/ Frame 94EA 0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame D636
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU541a835bedef4c8d900f0cc19e6264a4

42 B
278 B

27ms
25ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU541a835bedef4c8d900f0cc19e6264a4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 24 Dec 2023 08:01:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 166
content-type: text/html; charset=utf-8
date: Sun, 24 Dec 2023 08:01:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU541a835bedef4c8d900f0cc19e6264a4
pragma: no-cache
server: Tengine

GET tum
ums.acuityplatform.com/ Frame 3E34 0
0

GET /
csync.loopme.me/ Frame 62F2 0
0

GET img
sync.mathtag.com/sync/ Frame CB9B 0
0

GET pubmatic
gocm.c.appier.net/ Frame 4A29 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B0A1
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://ad.turn.com/r/cs?pid=45&rndcb=7370720806
https://sync.1rx.io/usersync/turn/3721385948713308019?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005

42 B
334 B

600ms
24ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 24 Dec 2023 08:01:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-type: text/html
date: Sun, 24 Dec 2023 08:01:27 GMT
etag: RX8ab9fef8c33c434a99694f3f0c4f4f99005
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET cm
ipac.ctnsnet.com/int/ Frame EB72 0
0

GET cookiesync
core.iprom.net/ Frame 3F92 0
0

GET pub
matching.truffle.bid/sync/ Frame EC6F 0
0

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame D2A7
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B951624FAB8C4F00B53129B5A511D369&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
0

29ms
28ms

Document
text/plain

8.28.7.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,max-age=86400
date: Sun, 24 Dec 2023 08:01:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Sun, 24 Dec 2023 08:01:24 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET epm
px.owneriq.net/ Frame F8AD 0
0

GET
H3

200

ProfilesEngineServlet Show response
sync.intentiq.com/profiles_engine/ Frame DAFC
Redirect Chain

https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=89650751-3BF3-4D23-9052-3F05C2D55689
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=89650751-3BF3-4D23-9052-3F05C2D55689

43 B
864 B

40ms
38ms

Document
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=89650751-3BF3-4D23-9052-3F05C2D55689
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif
date: Sun, 24 Dec 2023 08:01:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma: no-cache
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-id: f6MhTiiKw29S_ywkZde9KTmUvQPxiHyM4ARQDu2g37fkTNpgDGDVDg==
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront

Redirect headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-store
content-type: text/html; charset=utf-8
date: Sun, 24 Dec 2023 08:01:24 GMT
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=89650751-3BF3-4D23-9052-3F05C2D55689
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: nginx
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
x-amz-cf-id: 4u0Rv7redgLCrpRwBQRS4Ukgo0aXCW7D5Y0bv3pJ5vEIv8q1GqCmJg==
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront

GET insync
thrtle.com/ Frame C327 0
0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame C327
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=540245193&val=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=

43 B
61 B

47ms
47ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
date: Sun, 24 Dec 2023 08:01:33 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET Martin
crb.kargo.com/api/v1/dsync/ Frame C327 0
0

GET sync
sync.bfmio.com/ Frame C327 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C327
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3721385948713308019&gdpr=0&gdpr_consent=&us_privacy=

1 B
220 B

1358ms
26ms

Image
text/html

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3721385948713308019&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 24 Dec 2023 08:01:28 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3721385948713308019&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 24 Dec 2023 08:01:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C327
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=

42 B
342 B

27ms
25ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 24 Dec 2023 08:01:33 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C327
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=872373289210744526

42 B
319 B

27ms
24ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=872373289210744526
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 24 Dec 2023 08:01:37 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=872373289210744526
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame C327 0
0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D41F 692 B
1003 B 28ms
26ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83615311&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 554a88680807ccea0dcb27221858c009543a15082620aa9cfc7dfadb21eee703

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 24 Dec 2023 08:01:23 GMT
content-length: 692
content-type: text/html; charset=UTF-8

GET
H3 200 setuid Show response
s2s.t13.io/ Frame 4692 0
14 B 47ms
44ms Document
text/html 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=89650751-3BF3-4D23-9052-3F05C2D55689
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html
date: Sun, 24 Dec 2023 08:01:24 GMT
expires: 0
pragma: no-cache
via: 1.1 google

GET
H2 200 syncMe
synchroscript.deliveryengine.adswizz.com/ Frame D41F 0
203 B 7266ms
42ms Image
text/plain 18.238.55.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-37.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:31 GMT
via: 1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P4
content-length: 0
x-amz-cf-id: KRyeZLtl-NuUjHVFyCjYTLSP1oUdaTqa4IVLcdWmdIBZXaMDZNLxgQ==
x-cache: Error from cloudfront

GET

/
p.adsymptotic.com/d/px/ Frame D41F
Redirect Chain

https://idsync.rlcdn.com/712188.gif?partner_uid=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=
https://idsync.rlcdn.com/1000.gif?memo=CPy7KxIwCiwIARCFpQoaJDg5NjUwNzUxLTNCRjMtNEQyMy05MDUyLTNGMDVDMkQ1NTY4ORAAGg0I2MqfrAYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=c1251b47bb1d3dc31e5508b07fb6870f97c7f9374eca716327564680f787450e791426b5417dce21&_=2
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=05113914

0
0

GET
H2

200

gdpr_consent=
bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=89650751-3BF3-4D23-9052-3F05C2D55689/gdpr=0/ Frame D41F
Redirect Chain

https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=89650751-3BF3-4D23-9052-3F05C2D55689/gdpr=0/gdpr_consent=
https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=89650751-3BF3-4D23-9052-3F05C2D55689/gdpr=0/gdpr_consent=

49 B
264 B

49ms
49ms

Image
image/gif

34.225.234.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=89650751-3BF3-4D23-9052-3F05C2D55689/gdpr=0/gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Server: 34.225.234.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-234-246.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:31 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.13.67
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:31 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=89650751-3BF3-4D23-9052-3F05C2D55689/gdpr=0/gdpr_consent=
cache-control: no-cache
x-server: 10.40.54.119
content-length: 0
expires: 0

GET
H3 200 receive
pixel.tapad.com/idsync/ex/ Frame D41F 95 B
124 B 49ms
46ms Image
image/png 34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=89650751-3BF3-4D23-9052-3F05C2D55689&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 44ms
43ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.2.5/analytics.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 7f290a8994f2df2dcd627bf8e21448315db2c5fba3b88558eb9ab91f531baf7a

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 08:01:24 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H3 200 c
c.pub.network/v2/ Frame 0
0 47ms
46ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nasledard.shokodeal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Dec 2023 08:01:24 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H2

200

sync
pippio.com/api/ Frame 8540
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYflVG8tfarUEZN0xqK2lwAA%261263&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYflVG8tfarUEZN0xqK2lwAA%261263&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8eac0a2b848d4c4b9b94f1afde794591
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=8eac0a2b-848d-4c4b-9b94-f1afde794591
https://p.rfihub.com/cm?pub=39342&in=1&userid=890f50b9-8691-42a0-8394-8d10ad39a0ce%3A1703404885.1611774&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D890f50b9-8691-42a0...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969470221362856718&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D890f50b...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=890f50b9-8691-42a0-8394-8d10ad39a0ce%3A1703404885.1611774&pid=500040&it=1&iv=890f50b9-8691-42a0-8394-8d10ad39a0ce%3A1703404885.1611774&_=170...
https://pippio.com/api/sync?it=1&pid=500040&_=1703404885.1631556&iv=890f50b9-8691-42a0-8394-8d10ad39a0ce:1703404885.1611774

42 B
570 B

1361ms
54ms

Image
image/gif

107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1703404885.1631556&iv=890f50b9-8691-42a0-8394-8d10ad39a0ce:1703404885.1611774
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:26 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1703404885.1631556&iv=890f50b9-8691-42a0-8394-8d10ad39a0ce:1703404885.1611774
Date: Sun, 24 Dec 2023 08:01:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8540
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYflVG8tfarUEZN0xqK2lwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMxdI-DC-KsOlSiSZ_lxMWQ&google_cver=1

43 B
768 B

61ms
61ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMxdI-DC-KsOlSiSZ_lxMWQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlJbWzlLoDTSzU6O2YTtl8EnYqldetnGqYpLWdeJUfcPBliRVbRy1BbRaLBmLgh5PrRuKRqHzYDghnizwqzcN0lZZmE72l8ZRPePPYCrXPWcyVNooOZSmIKO1eEZ9WOQ6v%2FIWNgX1X3%2Fbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a750f2f9545407-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMxdI-DC-KsOlSiSZ_lxMWQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 8540
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=06520073-fb72-4ed5-983e-803febf0635f&expiration=1705996884&gdpr=0&gdpr_consent=

43 B
396 B

57ms
57ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=06520073-fb72-4ed5-983e-803febf0635f&expiration=1705996884&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=op1AWLY1xIQw7wgoPrt0UTxtQNwrlvRqwVPsqvF1Fm0gZy0aLhMxlF9sNooHy5j9EByHBObEjNMtV5l%2Be4sVQ8GT6AIOEIigS05SBIJXKyE4qna3LUp2NtYaZW%2Ff8IM%2Bd0rDeLBcst4e9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a750f2a99239f2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=06520073-fb72-4ed5-983e-803febf0635f&expiration=1705996884&gdpr=0&gdpr_consent=
date: Sun, 24 Dec 2023 08:01:24 GMT
server: Kestrel
content-length: 323

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 8540 43 B
479 B 44ms
42ms Image
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WYSNGVH6X3WEYB4D8ZH2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 8540
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969470221362856718

43 B
390 B

54ms
54ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969470221362856718
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlDWjeLryIbtkaJzsviuT9VsgleTFbSf7b%2B8drcYLIK%2B42kwEq6yajJGSmlYQElxSAB4nBAGLC37jWh2YqXcFSmv%2BXmvYpYSJ61uZPtoonDVCCqipN%2F%2FayWKLvo2gN7Bodo%2B0cbP9Bo33w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a750f2897f39f2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969470221362856718
Date: Sun, 24 Dec 2023 08:01:24 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8540
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://pr-bh.ybp.yahoo.com/sync/casale/ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB

43 B
600 B

123ms
43ms

Image
image/gif

54.144.174.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB

Requested by

Protocol

Server

54.144.174.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB
date: Sun, 24 Dec 2023 08:01:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rum
dsum.casalemedia.com/ Frame 8540
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://casale-match.dotomi.com/match/bounce/current?DotomiTest=42d100b86a5e05f5&is_secure=true&networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAABsXUNkSdzPQM_baM7AAAAAAA&expiration=1703491284&is_secure=true

43 B
631 B

77ms
55ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAABsXUNkSdzPQM_baM7AAAAAAA&expiration=1703491284&is_secure=true
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsCJosDMtUA8NO8fj03YUj1wdq4Pux67KBgIz3DizMjsiVumsqOU29zsqLeZR9wyJho2NHgtkRRHFcEF1vlaZdymDqDFxA6pIoZHZ62ePeMqtjPYe9j93s9LPGeNCSaTc5yz9lXu"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a750f35a0b39f2-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:24 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAABsXUNkSdzPQM_baM7AAAAAAA&expiration=1703491284&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8540
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-VseCc0jUpxV70YNFp8ifGuvZsA

43 B
730 B

62ms
61ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-VseCc0jUpxV70YNFp8ifGuvZsA
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNeIoAwZJXM3lhwQLegWqkQHtMx97eWdGrtXXUU6bzsB2NcHMIVIcHkiviYKFT1Ysx5Rxcy6%2FS8Mt27zyJA8nBOTmlzIP%2FQ1FpXHM621klNfdCU2lp2kuDHQImmFfMQselzz5p0Y7zTHGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a75103de925407-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-VseCc0jUpxV70YNFp8ifGuvZsA
Date: Sun, 24 Dec 2023 08:01:27 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H3 200 setuid
s2s.t13.io/ Frame 8540 0
14 B 45ms
44ms Image
text/html 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2s.t13.io/setuid?gpp=&gpp_sid=&gpp=&gpp_sid=&bidder=ix&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=ZYflVG8tfarUEZN0xqK2lwAA%261263
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=&C=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:24 GMT
via: 1.1 google
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame 70C1 135 B
423 B 343ms
110ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 70C1 152 B
908 B 1182ms
63ms XHR
application/json 52.206.155.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.155.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-155-140.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: b1466bb1c247c429069472309bcf6585fdaaced9ca68edb4f7ee9b7f637e533c

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:26 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-cache
x-server: 10.40.54.238
access-control-allow-credentials: true
content-length: 152
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 70C1 108 B
789 B 49ms
49ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: d26aeed4d8e3976ca0f55403eb44ddc2c277f732c7860e5da0ff378809e6912f

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Dec 2023 08:01:25 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Tue, 23 Jan 2024 08:01:25 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 755E 281 B
555 B 122ms
31ms Document
text/html 23.47.170.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-170-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 24 Dec 2023 08:01:25 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7D95 16 KB
6 KB 29ms
28ms Document
text/html 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696&us_privacy=1---
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://nasledard.shokodeal.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=150437
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sun, 24 Dec 2023 08:01:25 GMT
expires: Tue, 26 Dec 2023 01:48:42 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8AE9 45 KB
13 KB 52ms
32ms Script
text/html 23.47.170.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-170-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: be83801fd53ef45d38bfb1e55dde6f0a0b95a833e57320d2b9b0bdc338d6a349

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 24 Dec 2023 08:01:25 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Dec 2023 12:00:23 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14269
Connection: keep-alive
Content-Length: 13200
Expires: Sun, 24 Dec 2023 11:59:14 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 755E 45 KB
13 KB 56ms
32ms Script
text/html 23.47.170.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-170-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: be83801fd53ef45d38bfb1e55dde6f0a0b95a833e57320d2b9b0bdc338d6a349

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 24 Dec 2023 08:01:25 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Dec 2023 12:00:23 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14269
Connection: keep-alive
Content-Length: 13200
Expires: Sun, 24 Dec 2023 11:59:14 GMT

GET
H3

200

setuid
s2s.t13.io/
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%2...
https://s2s.t13.io/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=465f9c0b-c13d-4108-9e74-edb29105c1bd

86 B
115 B

48ms
46ms

Image
image/png

34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2s.t13.io/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=465f9c0b-c13d-4108-9e74-edb29105c1bd
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:25 GMT
content-encoding: gzip
via: 1.1 google
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

location: https://s2s.t13.io/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=465f9c0b-c13d-4108-9e74-edb29105c1bd
date: Sun, 24 Dec 2023 08:01:25 GMT
content-length: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 8AE9 7 B
829 B 159ms
32ms XHR
application/json 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 9a0c641c0479142b55591fdf2031b15f
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 755E 7 B
841 B 164ms
33ms XHR
application/json 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: f69a50991384d09413b97a37bb74928b
Expires: 0

GET v1
lb.eu-1-id5-sync.com/lb/ Frame 70C1 0
0

POST
H3 200 liveMatching.php Show response
live.primis.tech/live/ Frame 70C1 0
377 B 84ms
51ms XHR
text/html 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveMatching.php
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D31322D32345F31307D7B7331373235393130357D7B4333307D7B53626D467A6247566B59584A6B4C6E4E6F623274765A4756686243357964513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593237327D7B66317D7B4C383938317DFEFE&userIpAddr=107.175.102.192&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.109+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21freestar.com%2C551%2C1&noViewableMidrollPolicy=off&isDoublePreroll=1&autoSkipVideoSec=22&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1703404880&csuuid=6587e5503e967&debugInfo=17259105_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=17259105&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d58gkyqxnth&secondaryContent=&x=400&y=272&pubUrl=https%3A%2F%2Fnasledard.shokodeal.ru%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=105&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=0&gdprConsent=&contentFeedId=&geoLati=42.8856&geoLong=-78.8736&vpTemplate=8981&flowMode=seenboth&isRealPreroll=0&playerApiId=freestarPrimisPlayer&isApp=0&ccpa=1&ccpaConsent=1---&subId=&appName=&appBundleId=https%3A%2F%2Fnasledard.shokodeal.ru%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:25 GMT
content-encoding: gzip
via: 1.1 08c43f80b07f0023f38f7f0e417359b4.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MGknewjOKQyq3TjoqG3mnXWZwGbvoH41wsR-ed2qPOoMqQ8fVztbjQ==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 8AE9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LQJ7ADLP-26-FVG8&ex=d-rubiconproject.com&status=ok

43 B
479 B

73ms
52ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LQJ7ADLP-26-FVG8&ex=d-rubiconproject.com&status=ok

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 24846EJZG8TJ5JRZ9Y34
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LQJ7ADLP-26-FVG8&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 84e0f527cd81a00b0210e20b4ee7ed94
Expires: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 8AE9
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ7ADLP-26-FVG8

0
142 B

65ms
65ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ7ADLP-26-FVG8
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:24 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5235AE84AF3D43E0A54DABB0772063CA Ref B: YTO01EDGE0817 Ref C: 2023-12-24T08:01:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNPNsfiQzuEuygAMr8WA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQJ7ADLP-26-FVG8
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 382e2818ca015d35b02cd449aa60881d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AE9
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmIyNzFkNzU2NGNiMDBhZTA2ZDEwNjY3OTNmMjFjYjMzYmY5YWQyMQ

170 B
188 B

43ms
43ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmIyNzFkNzU2NGNiMDBhZTA2ZDEwNjY3OTNmMjFjYjMzYmY5YWQyMQ

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmIyNzFkNzU2NGNiMDBhZTA2ZDEwNjY3OTNmMjFjYjMzYmY5YWQyMQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 29af2665c43893332e84c235bac366c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8AE9
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/Y4b3Sh_gA5BV6yIvktLF-8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NWsJx6FE2oKHHn3Npnk7g4s534NcK_boMJGn0w--~A

42 B
928 B

138ms
29ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NWsJx6FE2oKHHn3Npnk7g4s534NcK_boMJGn0w--~A
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 24 Dec 2023 08:01:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NWsJx6FE2oKHHn3Npnk7g4s534NcK_boMJGn0w--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AE9
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFKN0FETFAtMjYtRlZHOA==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJki8C5TC1DKE8Ig-NqS0Gg&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFKN0FETFAtMjYtRlZHOA==&google_push=

170 B
188 B

44ms
43ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFKN0FETFAtMjYtRlZHOA==&google_push=

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFKN0FETFAtMjYtRlZHOA==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0b388c490ecfef74be7d13328a4f3ac3
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8AE9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKHntigEaXjvIisQodLJVH8&google_cver=1

42 B
928 B

120ms
35ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKHntigEaXjvIisQodLJVH8&google_cver=1
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ffef7c53154b04a892ce1f9531c32cb1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKHntigEaXjvIisQodLJVH8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 8AE9 43 B
855 B 395ms
181ms Image
image/gif 52.94.220.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KM0T135HWYRR9KA444D1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 8AE9
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PaVOQ6c8ThKs-SiNlVPV3g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PaVOQ6c8ThKs-SiNlVPV3g

43 B
479 B

2104ms
36ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PaVOQ6c8ThKs-SiNlVPV3g

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NYDBQEQ26VGFC79MV89C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PaVOQ6c8ThKs-SiNlVPV3g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8AE9
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06520073-fb72-4ed5-983e-803febf0635f&gdpr=0&gdpr_consent=&expires=30

42 B
928 B

147ms
30ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06520073-fb72-4ed5-983e-803febf0635f&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ffef7c53154b04a892ce1f9531c32cb1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06520073-fb72-4ed5-983e-803febf0635f&gdpr=0&gdpr_consent=&expires=30
date: Sun, 24 Dec 2023 08:01:25 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8AE9
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHiHE7LD8sAABbN-sajhg&expires=30

42 B
928 B

123ms
36ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHiHE7LD8sAABbN-sajhg&expires=30
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAHiHE7LD8sAABbN-sajhg&expires=30
Date: Sun, 24 Dec 2023 08:01:25 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET

pixel
capi.connatix.com/us/ Frame 8AE9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564
https://capi.connatix.com/us/pixel?puid=LQJ7ADLP-26-FVG8&pId=11&gdpr=&gdpr_consent=&us_privacy=

0
0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 8AE9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
https://ce.lijit.com/merge?pid=80&3pid=LQJ7ADLP-26-FVG8

43 B
664 B

1161ms
36ms

Image
image/gif

63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LQJ7ADLP-26-FVG8
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:26 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LQJ7ADLP-26-FVG8
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 20e8391fc78a9019eb67dba4b22f0ac2
Expires: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 8AE9
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQJ7ADLP-26-FVG8

95 B
124 B

46ms
46ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQJ7ADLP-26-FVG8

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

a23-40-179-71.deploy.static.akamaitechnologies.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQJ7ADLP-26-FVG8
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: af308bb17a856a105b8c87aaae7d7f8c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 8AE9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ7ADLP-26-FVG8

68 B
279 B

43ms
43ms

Image
image/png

34.227.128.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ7ADLP-26-FVG8
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 34.227.128.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-128-134.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:25 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQJ7ADLP-26-FVG8
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: eea754ae2ea80a3b4eb2fcf35349058a
Expires: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame 8AE9
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQJ7ADLP-26-FVG8&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQJ7ADLP-26-FVG8&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JTzk5anF0RTJ1RV9PRk5ZZzExMkFoaEtFaXVDWHNCU35B&ovsid=LQJ7ADLP-26-FVG8&dpid=58160

57 B
650 B

3191ms
62ms

Image
image/gif

23.40.179.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JTzk5anF0RTJ1RV9PRk5ZZzExMkFoaEtFaXVDWHNCU35B&ovsid=LQJ7ADLP-26-FVG8&dpid=58160

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Server

23.40.179.71 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sun, 24 Dec 2023 08:01:29 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Sun, 24 Dec 2023 08:01:29 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JTzk5anF0RTJ1RV9PRk5ZZzExMkFoaEtFaXVDWHNCU35B&ovsid=LQJ7ADLP-26-FVG8&dpid=58160
date: Sun, 24 Dec 2023 08:01:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8AE9
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=7f7df25a-1df4-45ee-a4e6-084e00db2fb8&expires=30

42 B
940 B

30ms
29ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=7f7df25a-1df4-45ee-a4e6-084e00db2fb8&expires=30
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e71ccbe96f42d70fa40603ada4c96b28
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=7f7df25a-1df4-45ee-a4e6-084e00db2fb8&expires=30
Date: Sun, 24 Dec 2023 08:01:29 GMT
Connection: keep-alive
X-CI-RTID: 0cf71ce7-e1fc-4928-8bfc-46f2cbf58d54
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H3

200

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 755E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1---
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQJ7ADLP-26-FVG8&us_privacy=1---
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ7ADLP-26-FVG8

43 B
863 B

37ms
36ms

Image
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ7ADLP-26-FVG8
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:25 GMT
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: bfwZU671Oz6HiR_8aKhRwlohataPuRP_6BDCDjJyDodwlQf0ILSPsA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:25 GMT
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=utf-8
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQJ7ADLP-26-FVG8
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _ZFcN4X-xXnJuIg2YoUsX12LPXCHW3bXWwgX_hGwmsvn84VifN_OZA==

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 755E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1---
https://prebid.a-mo.net/setuid/magnite?uid=LQJ7ADLP-26-FVG8&us_privacy=1---

0
449 B

3156ms
45ms

Image
text/plain

147.28.129.140
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LQJ7ADLP-26-FVG8&us_privacy=1---
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:28 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LQJ7ADLP-26-FVG8&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 574abe46412f7df61ec8713ff1a5b646
Expires: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 755E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1---
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQJ7ADLP-26-FVG8&us_privacy=1---

43 B
1 KB

33ms
32ms

Image
image/gif

68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQJ7ADLP-26-FVG8&us_privacy=1---

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-3-130-164-37.us-east-2.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:25 GMT
an-x-request-uuid: ba9dcb8f-a482-4cdf-92da-b22c4a9bb8a5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQJ7ADLP-26-FVG8&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e07703167439847c6c49a939083c0fd
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 755E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1164&us_privacy=1---
https://c1.adform.net/serving/cookie/match?CC=1&party=1164&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6759941563391600214

42 B
940 B

30ms
29ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6759941563391600214
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=6759941563391600214
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 755E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=1b816740-afaa-472b-84d1-bb5ea3d8a965&us_privacy=1---

42 B
940 B

166ms
29ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=1b816740-afaa-472b-84d1-bb5ea3d8a965&us_privacy=1---
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: eea754ae2ea80a3b4eb2fcf35349058a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:25 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=1b816740-afaa-472b-84d1-bb5ea3d8a965&us_privacy=1---
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 953623
content-length: 0
expires: Sun, 24 Dec 2023 00:00:00 GMT

GET
H2

204

Rubicon
s.seedtag.com/cs/cookiesync/ Frame 755E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&us_privacy=1---
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQJ7ADLP-26-FVG8&us_privacy=1---

0
284 B

109ms
34ms

Image
text/plain

34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQJ7ADLP-26-FVG8&us_privacy=1---
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:25 GMT
via: 1.1 google
access-control-allow-credentials: true
server: openresty
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQJ7ADLP-26-FVG8&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 755E
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=14&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=-VseCc0jUpxV70YNFp8ifGuvZsA

42 B
940 B

30ms
29ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=-VseCc0jUpxV70YNFp8ifGuvZsA
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=-VseCc0jUpxV70YNFp8ifGuvZsA
Date: Sun, 24 Dec 2023 08:01:27 GMT
Connection: keep-alive
Content-Length: 121
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 755E
Redirect Chain

https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=95862dc0-a378-44f6-8137-4c9e8e3ec4d7

42 B
928 B

165ms
31ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=95862dc0-a378-44f6-8137-4c9e8e3ec4d7
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9e7742894a018a40b59a2ed2117c85b5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername: Track004-iad
pragma: no-cache
date: Sun, 24 Dec 2023 08:01:01 GMT
strict-transport-security: max-age=31536000;
content-type: text/html; charset=utf-8
location: https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=95862dc0-a378-44f6-8137-4c9e8e3ec4d7
cache-control: private,no-cache
content-length: 223
expires: -1

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 755E
Redirect Chain

https://ad.turn.com/r/cs?pid=6&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3721385948713308019&expires=60&gdpr=&gdpr_consent=

42 B
940 B

29ms
29ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3721385948713308019&expires=60&gdpr=&gdpr_consent=
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 20e8391fc78a9019eb67dba4b22f0ac2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3721385948713308019&expires=60&gdpr=&gdpr_consent=
pragma: no-cache
date: Sun, 24 Dec 2023 08:01:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 755E
Redirect Chain

https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=1067000970582424152&expires=30&us_privacy=1---

42 B
940 B

179ms
29ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=1067000970582424152&expires=30&us_privacy=1---
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9e7742894a018a40b59a2ed2117c85b5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:25 GMT
an-x-request-uuid: 481e90d9-b59a-462a-bbb0-e3c5daba142b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=1067000970582424152&expires=30&us_privacy=1---
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 755E
Redirect Chain

https://sync.1rx.io/usersync2/rubicon?us_privacy=1---
https://sync.targeting.unrulymedia.com/csync/RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-8ab9fef8-c33c-43...
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005&expires=30&us_privacy=1---

42 B
940 B

158ms
30ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005&expires=30&us_privacy=1---
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-8ab9fef8-c33c-434a-9969-4f3f0c4f4f99-005&expires=30&us_privacy=1---
date: Sun, 24 Dec 2023 08:01:25 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX8ab9fef8c33c434a99694f3f0c4f4f99005
content-type: text/html

GET
H/1.1

204
No Content

esync
token.rubiconproject.com/ Frame 755E
Redirect Chain

https://id.rlcdn.com/709414.gif?us_privacy=1---
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

0
214 B

126ms
32ms

Image
text/plain

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 29af2665c43893332e84c235bac366c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 24 Dec 2023 08:01:29 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

setuid
s2s.t13.io/ Frame 755E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&us_privacy=1---
https://s2s.t13.io/setuid?bidder=rubicon&uid=LQJ7ADLP-26-FVG8&us_privacy=1---

86 B
115 B

49ms
48ms

Image
image/png

34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2s.t13.io/setuid?bidder=rubicon&uid=LQJ7ADLP-26-FVG8&us_privacy=1---
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:25 GMT
content-encoding: gzip
via: 1.1 google
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s2s.t13.io/setuid?bidder=rubicon&uid=LQJ7ADLP-26-FVG8&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 44e748b6247b033344ab4f6b8c0f8cbb
Expires: 0

GET
H2

200

sync
visitor.omnitagjs.com/visitor/ Frame 755E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&us_privacy=1---
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQJ7ADLP-26-FVG8&name=RUBICON&us_privacy=1---

49 B
385 B

1170ms
39ms

Image
image/gif

3.130.164.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQJ7ADLP-26-FVG8&name=RUBICON&us_privacy=1---

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Server

3.130.164.37 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:27 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 1
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 3
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQJ7ADLP-26-FVG8&name=RUBICON&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0b388c490ecfef74be7d13328a4f3ac3
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 755E
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&us_privacy=1---
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&expires=360&gdpr=0&gdpr_consent=

42 B
940 B

32ms
31ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&expires=360&gdpr=0&gdpr_consent=
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 82a6cabd8b3f0d2d2ae6e86e2699f0ba
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:32 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&expires=360&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame 755E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1---
https://ssc-cms.33across.com/ps/?xi=1&xu=LQJ7ADLP-26-FVG8&us_privacy=1---
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQJ7ADLP-26-FVG8&ts=1703404886&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---

68 B
216 B

97ms
33ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQJ7ADLP-26-FVG8&ts=1703404886&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:26 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:25 GMT
referrer-policy: unsafe-url
server: 33XP011
x-33x-status: 8000000008200000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LQJ7ADLP-26-FVG8&ts=1703404886&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame C327 0
128 B 26ms
24ms Script
text/plain 162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159196&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 118ms
53ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Dec 2023 08:01:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
327 B 123ms
42ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1684090
x-guploader-uploadid: ABPtcPq4NT1ZuvVThBw6ycEphJ3ygn-xPkVcUycFebBzSRGYP7sJSkF_rRbB8FBgNRCWqsxsh7Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyMrKa6Al5i5du8jkOYRPele4V4A10o18%2FUOYnazKtMr%2BKTXn2WMiVw%2F%2FXJG0SIohTMp%2ByGBedIUUfb69Fdg0iGabE2fNke3zVElVDc0nvWzZGxCqyVcP4f3nXE0phNUrg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 83a750fd0feca247-YYZ
expires: Mon, 04 Dec 2023 21:10:57 GMT

GET favicon.ico
ad.doubleclick.net/ 0
0

GET
H2 200 px.gif
ad-delivery.net/ 43 B
901 B 118ms
39ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.8574490187970971
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1684090
x-guploader-uploadid: ABPtcPq4NT1ZuvVThBw6ycEphJ3ygn-xPkVcUycFebBzSRGYP7sJSkF_rRbB8FBgNRCWqsxsh7Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dF%2Bi08dxlBtpVrPrmLQTMo5eEhIX1pKOsITG2CKFMNt53VNcQCEO53LYLU7Q%2BP8qWjqH5ykJ4ChD4Phs0jAT6pRXuPiVmJVLWQbIyONEATqS0BYrvBURYHnYPO8xeqVyA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 83a750fd0feaa247-YYZ
expires: Mon, 04 Dec 2023 21:10:57 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame D41F 0
260 B 1344ms
25ms Script
text/plain 162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:27 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 setuid
s2s.t13.io/ Frame 7604 0
14 B 57ms
56ms Image
text/html 34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2s.t13.io/setuid?bidder=sovrn&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=H36BjLZHD0I_8YN-TemHg7ic&gdpr=0&gdpr_consent=
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:26 GMT
via: 1.1 google
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 7604
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Dad2031...
https://ce.lijit.com/merge?pid=16&3pid=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=

43 B
2 KB

35ms
34ms

Image
image/gif

63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:34 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 24 Dec 2023 08:01:34 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://ce.lijit.com/merge?pid=16&3pid=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cs
cs.minutemedia-prebid.com/ Frame 7604
Redirect Chain

https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?pid=562769&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fcs.krushmedia.com%2F6829e4c09c04a0b5e4044d4285b718db.gif%3Fpuid%3D%25%25VGUID%25%25
https://cs.krushmedia.com/6829e4c09c04a0b5e4044d4285b718db.gif?puid=Ebtx9v6avFz1&ev=1&us_privacy=${us_privacy}&pid=562769
https://cs.minutemedia-prebid.com/cs?aid=21498&id=9b176146-0475-543f-b62b-17e637b89527

0
319 B

148ms
37ms

Image
application/javascript

3.222.121.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.minutemedia-prebid.com/cs?aid=21498&id=9b176146-0475-543f-b62b-17e637b89527
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Server: 3.222.121.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-121-73.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:28 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://ce.lijit.com/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:28 GMT
Server: nginx
Location: https://cs.minutemedia-prebid.com/cs?aid=21498&id=9b176146-0475-543f-b62b-17e637b89527
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 7604
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
https://ce.lijit.com/merge?pid=86&3pid=KTsYfKF5Hx0Y0On6qevhkixyEShB4ZgndQtvZPJLtek&pi=sovrn&gdpr=0&gdpr_consent=&tc=1

43 B
2 KB

37ms
36ms

Image
image/gif

63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=KTsYfKF5Hx0Y0On6qevhkixyEShB4ZgndQtvZPJLtek&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:28 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=KTsYfKF5Hx0Y0On6qevhkixyEShB4ZgndQtvZPJLtek&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma: no-cache
date: Sun, 24 Dec 2023 08:01:28 GMT, Sun, 24 Dec 2023 08:01:28 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 7604
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=36b5e0d6-f1a9-4c45-9ebe-a704f0fe01cf

43 B
1 KB

34ms
33ms

Image
image/gif

63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=36b5e0d6-f1a9-4c45-9ebe-a704f0fe01cf
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:27 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: //ce.lijit.com/merge?pid=87&3pid=36b5e0d6-f1a9-4c45-9ebe-a704f0fe01cf
date: Sun, 24 Dec 2023 08:01:27 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 7604
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=80&3pid=LQJ7ADLP-26-FVG8&gdpr=0

43 B
1 KB

79ms
34ms

Image
image/gif

63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LQJ7ADLP-26-FVG8&gdpr=0
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:27 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LQJ7ADLP-26-FVG8&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8bab65602db075726861004da5629947
Expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 7604
Redirect Chain

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?3pid=AAHiHE7LD8sAABbN-sajhg&pid=85&gdpr=0

43 B
1 KB

35ms
34ms

Image
image/gif

63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?3pid=AAHiHE7LD8sAABbN-sajhg&pid=85&gdpr=0
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:26 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?3pid=AAHiHE7LD8sAABbN-sajhg&pid=85&gdpr=0
Date: Sun, 24 Dec 2023 08:01:26 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame 7604 0
0 1141ms
43ms Image
text/html 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ce.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 104A 16 KB
6 KB 391ms
28ms Document
text/html 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://ce.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=150435
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sun, 24 Dec 2023 08:01:27 GMT
expires: Tue, 26 Dec 2023 01:48:42 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C156 16 KB
6 KB 387ms
30ms Document
text/html 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://ce.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=150435
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sun, 24 Dec 2023 08:01:27 GMT
expires: Tue, 26 Dec 2023 01:48:42 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3

200

cm Show response
us-u.openx.net/w/1.0/ Frame 362A
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_c...
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&g...

909 B
562 B

48ms
47ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6438e48921102536f093e424e86c7f7521492af5406384f9f58b3ca470432484

Request headers

Referer: https://ce.lijit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 543
content-type: text/html
date: Sun, 24 Dec 2023 08:01:33 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Dec 2023 08:01:33 GMT
location: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1 200
OK merge Show response
ce.lijit.com/ Frame 5AE9 43 B
2 KB 34ms
34ms Document
image/gif 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=58&3pid=89650751-3BF3-4D23-9052-3F05C2D55689
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length: 43
Content-Type: image/gif
Date: Sun, 24 Dec 2023 08:01:27 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap3dca1

GET
H/1.1 200
OK merge Show response
ce.lijit.com/ Frame 779C 43 B
2 KB 46ms
33ms Document
image/gif 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=71&3pid=89650751-3BF3-4D23-9052-3F05C2D55689
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length: 43
Content-Type: image/gif
Date: Sun, 24 Dec 2023 08:01:27 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap3dca1

GET
H/1.1 200
OK merge Show response
ce.lijit.com/ Frame 56BB 43 B
2 KB 33ms
33ms Document
image/gif 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=58&3pid=89650751-3BF3-4D23-9052-3F05C2D55689
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length: 43
Content-Type: image/gif
Date: Sun, 24 Dec 2023 08:01:27 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap3dca1

GET
H/1.1 200
OK merge Show response
ce.lijit.com/ Frame 6447 43 B
2 KB 38ms
38ms Document
image/gif 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=71&3pid=89650751-3BF3-4D23-9052-3F05C2D55689
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length: 43
Content-Type: image/gif
Date: Sun, 24 Dec 2023 08:01:27 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap3dca1

GET
H3

200

ProfilesEngineServlet Show response
sync.intentiq.com/profiles_engine/ Frame 7843
Redirect Chain

https://live.primis.tech/live/liveCS.php?source=external&advId=91&advUuid=89650751-3BF3-4D23-9052-3F05C2D55689
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=89650751-3BF3-4D23-9052-3F05C2D55689

43 B
863 B

34ms
34ms

Document
image/gif

18.173.219.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=89650751-3BF3-4D23-9052-3F05C2D55689
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D91%26advUuid%3DPM_UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-51.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif
date: Sun, 24 Dec 2023 08:01:27 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
pragma: no-cache
via: 1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
x-amz-cf-id: Z3eEjcpujoVr7yDOMf2Ab7bmXpKkuH4PZJIo21kTSwaB9gRYzh6tXw==
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront

Redirect headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-store
content-type: text/html; charset=utf-8
date: Sun, 24 Dec 2023 08:01:27 GMT
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1402230080&3rdpcid=89650751-3BF3-4D23-9052-3F05C2D55689
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: nginx
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
x-amz-cf-id: OqZ0RfDFEPey78McTqpxEuGe7M1a8sPnKZkf3dbZ3CWIrtTkC9O05Q==
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront

GET
H3 200 chunklist_480.m3u8 Show response
video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/ 5 KB
786 B 61ms
30ms XHR
application/vnd.apple.mpegurl 18.164.116.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/chunklist_480.m3u8
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.164.116.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-41.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: d1b0f7ec715f3dc950343b0e71c46faf744d1b212e5bb0c2fee7dcd8e1011309

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 08:47:05 GMT
via: 1.1 b885d7691d1de254a7c8e89572398f9a.cloudfront.net (CloudFront), 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
content-encoding: br
age: 83662
x-amz-cf-pop: IAD55-P3, JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 15 Dec 2023 15:10:41 GMT
server: nginx
etag: W/"e8e41dafd4eee6ba6b3519fd4222719b"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
x-amz-cf-id: lrpL6hQrcWpo1p42HDUklY_AOieCh_qTTr52cVTEv37x-8X6Vs7G1g==
expires: Sun, 24 Dec 2023 08:47:05 GMT

GET
H3 200 w_480_00000.ts Show response
video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/ 379 KB
380 KB 30ms
30ms XHR
video/mp2t 18.164.116.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/w_480_00000.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.164.116.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-41.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: b560279e929c4673c6b4fcedbf0aa9436ae98a5babc57b0d7ae3e1f487aedccd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 12:01:35 GMT
via: 1.1 9bfafde51fc331b971140cbd2b98172e.cloudfront.net (CloudFront), 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
age: 158391
x-amz-cf-pop: IAD55-P3, JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 388408
last-modified: Fri, 15 Dec 2023 15:10:46 GMT
server: nginx
etag: "2010915be6b04cf20ea72035be228644"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 5rkPIe4T-uNO1bv-UDkGyfdgemONo4REx-ojwLSrnOJeJtOagk8dxQ==
expires: Fri, 05 Jan 2024 12:01:35 GMT

GET
BLOB 200
OK 4c59b138-0f76-437e-bf6b-cb7daa23b350
https://nasledard.shokodeal.ru/ 67 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://nasledard.shokodeal.ru/4c59b138-0f76-437e-bf6b-cb7daa23b350
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 68465
Content-Type: text/javascript

GET
H3 200 w_480_00001.ts Show response
video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/ 315 KB
316 KB 31ms
30ms XHR
video/mp2t 18.164.116.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/w_480_00001.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.164.116.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-41.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: eb66af84e4782a6210bc8a4248a9342a01d75bc52f3691f42c7d13184d128286

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 09:53:47 GMT
via: 1.1 d4564d6809e10e731bfdfae814a717f8.cloudfront.net (CloudFront), 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
age: 166060
x-amz-cf-pop: IAD55-P3, JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 322608
last-modified: Fri, 15 Dec 2023 15:10:46 GMT
server: nginx
etag: "c0af2c30befe4b29fb76f95d6283240b"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
x-amz-cf-id: GuS9xLsWPECm4dch3cORwT-g2pLRHRFwO2Vxtc7OPYQ6-ShViIzSjQ==
expires: Fri, 05 Jan 2024 09:53:47 GMT

GET
H3 200 w_480_00002.ts Show response
video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/ 352 KB
352 KB 31ms
31ms XHR
video/mp2t 18.164.116.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/w_480_00002.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.164.116.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-41.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: e155faa81a9803c04a10469982c73287a99199b3c7ea99da3461e2594ac7a36e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:27:08 GMT
via: 1.1 65566883560611dde36b4dfe13fd3272.cloudfront.net (CloudFront), 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
age: 153260
x-amz-cf-pop: IAD55-P3, JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 360020
last-modified: Fri, 15 Dec 2023 15:10:46 GMT
server: nginx
etag: "0d909673333c7a9bc8bf7192d00f7d72"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: dY8xuHM7qzrS_LntZLqls_RKcOF9qYKTtyiUq_RgxyGq8k4u3zWZ1w==
expires: Fri, 05 Jan 2024 13:27:08 GMT

GET
H3 200 w_480_00003.ts Show response
video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/ 496 KB
496 KB 30ms
30ms XHR
video/mp2t 18.164.116.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/w_480_00003.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.164.116.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-41.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 4b1636796db00120f06ccbf732976e071018a1dca0da6ef85c568d675756d803

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:27:08 GMT
via: 1.1 0c482288431692a08571c47359ca2c80.cloudfront.net (CloudFront), 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
age: 153260
x-amz-cf-pop: IAD55-P3, JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 507600
last-modified: Fri, 15 Dec 2023 15:10:46 GMT
server: nginx
etag: "4e2ac03f3d774a2ee3eb069be18f106e"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: gwDwQHRnxtykwsLNZ4dKzakpCK2EmyWv6mIL3WLZCORDOZcWd1boFw==
expires: Fri, 05 Jan 2024 13:27:08 GMT

GET
H3 200 w_480_00004.ts Show response
video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/ 423 KB
423 KB 31ms
30ms XHR
video/mp2t 18.164.116.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/w_480_00004.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.164.116.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-41.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 827cfff432fc098f243c9286ca791edff9ec9aff1ef5bc68ca9591b4cd2ae439

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 09:53:49 GMT
via: 1.1 fdcbbd5c4c7c5e8b036965d289e584e2.cloudfront.net (CloudFront), 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
age: 166059
x-amz-cf-pop: IAD55-P3, JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 432776
last-modified: Fri, 15 Dec 2023 15:10:46 GMT
server: nginx
etag: "38910e087d8c513d61d02adaad417e23"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: MnT5TtpCJXLTS_7jz4yfl2QsXsh7KmqRCcQEv591CcRnm1X4WOeOxg==
expires: Fri, 05 Jan 2024 09:53:49 GMT

GET
H3 200 w_480_00005.ts Show response
video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/ 425 KB
425 KB 32ms
31ms XHR
video/mp2t 18.164.116.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/w_480_00005.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.164.116.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-41.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: 63ad425aaabfa271a075ddc1794bed2ac7b1da472a2664b19b42bd8eda102dcc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 16:28:22 GMT
via: 1.1 6057ee56438e208609fccc94cdceb78c.cloudfront.net (CloudFront), 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
age: 55986
x-amz-cf-pop: IAD55-P3, JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 435220
last-modified: Fri, 15 Dec 2023 15:10:46 GMT
server: nginx
etag: "a3966e1e8d61b1c7d3f027835dcd5198"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
x-amz-cf-id: 5b6IxXEWTHsSw-Q1-7X6g-THw-Wjckp9I7MFadSBOpJ3u3u6mqBh9A==
expires: Sat, 06 Jan 2024 16:28:22 GMT

GET
H3 200 liveView.php
live.primis.tech/live/ 0
344 B 41ms
40ms Image
text/html 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTpjMmQjNDt4MCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE1NwA1JaN0YT0jJat9NDAjJax9MwplJaZcZF9jYXNmRG9gYWyhPW5up2kyZGFlZC5mnG9eo2RyYWjhpaUzp3VvSWQ9ozFmoGVxYXJxLaNbo2giZGVuoC5lqSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaNxn3Y9JaVmZXJJpEFxZHI9MTA3LwE3NS4kMDIhMTxlJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwElMC4jLwYjOTxhMTA5JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTt3ZTU1MDNyOTY3JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzR1pw04MDEzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTEzY2NjYUNioaNyoaQ9MS0gLSZwYaVmqGVlPTE3MDM0MDQ4ODt5MDYzqWyxPVNyn2yhZG9TUGkurWVlNwU4N2U1NTA2YwVuMSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZhYXNfZWRupzQhp2uin29xZWFfLaJ1JTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPWycpSZjrGyxPTJuYTRwMGFzYTuyNDqzMzEjY2Q0NDBvY2QlZWZvNDVy
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:28 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MEjhesT4x9FPYqNVmHR3ty-DeH-AzEiRifSHpSdfOjc8HFJQdRpaew==

POST
H2 200 v3 Show response
id5-sync.com/gm/ 740 B
1 KB 576ms
109ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

0416a5c3e45f192b6246c8e3b6d30d267c9dba6cf1543afa3b7238c6459472dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 liveView.php
live.primis.tech/live/ 0
343 B 40ms
39ms Image
text/html 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQlJaNypaZypyRcoWU9MTpjMmQjNDt4MCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE1NwA1JaN0YT0jJat9NDAjJax9MwplJaZcZF9jYXNmRG9gYWyhPW5up2kyZGFlZC5mnG9eo2RyYWjhpaUzp3VvSWQ9ozFmoGVxYXJxLaNbo2giZGVuoC5lqSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaNxn3Y9JaVmZXJJpEFxZHI9MTA3LwE3NS4kMDIhMTxlJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwElMC4jLwYjOTxhMTA5JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTt3ZTU1MDNyOTY3JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzR1pw04MDAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTEzY2NjYUNioaNyoaQ9MS0gLSZwYaVmqGVlPTE3MDM0MDQ4ODxjNDMzqWyxPVNyn2yhZG9TUGkurWVlNwU4N2U1NTA2YwVuMSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZhYXNfZWRupzQhp2uin29xZWFfLaJ1JTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPWycpSZjrGyxPWQ1MGQ5NDx2OTuuYTE0ODpkNTtkYTVxMWM2ZTMmYWM4
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:28 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UUaXsTYcLWblv4F2teUm81hLNHXL2IHpB8PvNi6Pfnac5In52oyctg==

GET
H2

200

9.gif
id5-sync.com/c/882/108/0/
Redirect Chain

https://id5-sync.com/i/882/8.gif?id5id=ID5*9TgQbitbpmH7F56hs_k3X6uCAByChNb5VEtE0E6TJIR3VJY6tVkfnmq7yxMiHQPud1VnpwuEUKUotNkfMLe6-g&o=api&gdpr_consent=undefined&gdpr=false
https://ib.adnxs.com/getuid?https://id5-sync.com/c/882/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/882/2/7/2.gif?puid=1067000970582424152&gdpr=0&gdpr_consent=
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F796%2F6%2F3.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
https://id5-sync.com/c/882/796/6/3.gif?puid=7f7df25a-1df4-45ee-a4e6-084e00db2fb8&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=92&3pid=1067000970582424152&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F1246%2F5%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
https://id5-sync.com/c/882/1246/5/4.gif?puid=H36BjLZHD0I_8YN-TemHg7ic&gdpr=0&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-3b507QGDPz1Nu_91oxIBbdglQkTe86eSEWGOiMkB2g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F882%2F124%2F4%2F5.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-3b507QGDPz1Nu_91oxIBbdglQkTe86eSEWGOiMkB2g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F882%2F124%2F4%2F5.gif%3Fp...
https://id5-sync.com/cq/882/124/4/5.gif?puid=4af92d3d-f523-4f73-a502-195ea443c679&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F203%2F3%2F6.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/882/203/3/6.gif?puid=1b816740-afaa-472b-84d1-bb5ea3d8a965&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=06520073-fb72-4ed5-983e-803febf0635f&ttl=%%TTL%%
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F434%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
https://id5-sync.com/c/882/434/1/8.gif?puid=6921db60-8cf2-449a-8280-2481830cb1fb&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F108%2F0%2F9.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://id5-sync.com/c/882/108/0/9.gif?puid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&gdpr=0&gdpr_consent=

43 B
1 KB

109ms
109ms

Image
image/gif

141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/882/108/0/9.gif?puid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&gdpr=0&gdpr_consent=

Requested by

Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/

Protocol

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sun, 24 Dec 2023 08:01:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

date: Sun, 24 Dec 2023 08:01:33 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://id5-sync.com/c/882/108/0/9.gif?puid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&gdpr=0&gdpr_consent=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 70C1 184 B
477 B 106ms
37ms XHR
application/json 69.173.151.96
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 83a3352724c58c6747ef1cee283e3d96df4d7f528525652d22cb2a41c6be9172

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.5.0
Content-Type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 172
Expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 70C1 0
121 B 75ms
26ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:30 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 70C1 144 B
966 B 118ms
118ms XHR
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

226b12e472279bdb8afbf67d58c2edd2a2160023ceebd0eade82247330a6c697

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:31 GMT
an-x-request-uuid: b699f6b6-805c-400a-b886-32a1154a2b37
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 70C1 23 B
467 B 92ms
41ms XHR
text/javascript 108.138.126.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnasledard.shokodeal.ru%2F&pid=c8soROL6tD4ku&cb=1&ws=1x1&v=23.1211.1645&t=2000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A500%2C%22id%22%3A%22aps_primis_oustream_ron%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A75%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*9TgQbitbpmH7F56hs_k3X6uCAByChNb5VEtE0E6TJIR3VJY6tVkfnmq7yxMiHQPud1VnpwuEUKUotNkfMLe6-g%22%2C%22pubcommon%22%3A%228adfed9c-59b1-4c00-b144-330a94a1e2e1%22%2C%22audigent%22%3A%22%257B%2522hadronId%2522%253A%252206066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0%2522%257D%22%2C%22lotame%22%3A%227b818566538d252b25c65412a53bbd9563cee885763913b6f4cd159309a5c0fa%22%7D%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.126.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:31 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 5d3699e517195152b2b0917312ab80b8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P4
x-amz-rid: K7MB3NQRWY5QH6M3TEWT
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nasledard.shokodeal.ru
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: RsksRR0yLTkFxLknisRupYcXUiT7rhiqtfMPxsrGoi3UIv1Ztn0uAA==

GET
H3 200 liveView.php
live.primis.tech/live/ 0
344 B 39ms
39ms Image
text/html 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTE2JaNypaZypyRcoWU9MTpjMmQjNDt4MCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MCZmqGE9MTplNTxkMDUzrD02MmIzrT0mNTYzqzyxX3Bup3NEo21unW49ozFmoGVxYXJxLaNbo2giZGVuoC5lqSZmqWJJZD1hYXNfZWRupzQhp2uin29xZWFfLaJ1JzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0kMDphMTp1LwEjMv4kOTIzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTIjLwAhNwA5OS4kMDxyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY1ODqyNTUjM2U5NwpzY29hqGVhqEZcoGVJZD00MDE1NTQkJz1yZGyuUGkurUkcp3RJZD03NTElJz1yZGyuTGymqEyxPTIkOTYjJzNioaRyoaRNYXRwnFR5pGU9JzymRXuwoHVxZUZlo21PpHQ9MCZaZHBlPTAzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0kJzNwpGE9MSZwY3BuQ29hp2VhqD0kLS0gJzNvqXN0ZXI9MTpjMmQjNDt5MTA5OSZ1nWQ9U2VenW5xo1NQoGF5ZXI2NTt3ZTU1MDZvNWEkJaB1YyVloD1bqHRjplUmQSUlRvUlRz5up2kyZGFlZC5mnG9eo2RyYWjhpaUyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9nWykJaB4nWQ9MmAlOTI5Y2I2ODZwYTIjMTImZTQlZwFwYWI3ZWUmNTU=
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:31 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MRf2sHI8OcGLZii7hUAXiJ7rjBnhNXkYqarmT55zTnwfj30aRl7sAA==

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4E7B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYflVAAJQ5kLrwBU

43 B
61 B

47ms
46ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYflVAAJQ5kLrwBU
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-yyz4574-YYZ
pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1703404894.712184,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZYflVAAJQ5kLrwBU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 268b4eba-bdf1-e182-d24a-6b6caf322e48
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4E7B 43 B
602 B 110ms
39ms Image
image/gif 54.144.174.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/268b4eba-bdf1-e182-d24a-6b6caf322e48?gdpr=0

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.144.174.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 4E7B 43 B
855 B 47ms
45ms Image
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ea9a5483-31f7-c831-2393-ff0e385628e1

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SSZ5R9JAMY8A5CHD4PCT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4E7B
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=b24c28fe-2d5d-73cb-e39d-7d995065e301&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=06520073-fb72-4ed5-983e-803febf0635f&ttd_puid=b24c28fe-2d5d-73cb-e39d-7d995065e301&gdpr=0&gdpr_consent=

43 B
240 B

44ms
44ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=06520073-fb72-4ed5-983e-803febf0635f&ttd_puid=b24c28fe-2d5d-73cb-e39d-7d995065e301&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=06520073-fb72-4ed5-983e-803febf0635f&ttd_puid=b24c28fe-2d5d-73cb-e39d-7d995065e301&gdpr=0&gdpr_consent=
date: Sun, 24 Dec 2023 08:01:33 GMT
server: Kestrel
content-length: 335

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 4E7B 170 B
188 B 41ms
40ms Image
image/png 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWUyM2ZiMzQtZTQyYS0yZDZmLWY2N2QtMjcyMDlhODcyZDYx

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4E7B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFL7GrXsnT5ctiPXfUKuxSo&google_cver=1

43 B
163 B

46ms
45ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFL7GrXsnT5ctiPXfUKuxSo&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFL7GrXsnT5ctiPXfUKuxSo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 362A 43 B
2 KB 37ms
34ms Image
image/gif 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=76&3pid=d49e8eef-9e7f-4896-afcb-4e663d50bc7c&gdpr=0&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:33 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 362A
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072977&val=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=

43 B
61 B

48ms
47ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072977&val=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://us-u.openx.net/w/1.0/sd?id=537072977&val=ad2031b8-a039-45f1-a21f-1439ef393140-6587e55d-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 receive
pixel.tapad.com/idsync/ex/ Frame 362A 95 B
124 B 49ms
46ms Image
image/png 34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=be0e23d3-2fcc-4f1c-a296-6016766d4222

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:33 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58294/ Frame 362A 0
442 B 1151ms
40ms Image
text/plain 3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=96b4d3a6-aca1-48d2-bb50-39cad2427747

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:34 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 362A
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
https://id.rlcdn.com/464246.gif?partner_uid=edb62f49-b98c-44fb-b70e-78337c7ae2f6
https://pippio.com/api/sync?pid=5324&it=1&iv=785e6c9be484ac6ab49702a5ef9257229c51e4826ded9d6b01479fe9cb3e14f6791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=785e6c9be484ac6ab49702a5ef9257229c51e4826ded9d6b01479fe9cb3e14f6791426b5417dce21&rand=06109510

0
247 B

125ms
63ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=785e6c9be484ac6ab49702a5ef9257229c51e4826ded9d6b01479fe9cb3e14f6791426b5417dce21&rand=06109510
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:33 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A510CA0B0B6444B2B9A88C7A4D9C5603 Ref B: YTO01EDGE0716 Ref C: 2023-12-24T08:01:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNPNueP4AP7ddSCu/tEA==

Redirect headers

date: Sun, 24 Dec 2023 08:01:33 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=785e6c9be484ac6ab49702a5ef9257229c51e4826ded9d6b01479fe9cb3e14f6791426b5417dce21&rand=06109510
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 362A
Redirect Chain

https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1067000970582424152

43 B
61 B

47ms
46ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072399&val=1067000970582424152
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
an-x-request-uuid: 57ce9e05-91b7-4f00-b229-a118b58c0580
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://us-u.openx.net/w/1.0/sd?id=537072399&val=1067000970582424152
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 362A
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3721385948713308019&gdpr=0&gdpr_consent=&us_privacy=1---

43 B
61 B

48ms
48ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3721385948713308019&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3721385948713308019&gdpr=0&gdpr_consent=&us_privacy=1---
pragma: no-cache
date: Sun, 24 Dec 2023 08:01:33 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
107 B 329ms
85ms XHR
text/plain 35.80.171.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=oRYCgHkGUKLfxW_auclI
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.80.171.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-171-153.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:35 GMT
access-control-allow-credentials: true

GET
H2 204 v5 Show response
yield-manager.browsiprod.com/supply/ 0
234 B 414ms
85ms XHR
text/plain 18.238.55.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yield-manager.browsiprod.com/supply/v5?sk=d_mapping&pk=freestar&url=https%3A%2F%2Fnasledard.shokodeal.ru%2F&bid=oRYCgHkGUKLfxW_auclI&at=Boing%20Boing%20-%20A%20Directory%20of%20Mostly%20Wonderful%20Things%20-%20Boing%20Boing&sw=1600&sh=1200
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-70.jfk52.r.cloudfront.net
Software: akka-http/10.2.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Dec 2023 08:01:35 GMT
via: 1.1 92c9325fb1bf81aabb598856cb037f78.cloudfront.net (CloudFront)
server: akka-http/10.2.1
x-amz-cf-pop: JFK52-P4
x-amz-cf-id: oQPImM8rptXmd8unr0gPjaG1Pky3YnjXcN7ImRorR64TgJ-6OHuJ8A==
x-cache: Miss from cloudfront

GET
H3 200 liveView.php
live.primis.tech/live/ 0
344 B 39ms
38ms Image
text/html 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTpjMmQjNDt4MCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE1NwA1JaN0YT0jJat9NDAjJax9MwplJaZcZF9jYXNmRG9gYWyhPW5up2kyZGFlZC5mnG9eo2RyYWjhpaUzp3VvSWQ9ozFmoGVxYXJxLaNbo2giZGVuoC5lqSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaNxn3Y9JaVmZXJJpEFxZHI9MTA3LwE3NS4kMDIhMTxlJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwElMC4jLwYjOTxhMTA5JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTt3ZTU1MDNyOTY3JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzR1pw03OTxzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTEzY2NjYUNioaNyoaQ9MS0gLSZwYaVmqGVlPTE3MDM0MDQ4OTY4OTYzqWyxPVNyn2yhZG9TUGkurWVlNwU4N2U1NTA2YwVuMSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZhYXNfZWRupzQhp2uin29xZWFfLaJ1JTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPWycpSZjrGyxPTY2MGI3OWZwMwYlYwpkNwplMwtlNwZvNmZyNzJuOWQ2
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:36 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: soDaYnWB1WhftJ0OMMBlQgSHgD0VwzpZWPp-FSKGQCXBit09pJ7iEQ==

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 6272 0
596 B 46ms
46ms Script
text/html 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:36 GMT
an-x-request-uuid: 82ec57f1-0725-416d-ba53-e3528eb3798d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame C228 2 KB
1 KB 67ms
66ms Document
text/html 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnasledard.shokodeal.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 129deaeaf093e54507af8d76f865e22ae6c9b8f408c1625acd2552ad7970bf10

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83a7513dd9515407-YYZ
content-encoding: br
content-type: text/html
date: Sun, 24 Dec 2023 08:01:36 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C63k3BvRQ2TZ%2BXQvaQHyDXbKDXrdnRc5GoxCqxFZkTokssm19dC%2B9X624m3XlGTAjshH7dCqSLcCl0RtkOo5RNEadFDfY5Lpu94pI6n5mvwc8dy72ROAWp09PLB1GUbbLgHDkPqieuf8Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

202

colossus
ids.ad.gt/api/v1/ Frame 6EC7
Redirect Chain

https://x.bidswitch.net/sync?ssp=huddledmss
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=huddledmss&gdpr=&gdpr_consent=&us_privacy=
https://x.bidswitch.net/sync?user_id=AAHiHE7LD8sAABbN-sajhg&dsp_id=269&expires=5&ssp=huddledmss
https://sync.colossusssp.com/bidswitch.gif?puid=df2d9817-3b0d-41e7-ae4e-a92eb0d065cd
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=874554c6-54cd-42df-ac8b-523514fbc48f

43 B
95 B

115ms
114ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=874554c6-54cd-42df-ac8b-523514fbc48f
Requested by: Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.colossusssp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a7513fad2e36c5-YYZ
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:37 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
Location: https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=874554c6-54cd-42df-ac8b-523514fbc48f
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

cookie
openrtb.cootlogix.com/api/ Frame 6EC7
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.colossusssp.com/ap.gif?puid=$UID
https://sync.colossusssp.com/ap.gif?puid=1067000970582424152
https://openrtb.cootlogix.com/api/cookie?userId=874554c6-54cd-42df-ac8b-523514fbc48f&partnerId=colossus

43 B
620 B

35ms
30ms

Image
image/avif

161.35.4.97
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openrtb.cootlogix.com/api/cookie?userId=874554c6-54cd-42df-ac8b-523514fbc48f&partnerId=colossus
Requested by: Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol: H2
Server: 161.35.4.97 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.colossusssp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
access-control-allow-methods: GET, HEAD, OPTIONS, POST
content-type: image/avif
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:36 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
Location: https://openrtb.cootlogix.com/api/cookie?userId=874554c6-54cd-42df-ac8b-523514fbc48f&partnerId=colossus
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

204

rmpssp
sync.1rx.io/usersync2/ Frame 6EC7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=9um7azn&ttd_tpi=1
https://sync.colossusssp.com/td.gif?puid=06520073-fb72-4ed5-983e-803febf0635f&ttl=1705996896
https://sync.1rx.io/usersync2/rmpssp?sub=colossus

0
98 B

37ms
34ms

Image
text/plain

69.194.240.13
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Requested by: Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol: H2
Server: 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.colossusssp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:37 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
Location: https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 cookie
openrtb.cootlogix.com/api/ Frame 6EC7 43 B
617 B 106ms
31ms Image
image/avif 161.35.4.97
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openrtb.cootlogix.com/api/cookie?userId=874554c6-54cd-42df-ac8b-523514fbc48f&partnerId=colossus
Requested by: Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.35.4.97 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.colossusssp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
access-control-allow-methods: GET, HEAD, OPTIONS, POST
content-type: image/avif
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

GET
H2

204

rmpssp
sync.1rx.io/usersync2/ Frame 6EC7
Redirect Chain

https://id.rlcdn.com/712075.gif?ct=2&cv=
https://sync.colossusssp.com/4560195433dd0d468e9a635d097ffb01.gif?puid=
https://sync.1rx.io/usersync2/rmpssp?sub=colossus

0
98 B

36ms
34ms

Image
text/plain

69.194.240.13
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Requested by: Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol: H2
Server: 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.colossusssp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:37 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
Location: https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 6EC7
Redirect Chain

https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]&us_privacy=[CCPA]&redirectUri=https%3A%2F%2Fsync.colossusssp.com%2F021909c6bcf2644c2583393eed86ca15.gif%3Fpuid%3D%24UID%26gdpr%3D%26gdpr_conse...
https://sync.colossusssp.com/021909c6bcf2644c2583393eed86ca15.gif?puid=3zV1Lwwll1wySktIvmzy&gdpr_consent=&gdpr=[GDPR]&us_privacy=[CCPA]
https://pixel.tapad.com/idsync/ex/receive?partner_id=3427&partner_device_id=874554c6-54cd-42df-ac8b-523514fbc48f
https://dpm.demdex.net/ibs:dpid=540&dpuuid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=69768614742219326251872147515863441461&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C

95 B
124 B

47ms
46ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=69768614742219326251872147515863441461&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C

Requested by

Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.colossusssp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

dcs: dcs-prod-usw2-1-v050-07335d0d8.edge-usw2.demdex.com 2 ms
pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: j5KEEbxjTWQ=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=69768614742219326251872147515863441461&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 cookie
sync.cootlogix.com/api/ Frame 6EC7 43 B
910 B 107ms
32ms Image
image/avif 159.223.140.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=874554c6-54cd-42df-ac8b-523514fbc48f
Requested by: Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.140.19 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.colossusssp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
access-control-allow-methods: GET, HEAD, OPTIONS, POST
content-type: image/avif
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

GET
H2 202 colossus
ids.ad.gt/api/v1/ Frame 6EC7 43 B
121 B 114ms
109ms Image
image/gif 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=874554c6-54cd-42df-ac8b-523514fbc48f
Requested by: Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.colossusssp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a7513dfba236c5-YYZ
content-length: 43
content-type: image/gif

GET
H2

200

cookie
openrtb.cootlogix.com/api/ Frame 6EC7
Redirect Chain

https://match.prod.bidr.io/cookie-sync/col
https://sync.colossusssp.com/500e7b56c46df78315584d09f505b8d4.gif?puid=AAHiHE7LD8sAABbN-sajhg
https://openrtb.cootlogix.com/api/cookie?userId=874554c6-54cd-42df-ac8b-523514fbc48f&partnerId=colossus

43 B
615 B

34ms
31ms

Image
image/avif

161.35.4.97
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openrtb.cootlogix.com/api/cookie?userId=874554c6-54cd-42df-ac8b-523514fbc48f&partnerId=colossus
Requested by: Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol: H2
Server: 161.35.4.97 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.colossusssp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
access-control-allow-methods: GET, HEAD, OPTIONS, POST
content-type: image/avif
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:37 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
Location: https://openrtb.cootlogix.com/api/cookie?userId=874554c6-54cd-42df-ac8b-523514fbc48f&partnerId=colossus
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 6EC7
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3427&partner_device_id=874554c6-54cd-42df-ac8b-523514fbc48f
https://dpm.demdex.net/ibs:dpid=540&dpuuid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=5242fdf3-107d-47a2-b8fa-e97d01d08b23&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=67669841489322485280803933297627857586&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C

95 B
124 B

48ms
47ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=67669841489322485280803933297627857586&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C

Requested by

Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.colossusssp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

dcs: dcs-prod-usw2-1-v050-0b4fa5c59.edge-usw2.demdex.com 2 ms
pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: dzmsGsTITNQ=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=67669841489322485280803933297627857586&pt=5242fdf3-107d-47a2-b8fa-e97d01d08b23%2C%2C
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

202

colossus
ids.ad.gt/api/v1/ Frame 6EC7
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub9891457922432
https://sync.colossusssp.com/7fe59af1e9f84455a7de453521d1626d.gif?puid=OPU743f45a610bf4674a78d351a78902a34
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=874554c6-54cd-42df-ac8b-523514fbc48f

43 B
95 B

115ms
114ms

Image
image/gif

104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=874554c6-54cd-42df-ac8b-523514fbc48f
Requested by: Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol: H2
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.colossusssp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a751403d9236c5-YYZ
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 08:01:37 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
Location: https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=874554c6-54cd-42df-ac8b-523514fbc48f
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 204 363546c6-f8af-4f33-8c94-663c5bd45eaa
ex.ingage.tech/v1/sync/colossus/ Frame 6EC7 0
244 B 128ms
57ms Image
text/plain 104.22.5.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ex.ingage.tech/v1/sync/colossus/363546c6-f8af-4f33-8c94-663c5bd45eaa?uid=874554c6-54cd-42df-ac8b-523514fbc48f
Requested by: Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.colossusssp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
cache-control: private, max-age=1296000
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83a7513e68313905-YYZ
vary: Origin

GET
H2 204 rmpssp
sync.1rx.io/usersync2/ Frame 6EC7 0
99 B 104ms
33ms Image
text/plain 69.194.240.13
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync2/rmpssp?sub=colossus
Requested by: Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.colossusssp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame C228
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEK42cFUTb8ochlWugZ_wMNY&google_cver=1

43 B
734 B

81ms
80ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEK42cFUTb8ochlWugZ_wMNY&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnasledard.shokodeal.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZklH36tEs6fdOEmSWNnLR%2B0JrD3%2FFLzlmFjhHjwnKL4JONShWzLr2VB%2FqsW00r9xVRzjalgX94OvwCx7Cmb2diHKxODPxUKGXdsMh5blgMsE%2BWf2G5m6bQ1Sg0C80%2BJtjFoeR5MtRbnVig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a7513e99ac5407-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEK42cFUTb8ochlWugZ_wMNY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C228 43 B
601 B 52ms
37ms Image
image/gif 54.144.174.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnasledard.shokodeal.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.144.174.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame C228
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1067000970582424152

43 B
735 B

61ms
61ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1067000970582424152
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnasledard.shokodeal.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNZnkPtgcG7Kpt%2BN3FOudS7ljl6ATv4zoV64dRis2TyLoFBgf1GswYn%2FsSPqSiBnFD%2B%2BSls9Qvv026zp4CZ%2BJLUdUhAO930Jor62BgfQm%2BpUeQziKv8zXkKRcslZt9LCbvGpgwqT2MxTDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a7513ed9cd5407-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
an-x-request-uuid: cef967ee-24c1-4ce9-905b-c82091e97421
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1067000970582424152
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

pixie
jelly.mdhv.io/v4/ Frame C228
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZYflVG8tfarUEZN0xqK2lwAABO8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5242c14bc6ee0b5b49d4dde4a4ab3b8&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=ume3124_7316077244501266413&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NTI0MmMxNGJjNmVlMGI1YjQ5ZDRkZGU0YTRhYjNiOA==&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHBo75wkvyppqHH7JfZyYi0&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=06520073-fb72-4ed5-983e-803febf0635f&gdpr=0&gdpr_consent=
https://pr-bh.ybp.yahoo.com/sync/stickyads/5242c14bc6ee0b5b49d4dde4a4ab3b8?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-rNgO13RE2oP8.kEqlkuEKVR1PML.04Ctq5961owm~A
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?userId=AAHiHE7LD8sAABbN-sajhg&dataProviderId=817&gdpr=0
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=WHQkI6km1Rhjqy5&gdpr=0
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=1067000970582424152&gdpr=0&gdpr_consent=&gdpr=0
https://jelly.mdhv.io/v4/pixie?gdpr=0&gdpr_consent=

0
0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame C228
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6426327277908847192&expiration=1704614497

43 B
730 B

57ms
56ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6426327277908847192&expiration=1704614497
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnasledard.shokodeal.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gHAXhoKd5UKmrqOGXVuSlrPlKTMFIds9tl2I6HtqpAujRCUwHvzy4RK2xoM%2FCE5qMVrw2B8mPhKz24I%2Bgbkt1cKus1cqJftMkIDT53hssCg5SNWahqcSIJ9fzP4SSXBPeF2dmNjap3wvw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a7513f5a135407-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6426327277908847192&expiration=1704614497
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame C228
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B951624FAB8C4F00B53129B5A511D369

43 B
736 B

56ms
54ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B951624FAB8C4F00B53129B5A511D369
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnasledard.shokodeal.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfVwkSXDxL%2FfWcbmML65UO8iH%2Bf%2B2PCyou%2BgvGdscSr7cIoplifJu1e%2BMjUrmyzDMWaY4khW63z6a1HODIuAxkhjMLfL8yDtfVVBz8qKt4TDKRCMmLdNPUb7SGFXX8EJRGZWrTbYuFft7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a7513f7a225407-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Sun, 24 Dec 2023 08:01:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=B951624FAB8C4F00B53129B5A511D369
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 23 Dec 2023 08:01:37 GMT

GET
H2 200 113
match.deepintent.com/usersync/ Frame C228 0
339 B 104ms
34ms Image
image/gif 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnasledard.shokodeal.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 24 Dec 2023 08:01:36 GMT
server: c
content-length: 0
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

GET
H3

200

crum
dsum.casalemedia.com/ Frame C228
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=258ba699-6871-9a3b-ad79d527

43 B
722 B

65ms
64ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=258ba699-6871-9a3b-ad79d527
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnasledard.shokodeal.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hu6L2Uk9bs64k8xGmeBze5H8X1ZYU30LFx5lSF4AUSYbNCiTPyJeT3%2FJMHUwPXx8vMWS69Ibk23aIhdpuTEodw6Q1YlOSU8iiRyykbOdFaS0U9YmFwM3jDyWhrMVkq4X%2FSdJXQ8A"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a751455e165407-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Sun, 24 Dec 2023 08:01:38 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=258ba699-6871-9a3b-ad79d527
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame C228 43 B
253 B 44ms
34ms Image
image/gif 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZYflVG8tfarUEZN0xqK2lwAA%261263
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnasledard.shokodeal.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 75478
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 83a7513e6d8939db-YYZ
content-length: 43
expires: Mon, 25 Dec 2023 08:01:37 GMT

GET
H3 200 liveView.php
live.primis.tech/live/ 0
344 B 41ms
39ms Image
text/html 18.238.80.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQlJaNypaZypyRcoWU9MTpjMmQjNDt4MCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTE1NwA1JaN0YT0jJat9NDAjJax9MwplJaZcZF9jYXNmRG9gYWyhPW5up2kyZGFlZC5mnG9eo2RyYWjhpaUzp3VvSWQ9ozFmoGVxYXJxLaNbo2giZGVuoC5lqSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaNxn3Y9JaVmZXJJpEFxZHI9MTA3LwE3NS4kMDIhMTxlJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwElMC4jLwYjOTxhMTA5JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02NTt3ZTU1MDNyOTY3JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzR1pw04MDAzZ2Rjpw0jJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MSZwY3BuPTEzY2NjYUNioaNyoaQ9MS0gLSZwYaVmqGVlPTE3MDM0MDQ4OTpjNDMzqWyxPVNyn2yhZG9TUGkurWVlNwU4N2U1NTA2YwVuMSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZhYXNfZWRupzQhp2uin29xZWFfLaJ1JTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPWycpSZjrGyxPTM4ZGI3MzVxZTU2NzImZzIjMDMlMWI1MzRwMGY4MTU3
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.80.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-80-86.jfk52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:36 GMT
content-encoding: gzip
via: 1.1 43034476d4f59b84d702b480b160bb88.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: JFK52-P5
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -ReTiHUZtSdLkdpfuALQFUNxq55FgRV2po7JaTL7Q0vTgRIp2bKTRQ==

GET
H3 200 w_480_00006.ts Show response
video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/ 440 KB
440 KB 46ms
45ms XHR
video/mp2t 18.164.116.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn1/video/users/hls/31067/video_623c2709ac573196885360/vid657bebae4d6be774185068.mp4/w_480_00006.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.164.116.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-41.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: e29be939bb5df663667032f8d4f50c11c54e07f2f6060dd4090c387071de7e8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:30:13 GMT
via: 1.1 fc5ebd2517d85e358aa686aaadd64c2a.cloudfront.net (CloudFront), 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
age: 153084
x-amz-cf-pop: IAD55-P3, JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 450260
last-modified: Fri, 15 Dec 2023 15:10:46 GMT
server: nginx
etag: "64c8312164c1a2574ddad165124bcf36"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: mbLTNn4XvtWOsodrZpMsWDDWijffhgbkPWrzzdSVhEor-8DP2vdEhg==
expires: Fri, 05 Jan 2024 13:30:13 GMT

GET
H2 200 track
servt.unrulyvideo.com/ 0
143 B 102ms
35ms Image
text/plain 96.46.186.186
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.unrulyvideo.com/track?pid=603f65a2e291680ef30af9c7&cid=632c5d4e92169f17d861cb48&cb=1703404876656&r=nasledard.shokodeal.ru&stagid=62af35d851923c62777207b4&stplid=62b08bd1ff25cd1ac30f2fb8&d35=&cd10=1021419&e=AV_M3&prbdres=nopos&sn=https%3A%2F%2Fnasledard.shokodeal.ru%2F
Requested by: Host: nasledard.shokodeal.ru
URL: https://nasledard.shokodeal.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nasledard.shokodeal.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 08:01:37 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 6272 0
596 B 33ms
32ms Script
text/html 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:37 GMT
an-x-request-uuid: ee4d858b-19bf-4472-8345-75f902f81860
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 70C1 0
65 B 28ms
25ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nasledard.shokodeal.ru
date: Sun, 24 Dec 2023 08:01:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 70C1 184 B
478 B 37ms
35ms XHR
application/json 69.173.151.96
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 47f32cf99fce2f649d1f2d2ad5d9ffc39d8997581e51b2a6baa09735b0170697

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/2.5.0
Content-Type: application/json
access-control-allow-origin: https://nasledard.shokodeal.ru
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 70C1 143 B
965 B 126ms
123ms XHR
application/json 68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_19.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.76 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

3f445b570270ba607535d3484de46e3183f005724ee06f1199674eb89e130073

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nasledard.shokodeal.ru/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 08:01:38 GMT
an-x-request-uuid: 625a3db9-fe1f-4aa3-a497-fc993384116b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nasledard.shokodeal.ru
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 107.175.102.192; 107.175.102.192; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 143
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 70C1 23 B
468 B 41ms
41ms XHR
text/javascript 108.138.126.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnasledard.shokodeal.ru%2F&pid=c8soROL6tD4ku&cb=2&ws=1x1&v=23.1211.1645&t=2000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A500%2C%22id%22%3A%22aps_primis_oustream_ron%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!freestar.com%2C551%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A75%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*9TgQbitbpmH7F56hs_k3X6uCAByChNb5VEtE0E6TJIR3VJY6tVkfnmq7yxMiHQPud1VnpwuEUKUotNkfMLe6-g%22%2C%22pubcommon%22%3A%228adfed9c-59b1-4c00-b144-330a94a1e2e1%22%2C%22audigent%22%3A%22%257B%2522hadronId%2522%253A%252206066cii6aa9gc9d7ede8i7jcaalegaklfh00iuu0ee6qi6k2mkm4u2wiee0mqey0%2522%257D%22%2C%22lotame%22%3A%227b818566538d252b25c65412a53bbd9563cee885763913b6f4cd159309a5c0fa%22%7D%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.126.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS