www.empowher.com Open in urlscan Pro
104.26.11.151 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.empowher.com/users/covertail9
Submission: On October 23 via manual (October 23rd 2022, 5:53:22 pm UTC) from RO — Scanned from AU

Summary HTTP 174 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 47 IPs in 5 countries across 38 domains to perform 174 HTTP transactions. The main IP is 104.26.11.151, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.empowher.com. The Cisco Umbrella rank of the primary domain is 472059.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 30th 2022. Valid for: a year.

This is the only time www.empowher.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	104.26.11.151 104.26.11.151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.194.95 172.217.194.95	15169 (GOOGLE) (GOOGLE)
1	142.250.4.95 142.250.4.95	15169 (GOOGLE) (GOOGLE)
2	23.52.112.115 23.52.112.115	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.22.21.108 104.22.21.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.70.1.181 195.70.1.181	12333 (DFINET Ge...) (DFINET Geneva)
1	104.83.196.24 104.83.196.24	16625 (AKAMAI-AS) (AKAMAI-AS)
9	13.225.2.118 13.225.2.118	16509 (AMAZON-02) (AMAZON-02)
4	142.251.10.102 142.251.10.102	15169 (GOOGLE) (GOOGLE)
1	23.72.45.55 23.72.45.55	16625 (AKAMAI-AS) (AKAMAI-AS)
4	157.240.13.19 157.240.13.19	32934 (FACEBOOK) (FACEBOOK)
1	151.101.192.65 151.101.192.65	54113 (FASTLY) (FASTLY)
5	74.125.24.154 74.125.24.154	15169 (GOOGLE) (GOOGLE)
1	104.22.20.108 104.22.20.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	13.35.17.5 13.35.17.5	16509 (AMAZON-02) (AMAZON-02)
1	142.251.10.156 142.251.10.156	15169 (GOOGLE) (GOOGLE)
3 21	142.250.4.155 142.250.4.155	15169 (GOOGLE) (GOOGLE)
1	172.217.194.104 172.217.194.104	15169 (GOOGLE) (GOOGLE)
1	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
2	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
2 8	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1	54.241.194.120 54.241.194.120	16509 (AMAZON-02) (AMAZON-02)
1	142.250.4.154 142.250.4.154	15169 (GOOGLE) (GOOGLE)
1	142.251.10.157 142.251.10.157	15169 (GOOGLE) (GOOGLE)
1	74.125.24.132 74.125.24.132	15169 (GOOGLE) (GOOGLE)
1	23.72.45.156 23.72.45.156	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.84.251.95 52.84.251.95	16509 (AMAZON-02) (AMAZON-02)
1 9	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6	23.9.185.218 23.9.185.218	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	50.116.239.135 50.116.239.135	6336 (TURN-US-ASN) (TURN-US-ASN)
1	52.193.163.182 52.193.163.182	16509 (AMAZON-02) (AMAZON-02)
3 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.42 124.146.215.42	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	13.227.254.74 13.227.254.74	16509 (AMAZON-02) (AMAZON-02)
11	52.119.187.0 52.119.187.0	16509 (AMAZON-02) (AMAZON-02)
5 11	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	69.173.151.100 69.173.151.100	() ()
1 2	52.77.4.205 52.77.4.205	16509 (AMAZON-02) (AMAZON-02)
1	52.95.126.138 52.95.126.138	() ()
1	13.107.42.14 13.107.42.14	() ()
2	69.173.158.67 69.173.158.67	() ()
3	106.10.218.42 106.10.218.42	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
1	34.96.111.110 34.96.111.110	() ()
15	119.161.10.12 119.161.10.12	() ()
3	54.255.143.58 54.255.143.58	() ()
5	106.10.236.40 106.10.236.40	() ()
3	72.247.127.224 72.247.127.224	() ()
3	52.95.131.38 52.95.131.38	() ()
1 2	35.227.252.103 35.227.252.103	() ()
1	202.131.200.84 202.131.200.84	() ()
1 1	103.229.206.241 103.229.206.241	() ()
174	47

21 104.26.11.151 (United States)

ASN13335 (CLOUDFLARENET, US)

www.empowher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.112.115 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-112-115.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.21.108 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

widget.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.70.1.181 (Geneva, Switzerland)

ASN12333 (DFINET Geneva, Switzerland, CH)
PTR: 181.1.70.195.rev.dfinet.net

www.honcode.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.225.2.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-2-118.sin52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.10.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.72.45.55 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-45-55.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.13.19 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.65 (United States)

ASN54113 (FASTLY, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.20.108 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

api.privy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.35.17.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-17-5.sin5.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.4.155 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.104 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.241.194.120 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-194-120.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net

5f134eb73da58455e85f9ff8bcbc7196.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.72.45.156 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-45-156.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.251.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-95.sin5.r.cloudfront.net

js.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.9.185.218 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-185-218.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.116.239.135 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.193.163.182 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-163-182.ap-northeast-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.42 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.254.74 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-74.sin52.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.119.187.0 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)

aax-fe-sin.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 69.173.158.64 (Singapore, Singapore) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (None, ) 1 redirects

ASN- ()

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.77.4.205 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-4-205.ap-southeast-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.126.138 (None, )

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.158.67 (None, )

ASN- ()

beacon-sin1.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 106.10.218.42 (Singapore, Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: pr-ats-ing.pbp.vip.sg3.yahoo.com

pr.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.111.110 (None, )

ASN- ()

ox-rtb-asia-southeast1.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 119.161.10.12 (None, )

ASN- ()

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.255.143.58 (None, )

ASN- ()

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 106.10.236.40 (None, )

ASN- ()

cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beap-bc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.247.127.224 (None, )

ASN- ()

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.131.38 (None, )

ASN- ()

ta0027.s3.ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (None, ) 1 redirects

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.131.200.84 (None, )

ASN- ()

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.241 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 313 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534 s.amazon-adsystem.com — Cisco Umbrella Rank: 296 aax-fe-sin.amazon-adsystem.com — Cisco Umbrella Rank: 16552 aax-eu.amazon-adsystem.com aax.amazon-adsystem.com	223 KB
22	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 84 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	170 KB
21	empowher.com www.empowher.com — Cisco Umbrella Rank: 472059	286 KB
20	rubiconproject.com 6 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 596 token.rubiconproject.com — Cisco Umbrella Rank: 682 pixel-us-east.rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 347 beacon-sin1.rubiconproject.com	39 KB
15	yimg.com s.yimg.com	104 KB
12	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 664 us-u.openx.net — Cisco Umbrella Rank: 409 jp-u.openx.net — Cisco Umbrella Rank: 10520 ox-rtb-asia-southeast1.openx.net rtb.openx.net	2 KB
7	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426 pr.ybp.yahoo.com — Cisco Umbrella Rank: 3450 beap-bc.yahoo.com	13 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	213 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	200 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
3	amazonaws.com ta0027.s3.ap-southeast-2.amazonaws.com	147 KB
3	createjs.com code.createjs.com	188 KB
3	js7k.com cdn.js7k.com	43 KB
3	zprk.io pixel.zprk.io	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 356	1 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 24354	1 KB
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 766	852 B
2	gumgum.com js.gumgum.com — Cisco Umbrella Rank: 3861 g2.gumgum.com — Cisco Umbrella Rank: 1430	39 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	google.com.au www.google.com.au — Cisco Umbrella Rank: 23161 adservice.google.com.au — Cisco Umbrella Rank: 109731	1 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 78	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	7 KB
2	privy.com widget.privy.com — Cisco Umbrella Rank: 16311 api.privy.com — Cisco Umbrella Rank: 16505	98 KB
2	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1623 m.addthis.com Failed	140 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 ajax.googleapis.com — Cisco Umbrella Rank: 306	34 KB
1	mathtag.com 1 redirects sync.mathtag.com	644 B
1	ad-m.asia sync-dsp.ad-m.asia	243 B
1	linkedin.com px.ads.linkedin.com	575 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1201	859 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 404	1 KB
1	googlesyndication.com 5f134eb73da58455e85f9ff8bcbc7196.safeframe.googlesyndication.com pagead2.googlesyndication.com Failed	4 KB
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1192	650 B
1	marinsm.com tag.marinsm.com — Cisco Umbrella Rank: 32574	530 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3184	144 KB
1	media.net contextual.media.net — Cisco Umbrella Rank: 570	82 KB
1	honcode.ch www.honcode.ch — Cisco Umbrella Rank: 24853	2 KB
0	addthisedge.com Failed v1.addthisedge.com Failed
0	nex8.net Failed cs.nex8.net Failed
174	38

	Domain	Requested by
21	www.empowher.com	www.empowher.com
15	s.yimg.com	pr.ybp.yahoo.com aax-fe-sin.amazon-adsystem.com s.yimg.com code.createjs.com
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.empowher.com
11	aax-fe-sin.amazon-adsystem.com	c.amazon-adsystem.com aax-fe-sin.amazon-adsystem.com www.empowher.com
9	c.amazon-adsystem.com	www.empowher.com c.amazon-adsystem.com aax-fe-sin.amazon-adsystem.com
8	s.amazon-adsystem.com	2 redirects c.amazon-adsystem.com s.amazon-adsystem.com u.openx.net eus.rubiconproject.com
7	token.rubiconproject.com	4 redirects eus.rubiconproject.com aax-fe-sin.amazon-adsystem.com
6	cm.g.doubleclick.net	3 redirects u.openx.net eus.rubiconproject.com
6	eus.rubiconproject.com	s.amazon-adsystem.com eus.rubiconproject.com aax-fe-sin.amazon-adsystem.com
5	www.googletagservices.com	www.empowher.com securepubads.g.doubleclick.net
4	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
4	us-u.openx.net	u.openx.net aax-fe-sin.amazon-adsystem.com us-u.openx.net
4	connect.facebook.net	www.empowher.com connect.facebook.net
4	www.google-analytics.com	www.empowher.com www.google-analytics.com
3	ta0027.s3.ap-southeast-2.amazonaws.com	s.yimg.com
3	code.createjs.com	s.yimg.com
3	aax.amazon-adsystem.com	www.empowher.com
3	cdn.js7k.com	pr.ybp.yahoo.com
3	pixel.zprk.io	pr.ybp.yahoo.com
3	pr.ybp.yahoo.com	aax-fe-sin.amazon-adsystem.com
3	jp-u.openx.net	u.openx.net us-u.openx.net
3	match.adsrvr.org	3 redirects
2	beap-bc.yahoo.com	cdn.js7k.com
2	rtb.openx.net	1 redirects us-u.openx.net
2	beacon-sin1.rubiconproject.com	aax-fe-sin.amazon-adsystem.com
2	pr-bh.ybp.yahoo.com	1 redirects us-u.openx.net
2	cr-p3.ladsp.com	2 redirects
2	ad.turn.com	2 redirects
2	u.openx.net	1 redirects s.amazon-adsystem.com
2	www.facebook.com	www.empowher.com
2	cdnjs.cloudflare.com	www.empowher.com
2	s7.addthis.com	www.empowher.com s7.addthis.com
1	sync.mathtag.com	1 redirects
1	sync-dsp.ad-m.asia	us-u.openx.net
1	ox-rtb-asia-southeast1.openx.net	aax-fe-sin.amazon-adsystem.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	aax-eu.amazon-adsystem.com	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	tg.socdm.com	1 redirects
1	g2.gumgum.com	js.gumgum.com
1	js.gumgum.com	www.empowher.com
1	z.moatads.com	s7.addthis.com
1	5f134eb73da58455e85f9ff8bcbc7196.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.com.au	securepubads.g.doubleclick.net
1	jadserve.postrelease.com	s.ntv.io
1	www.google.com.au	www.empowher.com
1	www.google.com	www.empowher.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	api.privy.com	widget.privy.com
1	tag.marinsm.com	www.empowher.com
1	s.ntv.io	www.empowher.com
1	contextual.media.net	www.empowher.com
1	www.honcode.ch	www.empowher.com
1	widget.privy.com	www.empowher.com
1	ajax.googleapis.com	www.empowher.com
1	fonts.googleapis.com	www.empowher.com
0	pagead2.googlesyndication.com Failed	securepubads.g.doubleclick.net
0	m.addthis.com Failed	s7.addthis.com
0	v1.addthisedge.com Failed	s7.addthis.com
0	cs.nex8.net Failed	us-u.openx.net
174	62

This site contains links to these domains. Also see Links.

Domain
www.skinsafeproducts.com
jefferyblog.com
www.healthonnet.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-30` - `2023-04-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
www.honcode.ch Thawte RSA CA 2018	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-12-04` - `2022-12-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2022-10-31`	3 months	crt.sh
tag.marinsm.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-27` - `2023-10-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.gumgum.com Amazon	`2022-09-14` - `2023-10-11`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
aax-fe-sin.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.pbp.bf2.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-07` - `2022-12-07`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-10-17` - `2022-12-07`	2 months	crt.sh
*.zprk.io Amazon	`2022-10-19` - `2023-11-18`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
*.s3-ap-southeast-2.amazonaws.com Amazon	`2021-12-15` - `2022-12-14`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
sync-dsp.ad-m.asia GlobalSign GCC R3 DV TLS CA 2020	`2022-07-21` - `2023-08-22`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.empowher.com/users/covertail9
Frame ID: E179B23AE8CB8EB03E3233800EB64E78
Requests: 66 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_ox-db5_n-amobee&dcc=t
Frame ID: DD9C74B1F5B7AB750CD6A0EC251A56E4
Requests: 1 HTTP requests in this frame

Frame: https://5f134eb73da58455e85f9ff8bcbc7196.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F668C52B0131C58829E54A2D5C14AAB6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMdIUChmCgIdWpQoP5jjuLodi3oIUtlTRoTUjcmWkMwStYSmIewBV-S2okDJOKufzF6JF-MyXw_eCRJXLgnoyfKeR-SJ4-aIbeP5ly4Npdrn7c50za81mZZafIbQ8y6f09OTgqyNXqmn9iHcfGD0OwkFPw3OB53PZ201LqC3c35zWVTrJjHZWJpUI7nLcdWDoRXhGEXwyo00_QNuyNFoJ-6xfa0Bv-S8hwqJ9LK4tMZSQ1Lv012YN7qwKUjotTOxU4DmLpz_uQMqwvXr77KofHQwOj8nYD47MhIS6Hg7TKBS6AjOAtPqrWJxiLM6rCOyi9mlmK&sai=AMfl-YTYIw6ADGgaY_318EV7__Vs4LPqQM2Yd3PO4aAIEqfTCcPy2hkNWW2AXJYJgOmd5xX3ESeQN8KV0ORkur77HIfWTdXtGzdprfSs1-iYIvI7_Jthg54drZVJiLvitNsIkZOcGA&sig=Cg0ArKJSzP0Xzer51BgyEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E1C99D74BB2414AB124397836612213F
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJuULHCd17sdkvVz5nSvlPfgbLlw9JOe40SeTrbriQ5_iRlxoa-L6JDNPyKfrDEmKdL95m3fMDkoQDVoC-BvX5iwQmENdxrDufyD0xMtQklqvyYmqoPUP18xlqDyH1Y1oHi2yd1n7hmz1tdkyi60xLr9P-w1yfw-iXviq7I6m2K7bIfIe1Usn0IXMJcOxA42Y6YiO3pjKE_os6Rp_uJAzJ1bVw2Siqa5CWUhht6-3-jGbrxIie-gSipN3ttR22etnjunIL1yftAAmjU3rsWOkSPkibvS4SB4oVZdnLep86sy1zoWgWcsQP9aWUkiy9B7tFmonGLw&sai=AMfl-YQqVY08uiVoxLHMg0k89E7ayyqLnQeo_PNGoOn6bHw47rGWxFLeZm9XCRzhBiQciSjkfWF_BgQXZGQifFdNLIkFaBAaPFnv1IMIKvpFhDWwqxs32htkT6z8jzR0pZF3g5vXqYJ3W3vIhPgQeXIDwGM&sig=Cg0ArKJSzBTHlknXVwpzEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F3C890B7882BA18FF05C90B364A5BD3F
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCUou67oNHR2c3x8UcaYT9T3w3IBcjlpAQzHOQuZRF1L1_WzOXU8TelMVdz3IppGv57zY9gc3fss31YpLhhdvV3jaryrLi_slvslU-ypiHB3B1VNQX_-_S508wdC81rQNbblX1r5RQKs56OkQ_Nxk4JU93HjAHKmOVuYuqMW9ngr9V6w6w9oZaD26SNptALvYN6xdF_QmdrXCvqkQxO9i8o6xLUdupCKwQe22Q0JiKfzNOQja-bJTDl7EQzeGVseXH0M1HP7HJx8JTlUHCicm5ufixGDPBUPZFUINj8E4Uq7zdP1M0zLdAXqWv3Q93hFgToMfL9itz&sai=AMfl-YTkoNYxvdF2CaLnMd3M95ukkDRzk7mHwSwuJcY5b0SyHJQWFuKlU5DkXV604DbYiUokuNQuld8jiIdVInQM3I_dpHtrPeyZ67u2dhtOvFTobDwX7V9-n729VptGPz2Isq49&sig=Cg0ArKJSzCnSD9aKcWAyEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A38DB70F3E4BF05DABA8DCBAC14E9A3E
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyf7PAwsnQq9kCowSGQmDYLrTPdAPYWHJaBhddcvwNN-w09sM-NDic-iXxLYMOfvUmOJhepCfodUqjdPOLKeL2Wl61sBkviS31lB88buIEt5pajSL0qFTv_vq7s1S1qXofMTVYiak3FQYYsWWRO1hA_B6VqrA-PBVVCoiG7Q7NX2fODB64dsWX93hKZuGZU8e8B6dVgZ1y1iwMedH3E74kFo7Q52r7aQ_VNdsHVNrdZ1noiu3fYqAbAHF3qH24Wv_VfvlpaRPgOfWYAkMUCOiuiHgKQvKmJrbWfSKQo4rRyLHsBbsxsxL0fDTI_h2v9LVvgxj_&sai=AMfl-YSuTXz7vKVA7Kv_7iF263s5GWqnoT8YNNLsMsMWCJKqirPTscZXfohNwZh8KEOpP9UCHZBYWqJZKzkhuU_QSVT_V2IWzuAIl21PYwpU77YVrNK8km6q3RHxSDy7_S_Or9yY6Q&sig=Cg0ArKJSzEj5APK01pWaEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FAA07909F314FD7E52E57996DBAB4D28
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_ox-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: FB9F08BBDE74AC471406D91A0D0B30BD
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: E8C594A703E5FC11485E981DB025D94B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 64A0C862EB6FC4CCC2D161289ADBAB95
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=2387188589106948273
Frame ID: DD90D0D38EFE835B9EFDCB3F42740C2D
Requests: 1 HTTP requests in this frame

Frame: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a&rnd=7359936628671666547595875&pp=qupybk&p=t54lq8&crid=2974:5045116
Frame ID: ACEC9D0AF3D3F1F3313131EC5DE12505
Requests: 13 HTTP requests in this frame

Frame: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj&rnd=7708285815651666547595913&pp=qupybk&p=t54lq8&crid=2974:5045116
Frame ID: 9FA6348667F42F53B4F2C36F7C26F928
Requests: 11 HTTP requests in this frame

Frame: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW&rnd=2682420845261666547595895&pp=qupybk&p=bdul8g&crid=5045060
Frame ID: B2BBF8FDAE14C676AD5C8EC7BA35B67E
Requests: 12 HTTP requests in this frame

Frame: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
Frame ID: 9E2D6F55D58D442FDF2A5D4B2E588D3F
Requests: 6 HTTP requests in this frame

Frame: https://s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/6a3e0d92-62c6-4b90-8c36-32baadd94ef9.html
Frame ID: E25DDB95D57CFC0BCFB799145C309B6E
Requests: 6 HTTP requests in this frame

Frame: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
Frame ID: 69CA04736AC95FF1F662541A27F31237
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=as&co=au
Frame ID: A7E15A0755ECC424DBB139E32E282303
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=a2bf9d7a-e644-4ead-a00a-7c3fd53db43e
Frame ID: 855ED3F3F4F83BF130B76B8F61D94512
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=as&co=au
Frame ID: EFA887BC1122C7D5082B59436CC9CDA9
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C8D79E25773B89EC333CCC6816EE273D
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 29C787A5A4AC7174F9D542B4CA06FF08
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

covertail9's Profile

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

<(?:link|style)[^>]+"/sites/(?:default|all)/(?:themes|modules)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

174
Requests

87 %
HTTPS

0 %
IPv6

38
Domains

62
Subdomains

47
IPs

5
Countries

2198 kB
Transfer

6110 kB
Size

30
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.skinsafeproducts.com/
Title: SkinSAFE

Search URL Search Domain Scan URL

URL: https://jefferyblog.com/
Title: https://jefferyblog.com

Search URL Search Domain Scan URL

URL: https://www.healthonnet.org/HONcode/Conduct.html?HONConduct884166

Search URL Search Domain Scan URL

URL: https://www.healthonnet.org/HONcode/Conduct.html
Title: HONcode standard for trustworthy health

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_ox-db5_n-amobee HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_ox-db5_n-amobee&dcc=t

Request Chain 72

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Request Chain 74

https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=2387188589106948273

Request Chain 77

https://match.adsrvr.org/track/cmf/openx?oxid=81f2fe01-3df0-345a-548d-f336d10604f9&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=81f2fe01-3df0-345a-548d-f336d10604f9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c4963f58-4c67-45bb-bcca-3f446d2c9cec&ttd_puid=81f2fe01-3df0-345a-548d-f336d10604f9&gdpr=0&gdpr_consent=

Request Chain 78

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1V-jcCo8YEAAHKPTgYAAAAA

Request Chain 79

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AU_QTokakKQMks8ADv_jCIT2-s8AAAGEBfpDEQ

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMOg2ohl_I3Vu19ucN8E-FM&google_cver=1

Request Chain 95

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L9LNESSA-A-M5BP HTTP 302
https://s.amazon-adsystem.com/ecm3?id=L9LNESSA-A-M5BP&ex=d-rubiconproject.com&status=ok

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMo1GxdFBw1qETp-1tdThVM&google_cver=1

Request Chain 97

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/bkER0JnxJFEW6xod9QXnwA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4190231047972475105

Request Chain 99

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UoaWEafUR5mll93TTb7oaw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UoaWEafUR5mll93TTb7oaw

Request Chain 100

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c4963f58-4c67-45bb-bcca-3f446d2c9cec&gdpr=0&gdpr_consent=&expires=30

Request Chain 101

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGZiMzAxZDJiNzIzMzZhMDA3YmM0MDZlOWVkZDY1Zjg5NGVjYWQ0Yw

Request Chain 102

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlMTkVTU0EtQS1NNUJQ

Request Chain 103

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9LNESSA-A-M5BP

Request Chain 147

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=XqR0PZR2jXSy-b-BAh8-Qw==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 149

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=8bc86355-7f91-4d00-80d5-9819b90bbe95

Request Chain 150

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2387188589106948273&gdpr=0&gdpr_consent=&us_privacy=

174 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request covertail9 Show response
www.empowher.com/users/ 37 KB
12 KB 1383ms
1173ms Document
text/html 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174521645b2f535c99f2e1c681ac39a149510e3920b16c9370e407b923601300

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 0
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 75ec54abea9ca968-SYD
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 23 Oct 2022 17:53:12 GMT
is-logged-in: False
last-modified: Sun, 23 Oct 2022 17:53:11 +0000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="We do not have a P3P policy."
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8ZA3oxNRxCAYooZ1V6uCM7%2Fvp4AV9%2Bx1Av0JoWGkp39vrte8ry9elmDezcDRWqCSynyCIbWAS4KiUe74XSdcM4ZWkgCa4pqGKrPyuDDI9TBGL1kDd1%2F5BVLeQ4UBdpmLQk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 varnish-v4
x-cache: MISS
x-cacheable: NO: !beresp.cacheable
x-debug-ip: Client IP: Forwarded: 173.245.209.112, 173.245.209.112, 127.0.0.1...
x-drupal-cache: MISS
x-postproc
x-varnish: 1028521299

GET
H2 200 css_d2c0f541cc8b067be9283397975a6af7.css
www.empowher.com/sites/default/files/css/ 326 KB
59 KB 207ms
205ms Stylesheet
text/css 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53649d3c20f6a27387663fddc70fff4333dfd34918b7c24b1cb2d211244cba72

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:12 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42007
cf-polished: origSize=338161
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 178.157.93.46, 178.157.93.46, 127.0.0.1...
cf-bgj: minify
last-modified: Tue, 30 Jun 2020 18:20:23 GMT
server: cloudflare
etag: W/"5efb8267-528f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLNq2Ya2hEhDo1M%2FYgu%2F14obpVB4VDThEarsn7hj0b0SbSy9CtjHhMGV6pAVbx%2FqT9Di%2FQyKKGMg7Evt0EenOKkks4FuxwqSYHSQn31NhZqLigAU29awo4sHNv1bLKTKgWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 1037340599
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b34e0ea968-SYD

GET
H2 200 navbar.css
www.empowher.com/sites/all/themes/blackwell/ 9 KB
3 KB 105ms
103ms Stylesheet
text/css 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/all/themes/blackwell/navbar.css?N
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c3974fe9fcf3d844b0560a439e6fdad6118dd7a25c418c6a59a991beba3e97

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:12 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12247189
cf-polished: origSize=11454
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 203.217.34.110, 203.217.34.110, 127.0.0.1...
cf-bgj: minify
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: W/"5e4c2818-2cbe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2Fvf9suqZNYpAAB6Lsecq%2BCH0ZVcbRuDjcZf8JFRUzfQ0L9tzmNf%2F%2F9A%2BZh3S46hC2Tcb1yK9wVIxfqTT27fz6JLqXrrYhSEDAIvJpiOemdxNuLsvcV%2FQ1UUKwqheXevOoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 898235927
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b34e10a968-SYD

GET
H2 200 style-user.css
www.empowher.com/sites/all/themes/blackwell/ 38 KB
9 KB 108ms
106ms Stylesheet
text/css 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/all/themes/blackwell/style-user.css
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4186b16ec0a11311f90a6a972532452398b44c87ea599b434b8e662ad5c01057

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:12 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42007
cf-polished: origSize=47896
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 178.157.93.46, 178.157.93.46, 127.0.0.1...
cf-bgj: minify
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: W/"5e4c2818-bb18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JWOFXbzV8uS0JnrFTQWN2YK1QOImeeArF8weCE%2BeAfYcbj5o20tl1k53Apnhq9FYjljeIWgdW4kbu0SQTRCfXVr3xa1sUxrr3gkRGqoLiarnIX%2B9ElDMrZS3ESmr2EWSEc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 1030209035
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b34e11a968-SYD

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 677ms
193ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

ESF /

Resource Hash

c0ab4d6f0d376f206927168dcae1f6ede1bd61777ca7b7caa80e89f016ce17ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Oct 2022 17:53:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 23 Oct 2022 17:53:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Oct 2022 17:53:12 GMT

GET
H2 200 js_d6495b7524174c309854d6517f21d838.js Show response
www.empowher.com/sites/default/files/js/ 108 KB
39 KB 111ms
109ms Script
application/javascript 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/default/files/js/js_d6495b7524174c309854d6517f21d838.js
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3105e6bbf8092f88e7b1b13b3597c9d3915c6670117714280a96ee50da8fec03

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:12 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130029
cf-polished: origSize=132517
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 122.56.198.118, 122.56.198.118, 127.0.0.1...
cf-bgj: minify
last-modified: Tue, 30 Jun 2020 18:20:22 GMT
server: cloudflare
etag: W/"5efb8266-205a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPsfO8s6iFdflp8nqnUBEg067urf9EWULLQzY4HmWeuLCd4A0tQ9SSs%2Ft1y1Saxo2R68D1CXYCGxv6TGB%2F8pTBvaq6KsCTmz4SFuYV8tihZhv6jOfgT2bvndqTfFBy0xTrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 1034399856
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b34e13a968-SYD

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.1/ 91 KB
33 KB 675ms
191ms Script
text/javascript 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

sffe /

Resource Hash

8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 11:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32984
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 11:39:19 GMT

GET
H2 200 bootstrap.min.js Show response
www.empowher.com/sites/all/themes/blackwell/js/ 35 KB
10 KB 108ms
106ms Script
application/javascript 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/all/themes/blackwell/js/bootstrap.min.js
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:12 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12247189
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 203.217.34.110, 203.217.34.110, 127.0.0.1...
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: W/"5e4c2818-8c6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZ74%2FhgskL8K8iuw0iJneiOUyf9Q%2F4UfTCH%2BVlaN2xqbxWLu8%2BvIGvQx5luSbArEw0WTc2UcgYrCy5K7FksJDNHcE2pNmNRkIztSXAQsuU7eR%2Fl59DK26HO8dmnn%2Bh%2BzVlY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 901784306
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b34e14a968-SYD

GET
H2 200 bootstrap-hover-dropdown.min.js Show response
www.empowher.com/sites/all/themes/blackwell/js/ 1 KB
941 B 106ms
104ms Script
application/javascript 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/all/themes/blackwell/js/bootstrap-hover-dropdown.min.js
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d29d000556b37c68c8a38e57ee0b4838d6bc7d2fa656c54dedf5f4ee9b6b005d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:12 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12247189
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 203.217.34.110, 203.217.34.110, 127.0.0.1...
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: W/"5e4c2818-5d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRn%2FteRwmJoGntkBd9vW1GYuOHUAyPhhZnGEA74gBF9pppczPOIC0rqM0aQLkODp%2BK6EudFtjfdHuUJ22w3Ws2tJ8ZHFCTp2xVUuC0mlJgHrJWaQU98JT9%2BlmlGCKICkHuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 900446238
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b34e15a968-SYD

GET
H2 200 jquery.scrolldepth.min.js Show response
www.empowher.com/sites/all/themes/blackwell/js/ 3 KB
2 KB 105ms
104ms Script
application/javascript 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/all/themes/blackwell/js/jquery.scrolldepth.min.js
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d553f17fdfd8d3a2dd97c541ac3ad2a4a6dcf505305037b8d7d78790cf085b4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:12 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12247189
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 203.217.34.110, 203.217.34.110, 127.0.0.1...
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: W/"5e4c2818-d51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gai66afxmukCvQmzwTONqNf%2B6UGVNrx3Z%2Bpo2YZBy82vtZCnPlGqefh9t2gllpB6PK%2BS61y2etMbAImYjGdULpqwlwH0soiExl9QX4yWpoErlJVKQxf5pjApRYE9c%2BwnHw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 901784315
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b34e16a968-SYD

GET
H2 200 jquery.tools.min.js Show response
www.empowher.com/sites/all/themes/blackwell/js/ 45 KB
17 KB 108ms
107ms Script
application/javascript 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/all/themes/blackwell/js/jquery.tools.min.js
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe4d56a7fc93e6699273e82312b3936906a121bf2f97a43380a153c31a00892

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:12 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12247189
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 203.217.34.110, 203.217.34.110, 127.0.0.1...
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: W/"5e4c2818-b5d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBKpvdXTF1EEmYL%2Fy1WaE%2BeRYkOs0HYDop7s7oYDf1DxR5UilpKn%2BFKASJKbXenqCSpGWIcepqUwFRPf%2FipiNiDbBO2zaX26VxYDiAZ0IaaVq83NZw%2F9RMNM5CY84LCv4nY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 900446241
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b34e17a968-SYD

GET
H2 200 emp.js Show response
www.empowher.com/sites/all/themes/blackwell/js/ 15 KB
5 KB 106ms
105ms Script
application/javascript 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/all/themes/blackwell/js/emp.js
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 629019c3f248473efe64d5fdbf31209d07d997a5269b16c5e4baeeccbffe6ecf

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:12 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12247189
cf-polished: origSize=23865
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 203.217.34.110, 203.217.34.110, 127.0.0.1...
cf-bgj: minify
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: W/"5e4c2818-5d39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGoTBsRS%2FU5MT%2Folnn4DO5tsT%2B4IX7Ggx5DJtpRKyJ%2BBF3qomIB0Odd2I6J3mTKFZEXXsNfeTZE%2BKIXZxKxq0LGh3xI4L3WIC5YBNOFUJen2Zev6%2FVoIu3dsWIR0s0wSS4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 901784312
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b34e18a968-SYD

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 1580ms
336ms Script
application/javascript 23.52.112.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.112.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-112-115.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 23 Oct 2022 17:53:14 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 widget.js Show response
widget.privy.com/assets/ 320 KB
98 KB 314ms
102ms Script
application/javascript 104.22.21.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.privy.com/assets/widget.js

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.21.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9def4d10c09ec3a4f91bff6bf44a83a1ecc4410ac78d84a50053fb22c35697f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 vegur, 1.1 c71e51961956d2c084f13451959744de.cloudfront.net (CloudFront)
cf-cache-status: HIT
last-modified: Tue, 18 Oct 2022 17:50:51 GMT
server: cloudflare
content-encoding: gzip
x-amz-cf-pop: SYD1-C2
age: 1237
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 75ec54ba29eaaaef-SYD
x-amz-cf-id: zgAJEg76X49gkRSVE-dAAlPfLMNaVZgPIpJMhEQ7AluuAJ9JakNRGw==

GET
H2 200 css_f0163f14e18c27011243a3cee920ebe1.css
www.empowher.com/sites/default/files/css/ 2 KB
1 KB 110ms
109ms Stylesheet
text/css 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/default/files/css/css_f0163f14e18c27011243a3cee920ebe1.css
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d3b7e88b3c83dd902ced3b8daaa79f99eec78ccd9002f6b312b65d5aef381f1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:13 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12247188
cf-polished: origSize=1880
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 203.217.34.110, 203.217.34.110, 127.0.0.1...
cf-bgj: minify
last-modified: Tue, 30 Jun 2020 18:20:22 GMT
server: cloudflare
etag: W/"5efb8266-758"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQWOFlhHbGdjtHSJKzsIJGicIqIJu%2BFBm5pKLXrW5pmBBBtCFJDrhv%2BsPjC%2BlJRfjutCFGkhXvN1jFOyNJG8MGaLbBg47LGeatrTpLo6XUd8kNmHPLGdMNbHuMj142xOrP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 899672330
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b8f885a968-SYD

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 378ms
105ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 348173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 948
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ec54b64e87a886-SYD
expires: Fri, 13 Oct 2023 17:53:12 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 374ms
102ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 5176457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ec54b64e89a886-SYD
expires: Fri, 13 Oct 2023 17:53:12 GMT

GET
H2 200 Untitled%20design-4%20copy%202_0.jpg
www.empowher.com/sites/default/files/herarticle/ 54 KB
55 KB 105ms
102ms Image
image/jpeg 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empowher.com/sites/default/files/herarticle/Untitled%20design-4%20copy%202_0.jpg
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdaac4172371a0d13c66325be74f92f4cb23575f7f8a2781d1d74323f926c720

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:13 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14658375
x-cache: MISS
content-length: 55546
x-debug-ip: Client IP: Forwarded: 58.110.6.154, 58.110.6.154, 127.0.0.1...
cf-bgj: h2pri
last-modified: Tue, 30 Jun 2020 19:17:45 GMT
server: cloudflare
etag: "5efb8fd9-d8fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnSF1UO9a63d%2FWGRJ3oYmIDMHvRYYQ%2F7C56a8m0jcLWhN%2BUmxd0dkTnPHWda%2BWk3v%2FDqEk7JUyjh7XzplyVwgkShBl0SvjqURj7tAo5UsMAV%2Bj9%2B6lyYoY%2FEv5vgsfup1OE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 882139960
cache-control: max-age=315360000
x-postproc
accept-ranges: bytes
cf-ray: 75ec54b8f881a968-SYD

GET
H2 200 woman-beach-ball.jpg
www.empowher.com/sites/default/files/avatar_selection/ 15 KB
16 KB 110ms
107ms Image
image/jpeg 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empowher.com/sites/default/files/avatar_selection/woman-beach-ball.jpg
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e2692e2e414ade41180a29a51e87fba6c8a06a03f849d0b5840e57f4586931

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:13 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51279
x-cache: MISS
content-length: 15800
x-debug-ip: Client IP: Forwarded: 122.62.133.160, 122.62.133.160, 127.0.0.1...
cf-bgj: h2pri
last-modified: Tue, 02 Jun 2020 19:07:38 GMT
server: cloudflare
etag: "5ed6a37a-3db8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nozipBmSMWaQVh%2F2Q%2FMLQXd3s6LUeryBrleUw64VcoZFSlApZ70CYwMmwdHp77RiWkMM%2BI%2FerHqQPJUm1jOe9eInr0pp926ENLEVYjIHh6shOD9nj1uZuD%2FFI2wR4bLpSaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 1004251242
cache-control: max-age=315360000
x-postproc
accept-ranges: bytes
cf-ray: 75ec54b8f882a968-SYD

GET
H2 200 HONConduct884166_s2.gif
www.honcode.ch/HONcode/Seal/ 2 KB
2 KB 1067ms
353ms Image
image/gif 195.70.1.181
DFINET Geneva

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.honcode.ch/HONcode/Seal/HONConduct884166_s2.gif
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.70.1.181 Geneva, Switzerland, ASN12333 (DFINET Geneva, Switzerland, CH),
Reverse DNS: 181.1.70.195.rev.dfinet.net
Software: nginx /
Resource Hash: fa5278204f6f231236aa7c4734f6a380f4fce3636b8ac041d7aac61b742fc07b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:13 GMT
last-modified: Fri, 01 May 2020 14:55:17 GMT
server: nginx
accept-ranges: bytes
etag: "5eac3855-7ab"
content-length: 1963
content-type: image/gif

GET
H2 200 js_be6465d81f52c8e1262abafddfb6feca.js Show response
www.empowher.com/sites/default/files/js/ 10 KB
3 KB 106ms
106ms Script
application/javascript 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/default/files/js/js_be6465d81f52c8e1262abafddfb6feca.js
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c7adf907fdaeb92e7323570e9600071f5cc36b8c11372e0516acb4ce3edf7d3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:12 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4553966
cf-polished: origSize=15633
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 115.189.94.74, 115.189.94.74, 127.0.0.1...
cf-bgj: minify
last-modified: Tue, 30 Jun 2020 18:20:23 GMT
server: cloudflare
etag: W/"5efb8267-3d11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecO8wqAceE9YliH6EBUnrPeJ8LMI7hFnhRz16g0jRvdrzR8%2Fha4SMxQVx09IU6f%2B8GtL9Llz1E5%2FJktG%2BQgZfqKpGK9hKmpthe788Vd1IKA3GBDJvj3SMKXTDPypCEft0Wo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 965961048
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b77fc4a968-SYD

GET
H2 200 fivestar.js Show response
www.empowher.com/sites/all/modules/contrib/fivestar/js/ 16 KB
4 KB 1047ms
1044ms Script
application/javascript 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/all/modules/contrib/fivestar/js/fivestar.js?1666547591
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62c53d8848db5c8251b277e9335e317af46c20f9599b69799256d81b4b3a67b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:14 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: MISS
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 173.245.209.112, 173.245.209.112, 127.0.0.1...
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: W/"5e4c2818-3fd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxKjb05dM%2BUAb5kucj6dPbyZE%2BGT07RjHO6lP8rvxgy%2Bo%2BLAIkTRdgY6hijvq1KnWZdXle7HAYBvlAT4TNDM13jI1ZfUcnJq5hTVFmkq0JETR288kn9lBKlj1lPeEsWqQy4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 1022749031
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b8f884a968-SYD

GET
H2 200 bidexchange.js Show response
contextual.media.net/ 291 KB
82 KB 973ms
340ms Script
text/javascript 104.83.196.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/bidexchange.js?cid=8CU3J5V33&version=3.1&https=1

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a597cd612de032ce869270484a423e5ce3cb67f0d1bcc295af6b792787242f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 23 Oct 2022 17:53:13 GMT
server: Apache
vary: Accept-Encoding
x-mnet-h: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Sun, 23 Oct 2022 18:23:13 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 177 KB
44 KB 595ms
197ms Script
application/javascript 13.225.2.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-2-118.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f59ff797b78853b110b03a4f27bac47a6d31faa53e47d55a56e3725d013f0d83

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 16:55:36 GMT
content-encoding: gzip
via: 1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront), 1.1 708b4a14c657950f2e7357eb30093182.cloudfront.net (CloudFront)
last-modified: Thu, 20 Oct 2022 16:04:04 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2, SIN52-C2
age: 3458
x-amz-server-side-encryption: AES256
etag: W/"b13d25523ad505c18e73c78358e50098"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 8XNqrryVx30ycg35Je6NA8OoFeVCRhHO7IOh9vUMT--EpDsv30tHBw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 575ms
191ms Script
text/javascript 142.251.10.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 23 Oct 2022 16:48:17 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3896
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 23 Oct 2022 18:48:17 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 510 KB
144 KB 1200ms
304ms Script
application/x-javascript 23.72.45.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.72.45.55 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1159500ec113a58c8e68c1889b0d7a4bf551f10c01173442dc90b72c562ccfe6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 Oct 2022 17:53:14 GMT
Content-Encoding: gzip
x-amz-request-id: HGJXZDV7YZMS584B
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: fCyW1DlTFd6YYEkIOe74ppLT5bSUK+JmfWMHMSZK5Ef/s2ABuzplgKsLIx18LmovxAl430VrS10=
Last-Modified: Thu, 20 Oct 2022 21:57:33 GMT
Server: AmazonS3
ETag: "9e2e60d697f7f675f0225473545f3e1a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 591ms
197ms Script
application/x-javascript 157.240.13.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.13.19 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-sin6.fbcdn.net

Software

Resource Hash

f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 23 Oct 2022 17:53:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27027
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 26zPvD8jxP0Rz9EdFfkSHDj0RcZcRNjLm8YlUiTcLtCZJOdd+TRtFhouYOSstuqFRS+WoV6IsGh2dbjwxRL8aw==
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ad-label-vert.gif
www.empowher.com/sites/all/themes/blackwell/images/ 1 KB
1 KB 102ms
102ms Image
image/gif 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empowher.com/sites/all/themes/blackwell/images/ad-label-vert.gif
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a57b79b77e9b4a9f191413e2e4582b3b09b95f40a7a7f360234d9c7c5103eba

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:13 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4553966
x-cache: MISS
content-length: 1152
x-debug-ip: Client IP: Forwarded: 115.189.94.74, 115.189.94.74, 127.0.0.1...
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: "5e4c2818-480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GqD1kkwlTH3ygcgXxMJJjT%2BfTWNA%2FbmadR74%2FKoCGNpMw71oMyTYleF2tpp%2FzL%2FU0365jC%2BuKEa3yDcpzhpnrSBQ1bzjHsvQxkIAO19FhSLZH5cww8B4b6s0fwxbjwJmTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-varnish: 968633768
cache-control: max-age=315360000
x-postproc
accept-ranges: bytes
cf-ray: 75ec54b9088da968-SYD

GET
H2 200 icons.png
www.empowher.com/sites/all/themes/blackwell/images/ 21 KB
21 KB 103ms
103ms Image
image/png 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empowher.com/sites/all/themes/blackwell/images/icons.png
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb4c26248b227477ac86e55431f1478db8a2bab39352585519b9c7e08d88d4a5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:13 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12247115
x-cache: MISS
content-length: 21655
x-debug-ip: Client IP: Forwarded: 203.217.34.110, 203.217.34.110, 127.0.0.1...
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: "5e4c2818-5497"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQOAyuwyQoToXNYxQXi8EpUTc85LEjPjjyp0slUN1faIY6b%2FDvJJ6RsxGtt1dGy2IIr%2Bvnakgx%2BmyjVwa%2Ft6%2FjjTU1P2bKtZoBVrnZ6ssjIm2wEkF5gT77has4ib%2BEyerhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-varnish: 894189185
cache-control: max-age=315360000
x-postproc
accept-ranges: bytes
cf-ray: 75ec54b9088ea968-SYD

GET
H2 200 default-sprite.png
www.empowher.com/sites/all/themes/blackwell/images/ 24 KB
25 KB 105ms
105ms Image
image/png 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empowher.com/sites/all/themes/blackwell/images/default-sprite.png
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 701d38f6b8d480f286b457439a8bdb3ce29c5d913c680429754efdb4f8a9562d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:13 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12240531
x-cache: MISS
content-length: 24919
x-debug-ip: Client IP: Forwarded: 59.101.139.26, 59.101.139.26, 127.0.0.1...
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: "5e4c2818-6157"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8sftR7kqyXxp27TJIhWvmkv0JNVaLldzOpPmH9Xv0BM7OidQ0oDPPMWpsSgrPcKJTEU92plnECdp8HBDg3gjA9LCeZVINsA9BFQCFxq8yZys50EUcY30VLAz9NxvV8LVbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-varnish: 874824583
cache-control: max-age=315360000
x-postproc
accept-ranges: bytes
cf-ray: 75ec54b9088fa968-SYD

GET
H2 200 ad-label-horz.gif
www.empowher.com/sites/all/themes/blackwell/images/ 116 B
511 B 106ms
106ms Image
image/gif 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empowher.com/sites/all/themes/blackwell/images/ad-label-horz.gif
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a5b84b047c9cc91ed81c5a043634d21df2a87dbb0cac52fa8b972206c8b54f2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:13 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 106917
x-cache: MISS
content-length: 116
x-debug-ip: Client IP: Forwarded: 2001:8003:22ff:1701:e514:9021:ec0f:bc10, 2001:8003:22ff:1701:e514:9021:ec0f:bc10, 127.0.0.1...
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: "5e4c2818-74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuXj6ONCQaZ59KowtKpL39TxtpJjsd2U0Yfg12GyS2KYVLwjGbw3F2rcsqCGjwRRv4W70D7rPZCatx32DIsr5HWYIS%2FRgNBrFfYowVZnb4jpV0pKqbB04YlfhGg3H%2FR82Os%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-varnish: 1032418506
cache-control: max-age=315360000
x-postproc
accept-ranges: bytes
cf-ray: 75ec54b90890a968-SYD

GET
H/1.1 200
OK 56941222330676224e000049.js Show response
tag.marinsm.com/serve/ 124 B
530 B 754ms
548ms Script
text/javascript 151.101.192.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/56941222330676224e000049.js

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

40cb29c6823e44efb83a3f11ea4d5f63f6ba7d029afa2058205dbecfa7d9ca30

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 Oct 2022 17:53:13 GMT
Via: 1.1 vegur, 1.1 varnish
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Age: 0
X-Cache: MISS
Connection: keep-alive
Content-Length: 110
X-Served-By: cache-syd10125-SYD
Server: Cowboy
X-Timer: S1666547593.338529,VS0,VE450
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 571ms
196ms Script
application/x-javascript 157.240.13.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.13.19 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-sin6.fbcdn.net

Software

Resource Hash

c5bf8156fb0839656e2c5e95f87e0e2d70674ee2c2ba809886161daf6614dca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 23 Oct 2022 17:53:13 GMT
content-md5: NPFWrvTIkyxgXYZHvv3wlA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: ytWg3plWzTlyLmC4CgTTBZD4a21pVo3+wjnPwFKiWJoRIqbLRAJjLD/yFy/B9v33CmRJ5SCRaWQGzc6gF9r5NA==
x-fb-trip-id: 548340344
x-fb-content-md5: ab53d1b5970bd808a93b27b67a703361
cross-origin-opener-policy: same-origin-allow-popups
etag: "1801e424a8b8f5abf9c80307eaebe83e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Sun, 23 Oct 2022 17:59:56 GMT

GET
H2 200 jquery.cookie.js Show response
www.empowher.com/sites/all/themes/blackwell/js/ 827 B
909 B 182ms
181ms Script
application/javascript 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/all/themes/blackwell/js/jquery.cookie.js
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/sites/default/files/js/js_be6465d81f52c8e1262abafddfb6feca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 825bcade67052cde99899ccc90782226d1c1baab39244f26884dae084e7fc021

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:13 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6354661
cf-polished: origSize=1535
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 144.168.213.149, 144.168.213.149, 127.0.0.1...
cf-bgj: minify
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: W/"5e4c2818-5ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOq4KtWk4eX89x1gqZWxUwAmsLKFFJqsXbD2eI8b%2BJzRYmhUMXPmCUDhSGhw%2FQ6h%2B6DT6VlQm5Oo1iUUxS0r03iTF6%2BeniXfs4UTPZoSFDBiQV9au3v0%2FQl3Cmb%2BZddaM%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 958798545
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b998c6a968-SYD

GET
H2 200 modals.js Show response
www.empowher.com/sites/all/themes/blackwell/js/ 4 KB
1 KB 183ms
183ms Script
application/javascript 104.26.11.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empowher.com/sites/all/themes/blackwell/js/modals.js
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/sites/default/files/js/js_be6465d81f52c8e1262abafddfb6feca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ce4d077043eb550f778602c3a213aa6e413823b5fe6cc30c4c7928b23694a2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/users/covertail9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:13 GMT
via: 1.1 varnish-v4
content-encoding: br
cf-cache-status: HIT
x-cacheable: YES
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4553966
cf-polished: origSize=6409
x-cache: MISS
x-debug-ip: Client IP: Forwarded: 115.189.94.74, 115.189.94.74, 127.0.0.1...
cf-bgj: minify
last-modified: Tue, 18 Feb 2020 18:08:24 GMT
server: cloudflare
etag: W/"5e4c2818-1909"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lfb17Nv%2BjWQOvQeJR6QrRRx7R7onWNCQbjny8FRWxnXLsBFxWcRu9PmPe4CZUnhjoq699EWtW7TD6zdF1B%2BvNpGhHIBYIXPvxGenxT%2Bo1ujVO469SexWDZybrhJ7%2BvD5nug%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 965961066
cache-control: max-age=315360000
x-postproc
cf-ray: 75ec54b998c7a968-SYD

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 573ms
191ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

sffe /

Resource Hash

14a2c91fb720c33b46379b2318e70c953933042617d4360726ddd83386b599d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27388
x-xss-protection: 0
server: sffe
etag: "1372 / 447 of 1000 / last-modified: 1666390088"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Oct 2022 17:53:13 GMT

GET
H2 200 campaigns.json Show response
api.privy.com/businesses/C27276E9A39ACE9B437BA993/ 42 B
615 B 556ms
351ms XHR
application/json 104.22.20.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privy.com/businesses/C27276E9A39ACE9B437BA993/campaigns.json?s=j&l=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&user_uuid=16173db6-7edc-46b4-bcb2-39e9037bf54f&fence=1

Requested by

Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.20.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

085775193a3438660321ef433979fcf52fafcd58fb1d2bd8cec61b0503380111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ipcountry: AU
date: Sun, 23 Oct 2022 17:53:14 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ippostalcode: 2000
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
via: 1.1 vegur
content-encoding: gzip
x-xss-protection: 0
x-request-id: ddaac8e5-3d7c-4632-85be-d6b6f99fd552
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"085775193a3438660321ef433979fcf5"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control: max-age=0, private, must-revalidate
x-ipregion: AU_NSW
cf-ray: 75ec54bcff15dfb9-SYD

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 190ms
190ms Script
text/javascript 142.251.10.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f102.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 23 Oct 2022 18:00:31 GMT

GET
H2 200 870312469679803 Show response
connect.facebook.net/signals/config/ 293 KB
85 KB 418ms
417ms Script
application/x-javascript 157.240.13.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/870312469679803?v=2.9.87&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.13.19 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-sin6.fbcdn.net

Software

Resource Hash

88b7bffe1d13b4c3553ff50398b30638f19b69965a4c56cb92aef1866352d09c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 23 Oct 2022 17:53:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7dTyAaIeG5KFPdAMISl2y/AzMak9qNQv9ZGSb65npACAXCrLd2hiCAI7wW7x7ZqOUMuezaiYu8OFlV3R+JxUIw==
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 438ms
438ms XHR
text/plain 13.225.2.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.empowher.com&pubid=3342a50f-f325-41b3-be54-a4f440993552
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-2-118.sin52.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:13 GMT
via: 1.1 708b4a14c657950f2e7357eb30093182.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN52-C2
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.empowher.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: QeBIs_mCDPaiBnPTY7_lUL1OuhhqnKljlSyx6ijp8XRDgQEY8pEvog==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 2 KB
2 KB 873ms
479ms XHR
text/javascript 13.35.17.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&pid=iXqA5OCxYaPvN&cb=0&ws=1600x1200&v=22.10.131733&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1429823341605-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2245714857%2FHER_728x90_Top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1442253528109-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2245714857%2FHER_300xFlex_Top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1429823341605-2%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%2245714857%2FHER_160x600_Left%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1429823341605-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2245714857%2FHER_728x90_Bottom%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1462221522595-0%22%2C%22s%22%3A%5B%22320x50%22%2C%22300x100%22%2C%22300x100%22%5D%2C%22sn%22%3A%2245714857%2FHER_Mobile_Top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1462221522595-1%22%2C%22s%22%3A%5B%22320x50%22%2C%22300x250%22%5D%2C%22sn%22%3A%2245714857%2FHER_Mobile_Bottom%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1490912742179-0%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%2245714857%2FHER_300x600_Home%22%7D%5D&pubid=3342a50f-f325-41b3-be54-a4f440993552&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.17.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-17-5.sin5.r.cloudfront.net
Software: Server /
Resource Hash: f76d8f1b667390be2a1859c9fa5ea8f6d97539f295e1c2448a6bea2f694a92d5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:14 GMT
via: 1.1 490cd3b4c8c8e2aafa0be58f76446f44.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN5-C1
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.empowher.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 1616
x-amz-cf-id: 7LKjqdpZ9eupgiYV1zcd7GPF5SvLgyhTWtFX7iq_fyLSDC50aeae_Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 581ms
193ms XHR
application/javascript 13.225.2.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-2-118.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GByBGE9Pk5QvO6waz.2OH5fe1oGEkMED
content-encoding: gzip
via: 1.1 708b4a14c657950f2e7357eb30093182.cloudfront.net (CloudFront)
date: Sat, 22 Oct 2022 21:19:09 GMT
x-amz-cf-pop: SIN52-C2
age: 74046
x-cache: Hit from cloudfront
last-modified: Fri, 21 Oct 2022 19:58:26 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Oq0R8ITHlYgJkTcQWRn5Otn_QvnuK-MMhPoDZkwZMSjOxxeED3y3MA==

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 307 KB
86 KB 397ms
197ms Script
application/x-javascript 157.240.13.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=a9477b8a10da6f8f631fd47567d97498

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.13.19 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-sin6.fbcdn.net

Software

Resource Hash

0aedcd5a6cd7dd971d727a6e234a77d2ece5fd329be114eadc3d93d9465e96cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.empowher.com/
Origin: https://www.empowher.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 23 Oct 2022 17:53:14 GMT
content-md5: J+yHv81dMHnnvOwlqnwOGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88258
x-fb-rlafr: 0
x-fb-debug: s3rZFp3SnefGjyNPZJ6DeQXwlD1I/lITAQp2GGMH1DxBI5grV2Wu88JOnMSv+DEHE09AYv1+ZdQVu5wRskxX6Q==
x-fb-content-md5: 18dc57a6585775f2343ed9f9b14f73a9
cross-origin-opener-policy: same-origin-allow-popups
etag: "018e8d85911fdefcc6d30a1abc31ecaa"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 23 Oct 2023 15:49:47 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
447 B 573ms
191ms XHR
text/plain 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2916861-1&cid=351501688.1666547594&jid=439270147&gjid=1985522401&_gid=1057808277.1666547594&_u=KGBAgAAjCAAAAEAAI~&z=1668411677

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empowher.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 23 Oct 2022 17:53:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.empowher.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 191ms
190ms Image
image/gif 142.251.10.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1952447678&t=pageview&_s=1&dl=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&ul=en-us&de=UTF-8&dt=covertail9%27s%20Profile&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgAAjCAAAAAAAI~&jid=439270147&gjid=1985522401&cid=351501688.1666547594&tid=UA-2916861-1&_gid=1057808277.1666547594&cd1=remnant&cd2=&cd3=&cd4=3856443&cd5=&cd6=1970-01-01&cd7=&cd8=&z=971672009

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 23:57:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64562
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 191ms
191ms Image
image/gif 142.251.10.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1952447678&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&ul=en-us&de=UTF-8&dt=covertail9%27s%20Profile&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User&ea=Type&el=anonymous%20user&ev=1&_u=KGBAgAAjCAAAAEAAI~&jid=&gjid=&cid=351501688.1666547594&tid=UA-2916861-1&_gid=1057808277.1666547594&z=1768025097

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 23:57:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64562
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022102001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 573ms
191ms Script
text/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

sffe /

Resource Hash

26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 01:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130516
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 23 Oct 2023 01:29:18 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 115 B
734 B 573ms
192ms XHR
application/json 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.empowher.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

f9dea05d028fcf02fbb9121411d6c8e86655469ad671feb0716d0846f0f66e0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
expires: Sun, 23 Oct 2022 17:53:14 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 580ms
197ms Image
image/gif 172.217.194.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2916861-1&cid=351501688.1666547594&jid=439270147&_u=KGBAgAAjCAAAAEAAI~&z=935618629

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
501 B 577ms
194ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2916861-1&cid=351501688.1666547594&jid=439270147&_u=KGBAgAAjCAAAAEAAI~&z=935618629

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 595ms
199ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=870312469679803&ev=PageView&dl=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&rl=&if=false&ts=1666547594541&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666547594541.466079308&it=1666547593868&coo=false&rqm=GET

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 23 Oct 2022 17:53:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame DD9C
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_ox-db5_n-amobee
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_ox-db5_n-amobee&dcc=t

293 B
1 KB

311ms
311ms

Document
text/html

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_ox-db5_n-amobee&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

4635a4a86c801f09194a1bf5ba3c46ec1eabd966dfd8a19f460fdb37300a6564

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.empowher.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 293
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 23 Oct 2022 17:53:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: FZV9KBY832HEHE33XBSM

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 23 Oct 2022 17:53:15 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_ox-db5_n-amobee&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 030CAVV21Z857ARM7MAW

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 195ms
195ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=870312469679803&ev=Microdata&dl=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&rl=&if=false&ts=1666547595044&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22covertail9%27s%20Profile%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22EmpowHER%22%2C%22og%3Atitle%22%3A%22covertail9%27s%20Profile%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%22name%22%3A%22Magnesium%20Deficiency%3A%20A%20Commonly%20Overlooked%20Health%20Issue%20%22%2C%22author%22%3A%22Catherine%20Taylor%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22https%3A%2F%2Fschema.org%2FArticle%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.87&r=stable&ec=1&o=30&fbp=fb.1.1666547594541.466079308&it=1666547593868&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 23 Oct 2022 17:53:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 t Show response
jadserve.postrelease.com/ 115 B
650 B 774ms
244ms Script
text/javascript 54.241.194.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.194.120 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-194-120.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:15 GMT
content-encoding: gzip
server: nginx/1.12.1
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 122
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 577ms
193ms Script
application/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.empowher.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 578ms
195ms Script
application/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.empowher.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 529ms
227ms XHR
text/plain 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=425981300898606&correlator=3138062559007932&hxva=1&scor=590843828048780&eid=31070495&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=45714857%2CHER_728x90_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C320x50%7C300x50&ifi=1&adks=3050673328&sfv=1-0-38&prev_scp=amznbid%3Dqupybk%26amznp%3Dt54lq8%26amzniid%3DJMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a%26amznsz%3D728x90&eri=5&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&sc=1&cookie_enabled=1&abxe=1&dt=1666547595292&dlt=1666547592149&idt=3097&adxs=315&adys=90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&frm=20&vis=1&psz=1570x25&msz=980x20&fws=4&ohw=1570&ga_vid=351501688.1666547594&ga_sid=1666547595&ga_hid=1952447678&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

6daa800a9f14a171bce9bb9cf2b244578a4db4866048c79033b2cb66657ccef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10143
x-xss-protection: 0
google-lineitem-id: 4660936461
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232121292
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.empowher.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 538ms
236ms XHR
text/plain 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=425981300898606&correlator=3138062559007932&hxva=1&scor=590843828048780&eid=31070495&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=45714857%2CHER_300xFlex_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C300x250%7C300x1050%7C300x600&ifi=2&adks=1706535992&sfv=1-0-38&prev_scp=amznbid%3Dqupybk%26amznp%3Dbdul8g%26amzniid%3DJDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW%26amznsz%3D300x600&eri=5&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&sc=1&cookie_enabled=1&abxe=1&dt=1666547595298&dlt=1666547592149&idt=3097&adxs=1285&adys=162&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&frm=20&vis=1&psz=300x35&msz=300x10&fws=4&ohw=300&ga_vid=351501688.1666547594&ga_sid=1666547595&ga_hid=1952447678&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

e853f4a567f05b6bbb685f49dd1de673ae348efa5a328ee82ac83fc0fc3c8354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9809
x-xss-protection: 0
google-lineitem-id: 4660936461
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232122648
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.empowher.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 548ms
244ms XHR
text/plain 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=425981300898606&correlator=3138062559007932&hxva=1&scor=590843828048780&eid=31070495&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=45714857%2CHER_728x90_Bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C320x50%7C300x50&ifi=3&adks=2632463125&sfv=1-0-38&prev_scp=amznbid%3Dqupybk%26amznp%3Dt54lq8%26amzniid%3DJLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj%26amznsz%3D728x90&eri=5&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&sc=1&cookie_enabled=1&abxe=1&dt=1666547595301&dlt=1666547592149&idt=3097&adxs=315&adys=808&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&frm=20&vis=1&psz=1570x20&msz=980x0&fws=4&ohw=1570&ga_vid=351501688.1666547594&ga_sid=1666547595&ga_hid=1952447678&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

5ade699031aded0d2243454e2d3fe0e371938e25cd7e87e0b8486e6f8a457a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9799
x-xss-protection: 0
google-lineitem-id: 4660936461
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138232122660
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.empowher.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 579 B
499 B 544ms
242ms XHR
text/plain 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=425981300898606&correlator=3138062559007932&hxva=1&scor=590843828048780&eid=31070495&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=45714857%2C1x1-anchor-ad-unit&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&adks=2555910128&sfv=1-0-38&eri=5&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&sc=1&cookie_enabled=1&abxe=1&dt=1666547595303&dlt=1666547592149&idt=3097&adxs=0&adys=833&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&frm=20&vis=1&psz=1600x1&msz=1x-1&fws=0&ohw=0&ga_vid=351501688.1666547594&ga_sid=1666547595&ga_hid=1952447678&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

3d4ee981afa9fff8433c869d26d5d889d5e54336bbcba0cf02932b8b80160001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.empowher.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 554ms
249ms XHR
text/plain 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=425981300898606&correlator=3138062559007932&hxva=1&scor=590843828048780&eid=31070495&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&iu_parts=45714857%2CHER_1x1_InScreen&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&adks=174130014&sfv=1-0-38&eri=5&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&sc=1&cookie_enabled=1&abxe=1&dt=1666547595304&dlt=1666547592149&idt=3097&adxs=0&adys=834&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&frm=20&vis=1&psz=1600x1200&msz=1x-1&fws=0&ohw=0&ga_vid=351501688.1666547594&ga_sid=1666547595&ga_hid=1952447678&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

5ef6285bdae45fa27d9cb8f00ca85b4f8d5721cb87241923b8dfce7a4739083a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9763
x-xss-protection: 0
google-lineitem-id: 4640424143
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138230468186
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.empowher.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5f134eb73da58455e85f9ff8bcbc7196.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F668 6 KB
4 KB 576ms
191ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5f134eb73da58455e85f9ff8bcbc7196.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.empowher.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 17:53:15 GMT
expires: Mon, 23 Oct 2023 17:53:15 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 854ms
281ms Script
application/x-javascript 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 23 Oct 2022 17:53:16 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 9C19F84C300AB21E
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=47543
accept-ranges: bytes
content-length: 948
x-amz-id-2: Ra356N8tIoL0n/Q1Pk0o2L06qrqQE5D2z7xBrlWvTT4dvoQSdLidy3QEc6Zsh5SagE6BmbajT6s=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E1C9 0
0 195ms
194ms Fetch
image/gif 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMdIUChmCgIdWpQoP5jjuLodi3oIUtlTRoTUjcmWkMwStYSmIewBV-S2okDJOKufzF6JF-MyXw_eCRJXLgnoyfKeR-SJ4-aIbeP5ly4Npdrn7c50za81mZZafIbQ8y6f09OTgqyNXqmn9iHcfGD0OwkFPw3OB53PZ201LqC3c35zWVTrJjHZWJpUI7nLcdWDoRXhGEXwyo00_QNuyNFoJ-6xfa0Bv-S8hwqJ9LK4tMZSQ1Lv012YN7qwKUjotTOxU4DmLpz_uQMqwvXr77KofHQwOj8nYD47MhIS6Hg7TKBS6AjOAtPqrWJxiLM6rCOyi9mlmK&sai=AMfl-YTYIw6ADGgaY_318EV7__Vs4LPqQM2Yd3PO4aAIEqfTCcPy2hkNWW2AXJYJgOmd5xX3ESeQN8KV0ORkur77HIfWTdXtGzdprfSs1-iYIvI7_Jthg54drZVJiLvitNsIkZOcGA&sig=Cg0ArKJSzP0Xzer51BgyEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 23 Oct 2022 17:53:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E1C9 152 KB
47 KB 1346ms
1045ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

sffe /

Resource Hash

66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47476
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666179788250400"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 23 Oct 2022 17:53:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F3C8 0
0 196ms
196ms Fetch
image/gif 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJuULHCd17sdkvVz5nSvlPfgbLlw9JOe40SeTrbriQ5_iRlxoa-L6JDNPyKfrDEmKdL95m3fMDkoQDVoC-BvX5iwQmENdxrDufyD0xMtQklqvyYmqoPUP18xlqDyH1Y1oHi2yd1n7hmz1tdkyi60xLr9P-w1yfw-iXviq7I6m2K7bIfIe1Usn0IXMJcOxA42Y6YiO3pjKE_os6Rp_uJAzJ1bVw2Siqa5CWUhht6-3-jGbrxIie-gSipN3ttR22etnjunIL1yftAAmjU3rsWOkSPkibvS4SB4oVZdnLep86sy1zoWgWcsQP9aWUkiy9B7tFmonGLw&sai=AMfl-YQqVY08uiVoxLHMg0k89E7ayyqLnQeo_PNGoOn6bHw47rGWxFLeZm9XCRzhBiQciSjkfWF_BgQXZGQifFdNLIkFaBAaPFnv1IMIKvpFhDWwqxs32htkT6z8jzR0pZF3g5vXqYJ3W3vIhPgQeXIDwGM&sig=Cg0ArKJSzBTHlknXVwpzEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 23 Oct 2022 17:53:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F3C8 152 KB
46 KB 1709ms
1408ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

sffe /

Resource Hash

66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47476
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666179788250400"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 23 Oct 2022 17:53:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A38D 0
0 194ms
194ms Fetch
image/gif 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCUou67oNHR2c3x8UcaYT9T3w3IBcjlpAQzHOQuZRF1L1_WzOXU8TelMVdz3IppGv57zY9gc3fss31YpLhhdvV3jaryrLi_slvslU-ypiHB3B1VNQX_-_S508wdC81rQNbblX1r5RQKs56OkQ_Nxk4JU93HjAHKmOVuYuqMW9ngr9V6w6w9oZaD26SNptALvYN6xdF_QmdrXCvqkQxO9i8o6xLUdupCKwQe22Q0JiKfzNOQja-bJTDl7EQzeGVseXH0M1HP7HJx8JTlUHCicm5ufixGDPBUPZFUINj8E4Uq7zdP1M0zLdAXqWv3Q93hFgToMfL9itz&sai=AMfl-YTkoNYxvdF2CaLnMd3M95ukkDRzk7mHwSwuJcY5b0SyHJQWFuKlU5DkXV604DbYiUokuNQuld8jiIdVInQM3I_dpHtrPeyZ67u2dhtOvFTobDwX7V9-n729VptGPz2Isq49&sig=Cg0ArKJSzCnSD9aKcWAyEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 23 Oct 2022 17:53:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A38D 152 KB
46 KB 1587ms
1286ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

sffe /

Resource Hash

66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47476
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666179788250400"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 23 Oct 2022 17:53:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAA0 0
0 195ms
194ms Fetch
image/gif 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyf7PAwsnQq9kCowSGQmDYLrTPdAPYWHJaBhddcvwNN-w09sM-NDic-iXxLYMOfvUmOJhepCfodUqjdPOLKeL2Wl61sBkviS31lB88buIEt5pajSL0qFTv_vq7s1S1qXofMTVYiak3FQYYsWWRO1hA_B6VqrA-PBVVCoiG7Q7NX2fODB64dsWX93hKZuGZU8e8B6dVgZ1y1iwMedH3E74kFo7Q52r7aQ_VNdsHVNrdZ1noiu3fYqAbAHF3qH24Wv_VfvlpaRPgOfWYAkMUCOiuiHgKQvKmJrbWfSKQo4rRyLHsBbsxsxL0fDTI_h2v9LVvgxj_&sai=AMfl-YSuTXz7vKVA7Kv_7iF263s5GWqnoT8YNNLsMsMWCJKqirPTscZXfohNwZh8KEOpP9UCHZBYWqJZKzkhuU_QSVT_V2IWzuAIl21PYwpU77YVrNK8km6q3RHxSDy7_S_Or9yY6Q&sig=Cg0ArKJSzEj5APK01pWaEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 23 Oct 2022 17:53:16 GMT

GET
H2 200 services.js Show response
js.gumgum.com/ 105 KB
39 KB 841ms
443ms Script
application/javascript 52.84.251.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/services.js
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-95.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8714be2a868cfbf4f205f3d01f6ee6e1da9ae2babd4f23cf31c7d87bfc6d09cf

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:17 GMT
x-amz-version-id: 7RtPSL9Z190gDznlBMyNc_oSVxqiCEPn
content-encoding: gzip
via: 1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
x-amz-meta-version: 3.87.22
x-cache: Miss from cloudfront
x-amz-meta-access-control-allow-origin: *
x-amz-meta-timing-allow-origin: *
last-modified: Mon, 17 Oct 2022 17:15:28 GMT
server: AmazonS3
etag: W/"73be9cdf25c84621cec690f87063add7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
x-amz-cf-id: nEc92hmuI9Yflqr_7HftwImX8xuJZ1qenWaU7cy4tSOIOBqLSNfvVw==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAA0 152 KB
46 KB 1409ms
1108ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

sffe /

Resource Hash

66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47476
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666179788250400"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 23 Oct 2022 17:53:17 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame FB9F 984 B
1 KB 295ms
295ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_ox-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_ox-db5_n-amobee&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

00b0bb16de8eae437365efd3da79ec0a5dd7bc7314351d5d440b409be1b87fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_rbd_ox-db5_n-amobee&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 984
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 23 Oct 2022 17:53:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 158KYCGK5TQHHHZMEY72

GET
H3

200

cm Show response
u.openx.net/w/1.0/ Frame E8C5
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...

583 B
380 B

295ms
194ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_ox-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: aac2522d7d4debe282b3deeed6f22a080410ff825829ad6c6fe692ef009b4cc2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 361
content-type: text/html
date: Sun, 23 Oct 2022 17:53:17 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 23 Oct 2022 17:53:16 GMT
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 64A0 281 B
554 B 771ms
254ms Document
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_ox-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 23 Oct 2022 17:53:17 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame DD90
Redirect Chain

https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=2387188589106948273

43 B
479 B

298ms
298ms

Document
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=2387188589106948273

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-LoopMe_ox-db5_rbd_n-amobee&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 23 Oct 2022 17:53:17 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: WS4XQFFE9ZM1W6YVTDHS

Redirect headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
date: Sun, 23 Oct 2022 17:53:16 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=2387188589106948273
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma: no-cache

GET
H2 204 services Show response
g2.gumgum.com/zones/1837ea27/ 0
247 B 817ms
271ms XHR
text/plain 52.193.163.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/zones/1837ea27/services?dp=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&pu=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&ogu=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fcovertail9&rf=&r=3.87.22&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.87.22%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=2c21d5dfeb0803379684a4f2d1c24503a7f62e7c&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1666547597200&to=0&vpii=false&vph=1200&vpw=1600
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.163.182 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-163-182.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.empowher.com
date: Sun, 23 Oct 2022 17:53:17 GMT
access-control-allow-credentials: true
server: nginx
timing-allow-origin: *
etag: "0d41d8cd98f00b204e9800998ecf8427e"

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame E8C5 43 B
479 B 299ms
298ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=d924827c-215a-8fa0-9483-71a1b935cf19

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Oct 2022 17:53:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 482BMGD4AMQVS80KNAK2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame E8C5
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=81f2fe01-3df0-345a-548d-f336d10604f9&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=81f2fe01-3df0-345a-548d-f336d10604f9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c4963f58-4c67-45bb-bcca-3f446d2c9cec&ttd_puid=81f2fe01-3df0-345a-548d-f336d10604f9&gdpr=0&gdpr_consent=

43 B
62 B

194ms
194ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=c4963f58-4c67-45bb-bcca-3f446d2c9cec&ttd_puid=81f2fe01-3df0-345a-548d-f336d10604f9&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:17 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:17 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=c4963f58-4c67-45bb-bcca-3f446d2c9cec&ttd_puid=81f2fe01-3df0-345a-548d-f336d10604f9&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame E8C5
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1V-jcCo8YEAAHKPTgYAAAAA

43 B
106 B

194ms
193ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1V-jcCo8YEAAHKPTgYAAAAA
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:18 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 3
Date: Sun, 23 Oct 2022 17:53:17 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":3,"gdpr":false,"ipv4":"173.245.209.112","key":"Y1V-jcCo8YEAAHKPTgYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40217"}
X-SO-Key: Y1V-jcCo8YEAAHKPTgYAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40217
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1V-jcCo8YEAAHKPTgYAAAAA
Cache-Control: private
X-SO-HostName: a-ad40217.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 0
X-SO-LB-Hostname: m-tgng29.dc4p.scaleout.jp
X-SO-IP: 173.245.209.112

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame E8C5
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AU_QTokakKQMks8ADv_jCIT2-s8AAAGEBfpDEQ

43 B
106 B

194ms
194ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AU_QTokakKQMks8ADv_jCIT2-s8AAAGEBfpDEQ
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:18 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:18 GMT
via: 1.1 f06aaad108598501fc8aab5df5423ad8.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN52-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AU_QTokakKQMks8ADv_jCIT2-s8AAAGEBfpDEQ
cache-control: no-cache
content-length: 0
x-amz-cf-id: vmmbU1RYDAi08bcXROgg9qxm3g-OIm7BipaIwnlmttcm5uddEIWlfg==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E8C5 170 B
262 B 195ms
194ms Image
image/png 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWQ5ZDJkY2ItZjQ4Ny02YWZlLTQxNmQtYTk4ZjFiZTRjYTk5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E8C5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMOg2ohl_I3Vu19ucN8E-FM&google_cver=1

43 B
180 B

193ms
193ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMOg2ohl_I3Vu19ucN8E-FM&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:17 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMOg2ohl_I3Vu19ucN8E-FM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK admi Show response
aax-fe-sin.amazon-adsystem.com/e/dtb/ Frame ACEC 5 KB
3 KB 1452ms
1058ms Document
text/html 52.119.187.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a&rnd=7359936628671666547595875&pp=qupybk&p=t54lq8&crid=2974:5045116
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.187.0 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 0e069aab9c03d3eba35a1e4e15b2e033b73503e011b5dff0540ea04e77022d80

Request headers

Referer: https://www.empowher.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: no-store, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2733
Content-Type: text/html;charset=UTF-8
Date: Sun, 23 Oct 2022 17:53:18 GMT
Server: Server
Vary: Accept-Encoding,User-Agent

GET
H2 200 csm_othersv5.js Show response
c.amazon-adsystem.com/bao-csm/direct/ Frame E1C9 52 KB
17 KB 222ms
221ms Script
application/javascript 13.225.2.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv5.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-2-118.sin52.r.cloudfront.net
Software: Server /
Resource Hash: ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0WyqeS5SAbZSamKVCpGGgZT.iZuHy6OT
content-encoding: gzip
via: 1.1 708b4a14c657950f2e7357eb30093182.cloudfront.net (CloudFront)
date: Sat, 22 Oct 2022 19:59:08 GMT
server: Server
x-amz-cf-pop: SIN52-C2
x-amz-rid: 0M4BDDHMDXY7RV1V79PF
etag: cea0ea9972e073858d8de90ee4cf862f
age: 78893
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: p9Kw8Nas4ciSqQHzOFl7SA5aqFF3QKKaf8ANGRRJU23OwLIlqtsOpQ==

GET
DATA 200
OK truncated
/ Frame E1C9 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a8f90024e627e1f88232bdb7f177e632cc0086bf8988f51828c048547e8233c

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 64A0 32 KB
10 KB 254ms
254ms Script
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 Oct 2022 17:53:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9946
Connection: keep-alive
Content-Length: 9455
Expires: Sun, 23 Oct 2022 20:39:03 GMT

GET
DATA 200
OK truncated
/ Frame FAA0 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 646a64f97e7ca5c37c5f9f6c0d910117a3ece78225aed53e0a5806caed884c78

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAA0 0
0 497ms
196ms Fetch
image/gif 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTdR15HHVnsShX_Ki-mT1A3-HOIh0kkOWkFHHfJqjCvTW8fhbKJp34G-cYUrV23N3PS1wTuFGTJ5tr8BhLFUrCbnKkjjop8daX_XXbf5g2drVu8o3bPp7e7NshKAqrXRgKKUGqMmmc3DP5H7QwCCnD3Go4mZeD9cOGILFH6SrCd0RuuquPL7gqiCn3BmoLMH_CT9rlYj60pPX7y5eTT8uZ-Rn-_B45W8sNgiiPOhTfu8S6v1JEyt7M2DsEMnJlYOpDHJOOR73xs43dSwMwvR-gztXyfkHOAF89gaTeJFpF97YFnpwywe03mDusgb_YT6r6zY64CIY&sai=AMfl-YRn4O-WC6OKQ44xAOaNA7Dhm6rZZHV57-DNptszvk_bphiINBeniRKcbwaldT6Jk9Kiy5FpDWrsv3wpzfrRe_6KF3HvhqfsChD6rv1Qc_yUM9GWG9LetvSeelPntyQCdL5Enw&sig=Cg0ArKJSzOz39cQK7VBPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 23 Oct 2022 17:53:18 GMT

GET
H/1.1 200
OK admi Show response
aax-fe-sin.amazon-adsystem.com/e/dtb/ Frame 9FA6 5 KB
3 KB 1445ms
1052ms Document
text/html 52.119.187.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj&rnd=7708285815651666547595913&pp=qupybk&p=t54lq8&crid=2974:5045116
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.187.0 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 89a28fb60cbbf25fd7f1f8954ea448fc92188d83a49b1085a2af13e4f19717f8

Request headers

Referer: https://www.empowher.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: no-store, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2744
Content-Type: text/html;charset=UTF-8
Date: Sun, 23 Oct 2022 17:53:19 GMT
Server: Server
Vary: Accept-Encoding,User-Agent

GET
H2 200 csm_othersv5.js Show response
c.amazon-adsystem.com/bao-csm/direct/ Frame A38D 52 KB
17 KB 222ms
221ms Script
application/javascript 13.225.2.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv5.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-2-118.sin52.r.cloudfront.net
Software: Server /
Resource Hash: ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0WyqeS5SAbZSamKVCpGGgZT.iZuHy6OT
content-encoding: gzip
via: 1.1 708b4a14c657950f2e7357eb30093182.cloudfront.net (CloudFront)
date: Sat, 22 Oct 2022 19:59:08 GMT
server: Server
x-amz-cf-pop: SIN52-C2
x-amz-rid: 0M4BDDHMDXY7RV1V79PF
etag: cea0ea9972e073858d8de90ee4cf862f
age: 78893
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: GLJ_eV9LZ9EcdOYWofn27-SR2jKr2jTo7mv0Ov1g2264iSvnJBkMSw==

GET
DATA 200
OK truncated
/ Frame A38D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e628fd05bb45972a7eda13d94f633c46a08e2a1cc949bf2f18c6544f74db134

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK admi Show response
aax-fe-sin.amazon-adsystem.com/e/dtb/ Frame B2BB 4 KB
3 KB 1455ms
1058ms Document
text/html 52.119.187.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW&rnd=2682420845261666547595895&pp=qupybk&p=bdul8g&crid=5045060
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.187.0 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a42cb1511e0ecf1b9267ae0c7c447b61b39bbbeabff381358b75fc664e0af969

Request headers

Referer: https://www.empowher.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: no-store, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2839
Content-Type: text/html;charset=UTF-8
Date: Sun, 23 Oct 2022 17:53:19 GMT
Server: Server
Vary: Accept-Encoding,User-Agent

GET
H2 200 csm_othersv5.js Show response
c.amazon-adsystem.com/bao-csm/direct/ Frame F3C8 52 KB
17 KB 221ms
219ms Script
application/javascript 13.225.2.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv5.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-2-118.sin52.r.cloudfront.net
Software: Server /
Resource Hash: ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0WyqeS5SAbZSamKVCpGGgZT.iZuHy6OT
content-encoding: gzip
via: 1.1 708b4a14c657950f2e7357eb30093182.cloudfront.net (CloudFront)
date: Sat, 22 Oct 2022 19:59:08 GMT
server: Server
x-amz-cf-pop: SIN52-C2
x-amz-rid: 0M4BDDHMDXY7RV1V79PF
etag: cea0ea9972e073858d8de90ee4cf862f
age: 78893
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: 5H5T1HNo5FqZvK2I1pRGcxZ0B6LnCr2ZKzj05dL2Cbbj278rvaeiXg==

GET
DATA 200
OK truncated
/ Frame F3C8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6cd42dc30d979bbd002c528b0615c835525058e820fdc3595194af64c157d4f

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 64A0 284 B
921 B 773ms
193ms Image
image/jpg 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: c80248407eff6cf595ce43a76c04e23f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 64A0
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L9LNESSA-A-M5BP
https://s.amazon-adsystem.com/ecm3?id=L9LNESSA-A-M5BP&ex=d-rubiconproject.com&status=ok

43 B
479 B

312ms
311ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=L9LNESSA-A-M5BP&ex=d-rubiconproject.com&status=ok

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Oct 2022 17:53:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SS58JEQ5CX9SE0EYJ5RJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=L9LNESSA-A-M5BP&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78008fe701b681dce86a72fc23cacc40
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 64A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMo1GxdFBw1qETp-1tdThVM&google_cver=1

42 B
678 B

768ms
192ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMo1GxdFBw1qETp-1tdThVM&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMo1GxdFBw1qETp-1tdThVM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 64A0
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/bkER0JnxJFEW6xod9QXnwA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4190231047972475105

42 B
678 B

281ms
193ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4190231047972475105
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 23 Oct 2022 17:53:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4190231047972475105
content-length: 0

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 64A0 43 B
855 B 1573ms
448ms Image
image/gif 52.95.126.138

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.126.138 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Oct 2022 17:53:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YMAVCGQQEGYKZESKPR9J
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 64A0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UoaWEafUR5mll93TTb7oaw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UoaWEafUR5mll93TTb7oaw

43 B
479 B

297ms
296ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UoaWEafUR5mll93TTb7oaw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Oct 2022 17:53:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: E7B56M1865YVYM30M4WZ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UoaWEafUR5mll93TTb7oaw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 64A0
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c4963f58-4c67-45bb-bcca-3f446d2c9cec&gdpr=0&gdpr_consent=&expires=30

42 B
678 B

774ms
194ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c4963f58-4c67-45bb-bcca-3f446d2c9cec&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: beb52df1a5a4b2f2cb3f37642c514298
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c4963f58-4c67-45bb-bcca-3f446d2c9cec&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64A0
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGZiMzAxZDJiNzIzMzZhMDA3YmM0MDZlOWVkZDY1Zjg5NGVjYWQ0Yw

170 B
188 B

194ms
193ms

Image
image/png

142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGZiMzAxZDJiNzIzMzZhMDA3YmM0MDZlOWVkZDY1Zjg5NGVjYWQ0Yw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGZiMzAxZDJiNzIzMzZhMDA3YmM0MDZlOWVkZDY1Zjg5NGVjYWQ0Yw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64A0
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlMTkVTU0EtQS1NNUJQ

170 B
188 B

197ms
196ms

Image
image/png

142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlMTkVTU0EtQS1NNUJQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlMTkVTU0EtQS1NNUJQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 64A0
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9LNESSA-A-M5BP

0
575 B

663ms
324ms

Image
text/plain

13.107.42.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9LNESSA-A-M5BP
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: H2
Server: 13.107.42.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:19 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: EFC1E8F6EC56447F9F0DFF4AE99A8145 Ref B: SYD03EDGE1615 Ref C: 2022-10-23T17:53:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXrt1mw27SKEPT5swCKKw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9LNESSA-A-M5BP
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200 06dfa228-b317-4fc5-97cb-3adcf8f742c4
beacon-sin1.rubiconproject.com/beacon/d/ Frame ACEC 43 B
378 B 973ms
195ms Image
image/avif 69.173.158.67

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-sin1.rubiconproject.com/beacon/d/06dfa228-b317-4fc5-97cb-3adcf8f742c4?oo=0&accountId=18020&siteId=191552&zoneId=931770&sizeId=2&e=6A1E40E384DA563B78AAC2AFFA8051A7C15A77530BEED71112F9303DE5229B8893BA61E5387C5DF7115D5705D39B4B37B0966B20783C1F1AB4EC601A3246FD69E04F4F72C928FD57502CF7BA68062B3ED75190367D166F1B3F400AAAF5065AFE374F44A1C5AA04646841304E79AFD358ABD36781645DA92990BB1DDF859762CD70BF54429B3EEC68E83E24FE4B7CA6A2DC4E841718DDB4516CDC5ABEC988D8C6F3517FCCC18F04190306116F5C187A21ECFEF12BC3E28388

Requested by

Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a&rnd=7359936628671666547595875&pp=qupybk&p=t54lq8&crid=2974:5045116

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

69.173.158.67 -, , ASN (),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Oct 2022 17:53:19 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 35B9BF8456262B97 Show response
pr.ybp.yahoo.com/ab/secure/true/imp/_RsMuIOkKMkj8V0hwmtt9iFhF1EVdV9-9wHe09vYtuiZelfoKgdBLWihA-sLl8SoQQLGOTYiHbrKy3v_kPteKIUU9xalmjCAfCNUf5vIofohRuEolXVqIe_xUg-xt3lryWQ9JFcgjpfstX7pWsiAju7x_glC278sM... Frame ACEC 3 KB
4 KB 603ms
204ms Script
text/javascript 106.10.218.42
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://pr.ybp.yahoo.com/ab/secure/true/imp/_RsMuIOkKMkj8V0hwmtt9iFhF1EVdV9-9wHe09vYtuiZelfoKgdBLWihA-sLl8SoQQLGOTYiHbrKy3v_kPteKIUU9xalmjCAfCNUf5vIofohRuEolXVqIe_xUg-xt3lryWQ9JFcgjpfstX7pWsiAju7x_glC278sMWJwa9_BUBrIrvKV2_d7JO0lHBDrEJxSgZOC0EnAVZjRNXPr5bEJd8OQz8ZF3gQlpeTJjM2Dbj_GdfLIgWB1uZf-n-a8qV5-9FBVmQz7EmGiutaOhx-oy0_7_9BiikqZDUvnVMF7Hg64B5tNFTKz2FfAE1ZzdCng0iOVm_3YlMFPKH5VM65SdettYDuQUsVie3jM0w8U54IeQATRAuQh7o7c6R12wiXZW6zGPPGNJUFfC4nhp-fHtTP4Y9oI7GGzB-xhabA88DSRMvcdm0ctKivMk6q_6stuhuPcUIQy7Hg9nR_9wDs4VHMy8-F-nQ92Aw0rrLRzktNObqaLasfdBrmpVk0ImgWh7tge0l-kJ3oZRTUbFWXT8OSufSSwF9ihzH0DsZJh2uXUFPahYkuq3sBPqEjQYBVj9VRoXe8RbM1uB8WEQ5NlYT4FqKcbv_jZQrPLAdg3ztOPwU0HRrbacQ6mJIBtd-RKk3rkg4oYFSZKevP5eCKrw-fyX9F5443ejuO1iThrq9BeY7w6Ng1uwxFc-gNwwMdzrQIffpxUSyI1t-dcsbSfZ91X4VlT1sQsHG-1kNOmUJeEZkFQbmKYuYdtbmRH3y6o4xpJAfXV4zglCEyIVC8EFiT7hEzFf5ukqOa57Fjc4VvlxVswjOxXsayR-_ehp0HjvIHLMFJ2Jx-P9v6aH4Ogu0tmzx6v8e_nce_g1YRaTDPM4AIMEOt8DZN4ct91fUluvcoS429qBXzMqyZpOMjG5cHtLlOh_W6uGpYi1jPl-E_rfQZGh3Lvu5CKze7ORJ6TqPQu3jL3XzsWnS8iLs17q-PTBgyE6ePi9IuQ7GfevbvzrHpeNFjLmsKCGedEgW28c_ccYIcOCmFqbKCrKboHQP8m_QGsKNW5W1BjtCVLfAMPqxVNONqFAR4xWz6eQhCLjktNju5hqa_2tMTiR-mWR8kTaAExlhs9r04ZX1qtkslgbqTTaMA2nRjzHr8_C6Q8KXH0I9GqwwotWRFyzIRbr2TB2g9RinMXgJxbTKmnM5RbRNo3mvp-srf95SCAB2A2PrN8y96Fo6o2rzKKlV2OEQAg-7OaYQqPtx7i2iEEyjrkaNv5KH5klA01ldy8lraGNBDhJfk6ahHz5UCvcad1p51mnesmvkGxgyVVqkKBjDUYeod2TMKN-ILDQ8DK3LK2IGL134sQVpZHJFicD6Km_Hqrj1tb6l8wGm1YqviMf0viDihQ6ugTTAQ1NfmAjjRa0J0hNEi2nNmq2PsW9R164fH8b-G7K3GORJB7PcvW5tMS3cmJT_O1xecBWmpWOSXReYYsL1eD2FRVg752ydQRxfzMCZtjew_EmrZBsrMifahcxGZU-yCnnGAFFKHXDrVIjJ0wMMPzXhD-OnJKZ0AYKdFRja_8RWUP/wp/35B9BF8456262B97

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

106.10.218.42 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

pr-ats-ing.pbp.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

4fc4050385b003f8d7a6f5ed9bf0b6c1d2e4b2bdaea8fdc5ffabe312135e4477

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/javascript
expiry: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
content-length: 3336
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content register
token.rubiconproject.com/ Frame ACEC 0
448 B 539ms
195ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/register?khaos=L9LNEPPN-1H-H6G5
Requested by: Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a&rnd=7359936628671666547595875&pp=qupybk&p=t54lq8&crid=2974:5045116
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK imp
aax-fe-sin.amazon-adsystem.com/e/dtb/ Frame ACEC 43 B
238 B 208ms
207ms Image
image/gif 52.119.187.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/imp?b=JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a&pp=qupybk&isip=1
Requested by: Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a&rnd=7359936628671666547595875&pp=qupybk&p=t54lq8&crid=2974:5045116
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.187.0 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a&rnd=7359936628671666547595875&pp=qupybk&p=t54lq8&crid=2974:5045116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 Oct 2022 17:53:18 GMT
Cache-Control: no-store, max-age=0
Server: Server
Connection: keep-alive
Content-Length: 43
Vary: User-Agent
Content-Type: image/gif

GET
H2 200 csm_view_only.js Show response
c.amazon-adsystem.com/ Frame ACEC 34 KB
35 KB 221ms
220ms Script
application/javascript 13.225.2.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/csm_view_only.js
Requested by: Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a&rnd=7359936628671666547595875&pp=qupybk&p=t54lq8&crid=2974:5045116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-2-118.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d4942a6c27e7ea76bef60f21fb00f72ee1398c6e57dda88bd2f6c53262e24e0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6XCYqJ9VNCa6zuSYdQhh9eQV97wejFRT
date: Sun, 23 Oct 2022 03:10:48 GMT
via: 1.1 708b4a14c657950f2e7357eb30093182.cloudfront.net (CloudFront)
last-modified: Mon, 19 Sep 2022 09:42:35 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 52951
etag: "cf208b3d9fe957abaf7afdfaac0387e9"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 35007
x-amz-cf-id: of-8tnWmsp2LILfKDmayoRZuiwhO06By-ykWAbSuutL_iznek1YF8Q==

GET
H/1.1 200 4794d46c-2d2d-4343-8cd2-9e4306832310
beacon-sin1.rubiconproject.com/beacon/d/ Frame 9FA6 43 B
378 B 736ms
195ms Image
image/avif 69.173.158.67

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-sin1.rubiconproject.com/beacon/d/4794d46c-2d2d-4343-8cd2-9e4306832310?oo=0&accountId=18020&siteId=191552&zoneId=931770&sizeId=2&e=6A1E40E384DA563B7E480BC40A4536034F661469C5F6784B7E00625446C9F4F4C70BA07F7C2E60AB5B0B45B32888617D6F4B98AE46EF0897F7D278E5A3318F2BE04F4F72C928FD57502CF7BA68062B3ED75190367D166F1B3F400AAAF5065AFE374F44A1C5AA04646841304E79AFD358C836F5F74E85A5BC0F88FC87FE432D4770BF54429B3EEC68E2F1178EB5FEDF73A760C8E927C2290767F7F78AE13DDC755E5D20DB24DC77F50AAA201C7F32B4BE2AED33C80FF7968E

Requested by

Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj&rnd=7708285815651666547595913&pp=qupybk&p=t54lq8&crid=2974:5045116

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

69.173.158.67 -, , ASN (),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Oct 2022 17:53:19 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 35B9BF8456262B97 Show response
pr.ybp.yahoo.com/ab/secure/true/imp/5EE-dpXNQbzTZiVXdiXAgzyvrytsVUCk0sgxkaObX9bh-dKflAeJS8iJVMLimoQ4waDBhNaubYeejP9LQdOOVBsf60m0fXLq-LraLypidb4-6OUQqZXn2DrKM8ijtovVgOHmuu_Azh-e-NS_RoPchm7iuQN_ueCDP... Frame 9FA6 3 KB
4 KB 500ms
393ms Script
text/javascript 106.10.218.42
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://pr.ybp.yahoo.com/ab/secure/true/imp/5EE-dpXNQbzTZiVXdiXAgzyvrytsVUCk0sgxkaObX9bh-dKflAeJS8iJVMLimoQ4waDBhNaubYeejP9LQdOOVBsf60m0fXLq-LraLypidb4-6OUQqZXn2DrKM8ijtovVgOHmuu_Azh-e-NS_RoPchm7iuQN_ueCDPvvOvUd4IcsdK7fRqmO0l7XFVCpUxgtrhrm7SVcwbDyBumDEY1_X5VL_oP_XNCP0kpQfMo5UM1OZtwIazYoQDSieqLK-RYoUoyiSz04yq41N_wFfrsSsdLxxVxV0PZHJsgeZ7kwO0_cPTMB8D1RzDHqf982vdywYuPZom7ysSMEPsAbFRYKdOxefEC4p42VRs0ljc9JwC-V4hF-p02W3Ge3cpMcpfMrszSaDAwOhrBBroPkD3jADL__Of1xbAupJ1yRcJfoiWdo7f3jbugiISu-jYaI1bdHbhE5blzyW9JlJFEv_T9P5E5Y1k7kDvxPaV0wQy1d3xGpHIwKrV1Nn_QO8P3sX4afJxM6hPkUrfEcuG2e9PbvrbH4wycggkwiUa3bsmn-26VUHTkwiXxhRwE_XcTiFKf8ne4NQrwJfjnBHugvrEpo4JRVCnbvmxHpY5kesJdsDXIf5HKkF5lltuNGzDVDrr6YrnNDqGW2UdcwkUJjGNy5gbHFrTn0pTU4cVrvHjhx7RzgjkgHskraM28NpL6Xqb-hNKKL6RxW2I0tML7Xq2ZsFQsxtwtjLUNguI3vSFhzky2abhwWJMGNZGmpM4wsCzaIpnUYPb1zy75x1ClIIPJCgS5D8NqEvLK_cu86nn8sfTg-CMTNerGh2lGSh_v2cyp1Zy5nJawT0D6tavnerrYJsMVyaLROrO8AOaj0YfNSRGZ9hBNDd4kwtSjEyn-UnSA3VftKYoREBiutjCXafWxg5d1LdDivJX7JKIlnXfaVw9kw7LoB1WPCxQjyZiETtjF6Mcr8k4EFbukmD7VcottYkHHES2uQJdS9Msiy9WHje9Y5D3ahGvm3RPyKIvaKg5wuIO6AdpBIF6TYELPCabNMTJ9lTGpZScxsRf6n7NZKI6S_02Q-35ZZE-ZsiIq88ko4n6URrk6ErEkNgjTPaEloCHaFaELS0CfiPO_eGF8kYngV1_EXpkeS5zf2YtG_qBOG3q6Xg1WrmBqSFugHAJkD9HU-5abHoU3vBiJ5FxQBpHRkve2_cP8b_FELkT6CYaREBhiGLiTmw1l0fJZO9qqybcw0hDAzftco6vgiZ5pjipZGbsx-Yh7xfnnH1R1vzTlCNmLt6wwIdUCVWuP5klo7Xqy2kmIdQD7r0paK0NcOGfikSYJVMjh5DHLv2xFxqBLe2sbfZPYg-m1ayJ1TBQBdwjq0VEPVYDHz0HFpPO7qErvBL9sMrkfLUtKCoZoYCpMRHwTif_yCLMPvV51qCqLw01Sg5RoqZfPIKOKVpJtL9M3sX5n8XyDpJIeWT7nI00NLzhaiLZfd-ew-qPZE1m_vKDAICN5vsmgj9HB862N2XwSop5AwtF9itLNIgWHJmGaNKyG9TMrud3YyLCILw88RFtK_RUFvGDpJWeuTYDhpHIc8/wp/35B9BF8456262B97

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

106.10.218.42 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

pr-ats-ing.pbp.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

01c99f21455c85f6e0f9132807541d12dd2d41536fbd0a8f20637bb82a36f0a4

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/javascript
expiry: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
content-length: 3322
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content register
token.rubiconproject.com/ Frame 9FA6 0
448 B 246ms
194ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/register?khaos=L9LNEPPO-1L-3BUT
Requested by: Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj&rnd=7708285815651666547595913&pp=qupybk&p=t54lq8&crid=2974:5045116
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK imp
aax-fe-sin.amazon-adsystem.com/e/dtb/ Frame 9FA6 43 B
238 B 211ms
210ms Image
image/gif 52.119.187.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/imp?b=JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj&pp=qupybk&isip=1
Requested by: Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj&rnd=7708285815651666547595913&pp=qupybk&p=t54lq8&crid=2974:5045116
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.187.0 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj&rnd=7708285815651666547595913&pp=qupybk&p=t54lq8&crid=2974:5045116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 Oct 2022 17:53:19 GMT
Cache-Control: no-store, max-age=0
Server: Server
Connection: keep-alive
Content-Length: 43
Vary: User-Agent
Content-Type: image/gif

GET
H2 200 csm_view_only.js Show response
c.amazon-adsystem.com/ Frame 9FA6 34 KB
35 KB 221ms
220ms Script
application/javascript 13.225.2.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/csm_view_only.js
Requested by: Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj&rnd=7708285815651666547595913&pp=qupybk&p=t54lq8&crid=2974:5045116
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-2-118.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d4942a6c27e7ea76bef60f21fb00f72ee1398c6e57dda88bd2f6c53262e24e0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6XCYqJ9VNCa6zuSYdQhh9eQV97wejFRT
date: Sun, 23 Oct 2022 03:10:48 GMT
via: 1.1 708b4a14c657950f2e7357eb30093182.cloudfront.net (CloudFront)
last-modified: Mon, 19 Sep 2022 09:42:35 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 52952
etag: "cf208b3d9fe957abaf7afdfaac0387e9"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 35007
x-amz-cf-id: 362jhib_0da-fakEVJNdAp7tI3mK9A9DurdMagS5WqsunlRTqlkjtg==

GET
H/1.1 200
OK imp
aax-fe-sin.amazon-adsystem.com/e/dtb/ Frame B2BB 43 B
238 B 211ms
211ms Image
image/gif 52.119.187.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/imp?b=JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW&pp=qupybk&isip=1
Requested by: Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW&rnd=2682420845261666547595895&pp=qupybk&p=bdul8g&crid=5045060
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.187.0 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW&rnd=2682420845261666547595895&pp=qupybk&p=bdul8g&crid=5045060
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 Oct 2022 17:53:19 GMT
Cache-Control: no-store, max-age=0
Server: Server
Connection: keep-alive
Content-Length: 43
Vary: User-Agent
Content-Type: image/gif

GET
H2 200 csm_view_only.js Show response
c.amazon-adsystem.com/ Frame B2BB 34 KB
35 KB 231ms
230ms Script
application/javascript 13.225.2.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/csm_view_only.js
Requested by: Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW&rnd=2682420845261666547595895&pp=qupybk&p=bdul8g&crid=5045060
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-2-118.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d4942a6c27e7ea76bef60f21fb00f72ee1398c6e57dda88bd2f6c53262e24e0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6XCYqJ9VNCa6zuSYdQhh9eQV97wejFRT
date: Sun, 23 Oct 2022 03:10:48 GMT
via: 1.1 708b4a14c657950f2e7357eb30093182.cloudfront.net (CloudFront)
last-modified: Mon, 19 Sep 2022 09:42:35 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 52952
etag: "cf208b3d9fe957abaf7afdfaac0387e9"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 35007
x-amz-cf-id: cTnZaLJwjg7MVIs5Mlzx8c8EAucJxnWjlL1LPtH-1YksCW8l9Y-eDQ==

GET
H2 200 AAABhAX6NPhuohZbZDv_fVhPJi3Px88-sEObNg Show response
pr.ybp.yahoo.com/ab/secure/true/imp/0q-n7X6zDWfaXs-OQQGK_b7eYVcpPufyrBrxS_Pr8W7LyklXAiZFqO3PUdnS7dOlZ7ABVleGqnfaZR_9IWvfUskPuFYlwwjolsbwWDugc4zsjffD1Xj4r1zDO6qK5pn2S3Vo22kzqsbsWXCAKntRVk-HMdA7UuAW8... Frame B2BB 3 KB
4 KB 260ms
205ms Script
text/javascript 106.10.218.42
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://pr.ybp.yahoo.com/ab/secure/true/imp/0q-n7X6zDWfaXs-OQQGK_b7eYVcpPufyrBrxS_Pr8W7LyklXAiZFqO3PUdnS7dOlZ7ABVleGqnfaZR_9IWvfUskPuFYlwwjolsbwWDugc4zsjffD1Xj4r1zDO6qK5pn2S3Vo22kzqsbsWXCAKntRVk-HMdA7UuAW872_wzIe3t4fujo7pW4-PbZVc-SYjuPTLVfs5Uj-BGCYHZ4Owa6SUjiZnwmkiVE0lgFmYpJa9p_vuC2qYVDC7Nwj3v4kQJlFThN3l7-TSp5UZXWsVY6tgxWR9Op6qemdbBvya8BQPzQOifXhl8mzKUJQpm6XxVFPgKQ1lusfcrsYeq9dBQ6coHRWM3Brabv0Ck6pLmyU5hVkm2_GbBkhmY7xa-SLlQyeyvHqfIk3NTMo3G7bSRPm0bEJF_kefKi8IpoM0stnL27lB-NCu2O7fDnpPNJ8ZgsjAPBHI_pcalN-OZEcp0mhOEIqtSjNd7dNt3gqiO6YoBgSJ27PHIneuGTSMpy_39tjF2I1oqKbYkIWwuYxQvXF4orRfRXmmi1_amsR5wlZHyk-rIL1O1aS8sS0gRHTDbsC-W95Fs7WtkkMqAwwC2il4cah8qjShaiFirghBv3NzphexXEyX9KB0QwuK-hMsCetw18dwt0etyd5QFINjNZNcfqk4uzEKbCZBxXa-l5HlRyvzHQVoR4lA4Ur0w4V3wUkZXv4_iROTJQV-9PxcjpasMEoi4chBIxPG2bI5jVQfqGHRSIpSsdHdkGWAP91l6SWUVkv7laNDiraZEqVjqYe24E9th12y7zGD7JCDmJ3GtANkEoSYFXSq2WjlJWfRiR4UfbBxY-2fNQVZWMRywNqwY7A9pf-Iw-kZtlCKaKKtvicLcfmi2_bCxK8gLb9qFxPJtLY5kE3NmgJrl1CiGY5uOVNkKeMOqe8nFlgJKPP5Y2qeyXtAhVOBHq4TVchj0gKbBg9cf8VhtpMiIgFFXbeQOxkz61tnl1Wwx_3fLFDNz2QErxLKkq6gW-EyElJZQIAZmaxQY7nJ9EVc5CIKAzYqV2ENEiKph3NqYhRW_6DX82V0Ew33drQNH0AD9dEdvWcjPa5j7SpiZNcb9Hfiwkmx8vX8wGfLHAR0RfCJawfkiWhUXj5Upi__UK8zpwsaOj3x6k8FCJuPlKlX9neF0rRGPo1R74feK6Lw54CplbQ-p3M4j0dSUAq0wbrrk5AyRJTdhch74uiA8uNxt19wcMN4fyyjoucvvihFCUv3WRNgf-BsMkhqso9gj_dJPZ1807aKK99w_PCVnYELeaDLQlEnrr4bw5brpST6GIWzt5P7U0EKlNYkFx0f6kd9GVqTu0wrHyc8SNTJm6_QaLpcRYhYpcYst9Pl8nikPMCL-RmJzTOXp7oU7663i7LWAZuUfygyelJkclXoH28OzeBTM6NpMEfdRqbozjAdpNFEUSEEIPTwkIUmfz-z120e_K0UFAz8GWLAJTua_FG7haDOJa8Jm_SGU0RMqp2_dIo3hkaslk/wp/AAABhAX6NPhuohZbZDv_fVhPJi3Px88-sEObNg

Requested by

Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW&rnd=2682420845261666547595895&pp=qupybk&p=bdul8g&crid=5045060

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

106.10.218.42 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

pr-ats-ing.pbp.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

62e127b1ca9a253499e0ae40a6d473a91b7e679dec727251d62c287d0a86606d

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/javascript
expiry: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
content-length: 3340
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 a9
ox-rtb-asia-southeast1.openx.net/win/ Frame B2BB 43 B
374 B 399ms
196ms Image
image/gif 34.96.111.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ox-rtb-asia-southeast1.openx.net/win/a9?p=Y1V_jwAA_eit_2IkGozA_DG2ph3Q5aHOCH_fFw&t=2DAABBgABAAECAAIBAAsAAgAAAZkcGAoyaUU0Qlc5Q1J5HBber7rDnqqKzxQWr827xte1wsf0AQAcFv3jpfG_iKz8nQEW_fHA39r13obiAQAWlP6rtQwVBgAsHBUCABwVAgAcFQIAABwmuqyVgwQVBBUEJrislYMEFsyqlYMEJQIVAqYYFhgWGBYYFhgWGBYYFhwAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWqtqYgAQW_MGbgAQWjsW2gwQWgsW2gwQVGBwUsAkU2AQAFQQmHBYcFhwRNQ4mHAAsLBbv9M2219bY9YkBFsPzyYHN2a_M7gEAFpT-q7UMBiiq2piABBb8wZuABBaCxbaDBBaOxbaDBBgHNTA0NTA2MBbGz04WHCUEFgAYBDEzMTYVApa6iokDESgCT1gMehTYCRTaBAAWAhgDcnRiANwbAogYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBWZhbHNlHk1MX0ZFRV9PUFRJTUlaRVJfSU5TVEFOQ0VfVFlQRQVvdGhlcgCsOBR0cmF2ZWxhc3NvY2lhdGVzLmNvbQAAAA&ph=a2bf9d7a-e644-4ead-a00a-7c3fd53db43e&pmd=1
Requested by: Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW&rnd=2682420845261666547595895&pp=qupybk&p=bdul8g&crid=5045060
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.111.110 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:19 GMT
via: 1.1 google
server: Cowboy
vary: Origin
content-type: image/gif
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 9ad4jr8d72sqaeg7ida3qoar1h4avoon
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ypd_assemble_html5_ad_v2.js Show response
s.yimg.com/ch/html5/ Frame ACEC 1 KB
1 KB 737ms
199ms Script
application/javascript 119.161.10.12

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ch/html5/ypd_assemble_html5_ad_v2.js

Requested by

Host: pr.ybp.yahoo.com
URL: https://pr.ybp.yahoo.com/ab/secure/true/imp/_RsMuIOkKMkj8V0hwmtt9iFhF1EVdV9-9wHe09vYtuiZelfoKgdBLWihA-sLl8SoQQLGOTYiHbrKy3v_kPteKIUU9xalmjCAfCNUf5vIofohRuEolXVqIe_xUg-xt3lryWQ9JFcgjpfstX7pWsiAju7x_glC278sMWJwa9_BUBrIrvKV2_d7JO0lHBDrEJxSgZOC0EnAVZjRNXPr5bEJd8OQz8ZF3gQlpeTJjM2Dbj_GdfLIgWB1uZf-n-a8qV5-9FBVmQz7EmGiutaOhx-oy0_7_9BiikqZDUvnVMF7Hg64B5tNFTKz2FfAE1ZzdCng0iOVm_3YlMFPKH5VM65SdettYDuQUsVie3jM0w8U54IeQATRAuQh7o7c6R12wiXZW6zGPPGNJUFfC4nhp-fHtTP4Y9oI7GGzB-xhabA88DSRMvcdm0ctKivMk6q_6stuhuPcUIQy7Hg9nR_9wDs4VHMy8-F-nQ92Aw0rrLRzktNObqaLasfdBrmpVk0ImgWh7tge0l-kJ3oZRTUbFWXT8OSufSSwF9ihzH0DsZJh2uXUFPahYkuq3sBPqEjQYBVj9VRoXe8RbM1uB8WEQ5NlYT4FqKcbv_jZQrPLAdg3ztOPwU0HRrbacQ6mJIBtd-RKk3rkg4oYFSZKevP5eCKrw-fyX9F5443ejuO1iThrq9BeY7w6Ng1uwxFc-gNwwMdzrQIffpxUSyI1t-dcsbSfZ91X4VlT1sQsHG-1kNOmUJeEZkFQbmKYuYdtbmRH3y6o4xpJAfXV4zglCEyIVC8EFiT7hEzFf5ukqOa57Fjc4VvlxVswjOxXsayR-_ehp0HjvIHLMFJ2Jx-P9v6aH4Ogu0tmzx6v8e_nce_g1YRaTDPM4AIMEOt8DZN4ct91fUluvcoS429qBXzMqyZpOMjG5cHtLlOh_W6uGpYi1jPl-E_rfQZGh3Lvu5CKze7ORJ6TqPQu3jL3XzsWnS8iLs17q-PTBgyE6ePi9IuQ7GfevbvzrHpeNFjLmsKCGedEgW28c_ccYIcOCmFqbKCrKboHQP8m_QGsKNW5W1BjtCVLfAMPqxVNONqFAR4xWz6eQhCLjktNju5hqa_2tMTiR-mWR8kTaAExlhs9r04ZX1qtkslgbqTTaMA2nRjzHr8_C6Q8KXH0I9GqwwotWRFyzIRbr2TB2g9RinMXgJxbTKmnM5RbRNo3mvp-srf95SCAB2A2PrN8y96Fo6o2rzKKlV2OEQAg-7OaYQqPtx7i2iEEyjrkaNv5KH5klA01ldy8lraGNBDhJfk6ahHz5UCvcad1p51mnesmvkGxgyVVqkKBjDUYeod2TMKN-ILDQ8DK3LK2IGL134sQVpZHJFicD6Km_Hqrj1tb6l8wGm1YqviMf0viDihQ6ugTTAQ1NfmAjjRa0J0hNEi2nNmq2PsW9R164fH8b-G7K3GORJB7PcvW5tMS3cmJT_O1xecBWmpWOSXReYYsL1eD2FRVg752ydQRxfzMCZtjew_EmrZBsrMifahcxGZU-yCnnGAFFKHXDrVIjJ0wMMPzXhD-OnJKZ0AYKdFRja_8RWUP/wp/35B9BF8456262B97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

44d72b2a243cac67ff4b1c1a86da71e3d392ee998a98ba2b70b1c3789351804d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 03:11:40 GMT
x-amz-version-id: null
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: NAWV5FHDJKRP9ZE1
age: 52901
x-amz-server-side-encryption: AES256
x-amz-id-2: iOViL5IkFwwo2xmIsi+NV7J7NZvzRuvL90jj1SfrELX0MYEI06IdePQPns/s0mFFwSrMG6RNltA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Apr 2020 21:31:50 GMT
server: ATS
etag: "4e35383cafebd24c53a0b609c80aa6e9-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 EWipdd44kp.gif
pixel.zprk.io/v5/pixel/ Frame ACEC 35 B
394 B 731ms
193ms Image
image/gif 54.255.143.58

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.zprk.io/v5/pixel/EWipdd44kp.gif?ssid=1&adid=
Requested by: Host: pr.ybp.yahoo.com
URL: https://pr.ybp.yahoo.com/ab/secure/true/imp/_RsMuIOkKMkj8V0hwmtt9iFhF1EVdV9-9wHe09vYtuiZelfoKgdBLWihA-sLl8SoQQLGOTYiHbrKy3v_kPteKIUU9xalmjCAfCNUf5vIofohRuEolXVqIe_xUg-xt3lryWQ9JFcgjpfstX7pWsiAju7x_glC278sMWJwa9_BUBrIrvKV2_d7JO0lHBDrEJxSgZOC0EnAVZjRNXPr5bEJd8OQz8ZF3gQlpeTJjM2Dbj_GdfLIgWB1uZf-n-a8qV5-9FBVmQz7EmGiutaOhx-oy0_7_9BiikqZDUvnVMF7Hg64B5tNFTKz2FfAE1ZzdCng0iOVm_3YlMFPKH5VM65SdettYDuQUsVie3jM0w8U54IeQATRAuQh7o7c6R12wiXZW6zGPPGNJUFfC4nhp-fHtTP4Y9oI7GGzB-xhabA88DSRMvcdm0ctKivMk6q_6stuhuPcUIQy7Hg9nR_9wDs4VHMy8-F-nQ92Aw0rrLRzktNObqaLasfdBrmpVk0ImgWh7tge0l-kJ3oZRTUbFWXT8OSufSSwF9ihzH0DsZJh2uXUFPahYkuq3sBPqEjQYBVj9VRoXe8RbM1uB8WEQ5NlYT4FqKcbv_jZQrPLAdg3ztOPwU0HRrbacQ6mJIBtd-RKk3rkg4oYFSZKevP5eCKrw-fyX9F5443ejuO1iThrq9BeY7w6Ng1uwxFc-gNwwMdzrQIffpxUSyI1t-dcsbSfZ91X4VlT1sQsHG-1kNOmUJeEZkFQbmKYuYdtbmRH3y6o4xpJAfXV4zglCEyIVC8EFiT7hEzFf5ukqOa57Fjc4VvlxVswjOxXsayR-_ehp0HjvIHLMFJ2Jx-P9v6aH4Ogu0tmzx6v8e_nce_g1YRaTDPM4AIMEOt8DZN4ct91fUluvcoS429qBXzMqyZpOMjG5cHtLlOh_W6uGpYi1jPl-E_rfQZGh3Lvu5CKze7ORJ6TqPQu3jL3XzsWnS8iLs17q-PTBgyE6ePi9IuQ7GfevbvzrHpeNFjLmsKCGedEgW28c_ccYIcOCmFqbKCrKboHQP8m_QGsKNW5W1BjtCVLfAMPqxVNONqFAR4xWz6eQhCLjktNju5hqa_2tMTiR-mWR8kTaAExlhs9r04ZX1qtkslgbqTTaMA2nRjzHr8_C6Q8KXH0I9GqwwotWRFyzIRbr2TB2g9RinMXgJxbTKmnM5RbRNo3mvp-srf95SCAB2A2PrN8y96Fo6o2rzKKlV2OEQAg-7OaYQqPtx7i2iEEyjrkaNv5KH5klA01ldy8lraGNBDhJfk6ahHz5UCvcad1p51mnesmvkGxgyVVqkKBjDUYeod2TMKN-ILDQ8DK3LK2IGL134sQVpZHJFicD6Km_Hqrj1tb6l8wGm1YqviMf0viDihQ6ugTTAQ1NfmAjjRa0J0hNEi2nNmq2PsW9R164fH8b-G7K3GORJB7PcvW5tMS3cmJT_O1xecBWmpWOSXReYYsL1eD2FRVg752ydQRxfzMCZtjew_EmrZBsrMifahcxGZU-yCnnGAFFKHXDrVIjJ0wMMPzXhD-OnJKZ0AYKdFRja_8RWUP/wp/35B9BF8456262B97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.143.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:20 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 35
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: image/gif

GET
H2 200 inside.js Show response
cdn.js7k.com/rq/iv/ Frame ACEC 43 KB
15 KB 736ms
198ms Script
application/javascript 106.10.236.40

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/rq/iv/inside.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

106.10.236.40 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: HGSVM4TRMVPZKRTK
age: 2859
x-amz-server-side-encryption: AES256
content-length: 14353
x-amz-id-2: LIkPCS0AxG3EBEk42WuV6Gsep6cM73wcXtF2o6M3IcQG9Rcfz8PcExImBiEP4+AL5aSQ9q5I8Jg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Sep 2021 15:05:50 GMT
server: ATS
etag: "8ceeaab271ed688991789ed1090cb398-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame ACEC 565 B
816 B 737ms
199ms Image
image/png 119.161.10.12

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 13:01:28 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: BE7P7H33GRCXGS0J
age: 17513
x-amz-server-side-encryption: AES256
content-length: 565
x-amz-id-2: GX9cjiJ2JVzwgYC49h9pMKkh6ff0sXbGVmpof8lYltYCJ80wVUdE6ppt2B2qZ2+idZkvkpI6DVA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Jul 2020 18:15:42 GMT
server: ATS
etag: "349bad1100a940608cb9109eb2b166a2"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: max-age=15552000, public
accept-ranges: bytes

GET
H2 200 ypd_assemble_html5_ad_v2.js Show response
s.yimg.com/ch/html5/ Frame B2BB 1 KB
681 B 795ms
260ms Script
application/javascript 119.161.10.12

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ch/html5/ypd_assemble_html5_ad_v2.js

Requested by

Host: pr.ybp.yahoo.com
URL: https://pr.ybp.yahoo.com/ab/secure/true/imp/0q-n7X6zDWfaXs-OQQGK_b7eYVcpPufyrBrxS_Pr8W7LyklXAiZFqO3PUdnS7dOlZ7ABVleGqnfaZR_9IWvfUskPuFYlwwjolsbwWDugc4zsjffD1Xj4r1zDO6qK5pn2S3Vo22kzqsbsWXCAKntRVk-HMdA7UuAW872_wzIe3t4fujo7pW4-PbZVc-SYjuPTLVfs5Uj-BGCYHZ4Owa6SUjiZnwmkiVE0lgFmYpJa9p_vuC2qYVDC7Nwj3v4kQJlFThN3l7-TSp5UZXWsVY6tgxWR9Op6qemdbBvya8BQPzQOifXhl8mzKUJQpm6XxVFPgKQ1lusfcrsYeq9dBQ6coHRWM3Brabv0Ck6pLmyU5hVkm2_GbBkhmY7xa-SLlQyeyvHqfIk3NTMo3G7bSRPm0bEJF_kefKi8IpoM0stnL27lB-NCu2O7fDnpPNJ8ZgsjAPBHI_pcalN-OZEcp0mhOEIqtSjNd7dNt3gqiO6YoBgSJ27PHIneuGTSMpy_39tjF2I1oqKbYkIWwuYxQvXF4orRfRXmmi1_amsR5wlZHyk-rIL1O1aS8sS0gRHTDbsC-W95Fs7WtkkMqAwwC2il4cah8qjShaiFirghBv3NzphexXEyX9KB0QwuK-hMsCetw18dwt0etyd5QFINjNZNcfqk4uzEKbCZBxXa-l5HlRyvzHQVoR4lA4Ur0w4V3wUkZXv4_iROTJQV-9PxcjpasMEoi4chBIxPG2bI5jVQfqGHRSIpSsdHdkGWAP91l6SWUVkv7laNDiraZEqVjqYe24E9th12y7zGD7JCDmJ3GtANkEoSYFXSq2WjlJWfRiR4UfbBxY-2fNQVZWMRywNqwY7A9pf-Iw-kZtlCKaKKtvicLcfmi2_bCxK8gLb9qFxPJtLY5kE3NmgJrl1CiGY5uOVNkKeMOqe8nFlgJKPP5Y2qeyXtAhVOBHq4TVchj0gKbBg9cf8VhtpMiIgFFXbeQOxkz61tnl1Wwx_3fLFDNz2QErxLKkq6gW-EyElJZQIAZmaxQY7nJ9EVc5CIKAzYqV2ENEiKph3NqYhRW_6DX82V0Ew33drQNH0AD9dEdvWcjPa5j7SpiZNcb9Hfiwkmx8vX8wGfLHAR0RfCJawfkiWhUXj5Upi__UK8zpwsaOj3x6k8FCJuPlKlX9neF0rRGPo1R74feK6Lw54CplbQ-p3M4j0dSUAq0wbrrk5AyRJTdhch74uiA8uNxt19wcMN4fyyjoucvvihFCUv3WRNgf-BsMkhqso9gj_dJPZ1807aKK99w_PCVnYELeaDLQlEnrr4bw5brpST6GIWzt5P7U0EKlNYkFx0f6kd9GVqTu0wrHyc8SNTJm6_QaLpcRYhYpcYst9Pl8nikPMCL-RmJzTOXp7oU7663i7LWAZuUfygyelJkclXoH28OzeBTM6NpMEfdRqbozjAdpNFEUSEEIPTwkIUmfz-z120e_K0UFAz8GWLAJTua_FG7haDOJa8Jm_SGU0RMqp2_dIo3hkaslk/wp/AAABhAX6NPhuohZbZDv_fVhPJi3Px88-sEObNg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

44d72b2a243cac67ff4b1c1a86da71e3d392ee998a98ba2b70b1c3789351804d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 03:11:40 GMT
x-amz-version-id: null
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: NAWV5FHDJKRP9ZE1
age: 52901
x-amz-server-side-encryption: AES256
content-length: 639
x-amz-id-2: iOViL5IkFwwo2xmIsi+NV7J7NZvzRuvL90jj1SfrELX0MYEI06IdePQPns/s0mFFwSrMG6RNltA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Apr 2020 21:31:50 GMT
server: ATS
etag: "4e35383cafebd24c53a0b609c80aa6e9-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 EWipdd44kp.gif
pixel.zprk.io/v5/pixel/ Frame B2BB 35 B
391 B 729ms
194ms Image
image/gif 54.255.143.58

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.zprk.io/v5/pixel/EWipdd44kp.gif?ssid=1&adid=
Requested by: Host: pr.ybp.yahoo.com
URL: https://pr.ybp.yahoo.com/ab/secure/true/imp/0q-n7X6zDWfaXs-OQQGK_b7eYVcpPufyrBrxS_Pr8W7LyklXAiZFqO3PUdnS7dOlZ7ABVleGqnfaZR_9IWvfUskPuFYlwwjolsbwWDugc4zsjffD1Xj4r1zDO6qK5pn2S3Vo22kzqsbsWXCAKntRVk-HMdA7UuAW872_wzIe3t4fujo7pW4-PbZVc-SYjuPTLVfs5Uj-BGCYHZ4Owa6SUjiZnwmkiVE0lgFmYpJa9p_vuC2qYVDC7Nwj3v4kQJlFThN3l7-TSp5UZXWsVY6tgxWR9Op6qemdbBvya8BQPzQOifXhl8mzKUJQpm6XxVFPgKQ1lusfcrsYeq9dBQ6coHRWM3Brabv0Ck6pLmyU5hVkm2_GbBkhmY7xa-SLlQyeyvHqfIk3NTMo3G7bSRPm0bEJF_kefKi8IpoM0stnL27lB-NCu2O7fDnpPNJ8ZgsjAPBHI_pcalN-OZEcp0mhOEIqtSjNd7dNt3gqiO6YoBgSJ27PHIneuGTSMpy_39tjF2I1oqKbYkIWwuYxQvXF4orRfRXmmi1_amsR5wlZHyk-rIL1O1aS8sS0gRHTDbsC-W95Fs7WtkkMqAwwC2il4cah8qjShaiFirghBv3NzphexXEyX9KB0QwuK-hMsCetw18dwt0etyd5QFINjNZNcfqk4uzEKbCZBxXa-l5HlRyvzHQVoR4lA4Ur0w4V3wUkZXv4_iROTJQV-9PxcjpasMEoi4chBIxPG2bI5jVQfqGHRSIpSsdHdkGWAP91l6SWUVkv7laNDiraZEqVjqYe24E9th12y7zGD7JCDmJ3GtANkEoSYFXSq2WjlJWfRiR4UfbBxY-2fNQVZWMRywNqwY7A9pf-Iw-kZtlCKaKKtvicLcfmi2_bCxK8gLb9qFxPJtLY5kE3NmgJrl1CiGY5uOVNkKeMOqe8nFlgJKPP5Y2qeyXtAhVOBHq4TVchj0gKbBg9cf8VhtpMiIgFFXbeQOxkz61tnl1Wwx_3fLFDNz2QErxLKkq6gW-EyElJZQIAZmaxQY7nJ9EVc5CIKAzYqV2ENEiKph3NqYhRW_6DX82V0Ew33drQNH0AD9dEdvWcjPa5j7SpiZNcb9Hfiwkmx8vX8wGfLHAR0RfCJawfkiWhUXj5Upi__UK8zpwsaOj3x6k8FCJuPlKlX9neF0rRGPo1R74feK6Lw54CplbQ-p3M4j0dSUAq0wbrrk5AyRJTdhch74uiA8uNxt19wcMN4fyyjoucvvihFCUv3WRNgf-BsMkhqso9gj_dJPZ1807aKK99w_PCVnYELeaDLQlEnrr4bw5brpST6GIWzt5P7U0EKlNYkFx0f6kd9GVqTu0wrHyc8SNTJm6_QaLpcRYhYpcYst9Pl8nikPMCL-RmJzTOXp7oU7663i7LWAZuUfygyelJkclXoH28OzeBTM6NpMEfdRqbozjAdpNFEUSEEIPTwkIUmfz-z120e_K0UFAz8GWLAJTua_FG7haDOJa8Jm_SGU0RMqp2_dIo3hkaslk/wp/AAABhAX6NPhuohZbZDv_fVhPJi3Px88-sEObNg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.143.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:20 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 35
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: image/gif

GET
H2 200 inside.js Show response
cdn.js7k.com/rq/iv/ Frame B2BB 43 KB
14 KB 925ms
391ms Script
application/javascript 106.10.236.40

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/rq/iv/inside.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

106.10.236.40 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: HGSVM4TRMVPZKRTK
age: 2859
x-amz-server-side-encryption: AES256
content-length: 14353
x-amz-id-2: LIkPCS0AxG3EBEk42WuV6Gsep6cM73wcXtF2o6M3IcQG9Rcfz8PcExImBiEP4+AL5aSQ9q5I8Jg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Sep 2021 15:05:50 GMT
server: ATS
etag: "8ceeaab271ed688991789ed1090cb398-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame B2BB 565 B
603 B 786ms
261ms Image
image/png 119.161.10.12

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 13:01:28 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: BE7P7H33GRCXGS0J
age: 17513
x-amz-server-side-encryption: AES256
content-length: 565
x-amz-id-2: GX9cjiJ2JVzwgYC49h9pMKkh6ff0sXbGVmpof8lYltYCJ80wVUdE6ppt2B2qZ2+idZkvkpI6DVA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Jul 2020 18:15:42 GMT
server: ATS
etag: "349bad1100a940608cb9109eb2b166a2"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: max-age=15552000, public
accept-ranges: bytes

GET
H2 200 ypd_assemble_html5_ad_v2.js Show response
s.yimg.com/ch/html5/ Frame 9FA6 1 KB
677 B 732ms
382ms Script
application/javascript 119.161.10.12

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ch/html5/ypd_assemble_html5_ad_v2.js

Requested by

Host: pr.ybp.yahoo.com
URL: https://pr.ybp.yahoo.com/ab/secure/true/imp/5EE-dpXNQbzTZiVXdiXAgzyvrytsVUCk0sgxkaObX9bh-dKflAeJS8iJVMLimoQ4waDBhNaubYeejP9LQdOOVBsf60m0fXLq-LraLypidb4-6OUQqZXn2DrKM8ijtovVgOHmuu_Azh-e-NS_RoPchm7iuQN_ueCDPvvOvUd4IcsdK7fRqmO0l7XFVCpUxgtrhrm7SVcwbDyBumDEY1_X5VL_oP_XNCP0kpQfMo5UM1OZtwIazYoQDSieqLK-RYoUoyiSz04yq41N_wFfrsSsdLxxVxV0PZHJsgeZ7kwO0_cPTMB8D1RzDHqf982vdywYuPZom7ysSMEPsAbFRYKdOxefEC4p42VRs0ljc9JwC-V4hF-p02W3Ge3cpMcpfMrszSaDAwOhrBBroPkD3jADL__Of1xbAupJ1yRcJfoiWdo7f3jbugiISu-jYaI1bdHbhE5blzyW9JlJFEv_T9P5E5Y1k7kDvxPaV0wQy1d3xGpHIwKrV1Nn_QO8P3sX4afJxM6hPkUrfEcuG2e9PbvrbH4wycggkwiUa3bsmn-26VUHTkwiXxhRwE_XcTiFKf8ne4NQrwJfjnBHugvrEpo4JRVCnbvmxHpY5kesJdsDXIf5HKkF5lltuNGzDVDrr6YrnNDqGW2UdcwkUJjGNy5gbHFrTn0pTU4cVrvHjhx7RzgjkgHskraM28NpL6Xqb-hNKKL6RxW2I0tML7Xq2ZsFQsxtwtjLUNguI3vSFhzky2abhwWJMGNZGmpM4wsCzaIpnUYPb1zy75x1ClIIPJCgS5D8NqEvLK_cu86nn8sfTg-CMTNerGh2lGSh_v2cyp1Zy5nJawT0D6tavnerrYJsMVyaLROrO8AOaj0YfNSRGZ9hBNDd4kwtSjEyn-UnSA3VftKYoREBiutjCXafWxg5d1LdDivJX7JKIlnXfaVw9kw7LoB1WPCxQjyZiETtjF6Mcr8k4EFbukmD7VcottYkHHES2uQJdS9Msiy9WHje9Y5D3ahGvm3RPyKIvaKg5wuIO6AdpBIF6TYELPCabNMTJ9lTGpZScxsRf6n7NZKI6S_02Q-35ZZE-ZsiIq88ko4n6URrk6ErEkNgjTPaEloCHaFaELS0CfiPO_eGF8kYngV1_EXpkeS5zf2YtG_qBOG3q6Xg1WrmBqSFugHAJkD9HU-5abHoU3vBiJ5FxQBpHRkve2_cP8b_FELkT6CYaREBhiGLiTmw1l0fJZO9qqybcw0hDAzftco6vgiZ5pjipZGbsx-Yh7xfnnH1R1vzTlCNmLt6wwIdUCVWuP5klo7Xqy2kmIdQD7r0paK0NcOGfikSYJVMjh5DHLv2xFxqBLe2sbfZPYg-m1ayJ1TBQBdwjq0VEPVYDHz0HFpPO7qErvBL9sMrkfLUtKCoZoYCpMRHwTif_yCLMPvV51qCqLw01Sg5RoqZfPIKOKVpJtL9M3sX5n8XyDpJIeWT7nI00NLzhaiLZfd-ew-qPZE1m_vKDAICN5vsmgj9HB862N2XwSop5AwtF9itLNIgWHJmGaNKyG9TMrud3YyLCILw88RFtK_RUFvGDpJWeuTYDhpHIc8/wp/35B9BF8456262B97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

44d72b2a243cac67ff4b1c1a86da71e3d392ee998a98ba2b70b1c3789351804d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 03:11:40 GMT
x-amz-version-id: null
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: NAWV5FHDJKRP9ZE1
age: 52901
x-amz-server-side-encryption: AES256
content-length: 639
x-amz-id-2: iOViL5IkFwwo2xmIsi+NV7J7NZvzRuvL90jj1SfrELX0MYEI06IdePQPns/s0mFFwSrMG6RNltA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Apr 2020 21:31:50 GMT
server: ATS
etag: "4e35383cafebd24c53a0b609c80aa6e9-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 EWipdd44kp.gif
pixel.zprk.io/v5/pixel/ Frame 9FA6 35 B
393 B 545ms
195ms Image
image/gif 54.255.143.58

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.zprk.io/v5/pixel/EWipdd44kp.gif?ssid=1&adid=
Requested by: Host: pr.ybp.yahoo.com
URL: https://pr.ybp.yahoo.com/ab/secure/true/imp/5EE-dpXNQbzTZiVXdiXAgzyvrytsVUCk0sgxkaObX9bh-dKflAeJS8iJVMLimoQ4waDBhNaubYeejP9LQdOOVBsf60m0fXLq-LraLypidb4-6OUQqZXn2DrKM8ijtovVgOHmuu_Azh-e-NS_RoPchm7iuQN_ueCDPvvOvUd4IcsdK7fRqmO0l7XFVCpUxgtrhrm7SVcwbDyBumDEY1_X5VL_oP_XNCP0kpQfMo5UM1OZtwIazYoQDSieqLK-RYoUoyiSz04yq41N_wFfrsSsdLxxVxV0PZHJsgeZ7kwO0_cPTMB8D1RzDHqf982vdywYuPZom7ysSMEPsAbFRYKdOxefEC4p42VRs0ljc9JwC-V4hF-p02W3Ge3cpMcpfMrszSaDAwOhrBBroPkD3jADL__Of1xbAupJ1yRcJfoiWdo7f3jbugiISu-jYaI1bdHbhE5blzyW9JlJFEv_T9P5E5Y1k7kDvxPaV0wQy1d3xGpHIwKrV1Nn_QO8P3sX4afJxM6hPkUrfEcuG2e9PbvrbH4wycggkwiUa3bsmn-26VUHTkwiXxhRwE_XcTiFKf8ne4NQrwJfjnBHugvrEpo4JRVCnbvmxHpY5kesJdsDXIf5HKkF5lltuNGzDVDrr6YrnNDqGW2UdcwkUJjGNy5gbHFrTn0pTU4cVrvHjhx7RzgjkgHskraM28NpL6Xqb-hNKKL6RxW2I0tML7Xq2ZsFQsxtwtjLUNguI3vSFhzky2abhwWJMGNZGmpM4wsCzaIpnUYPb1zy75x1ClIIPJCgS5D8NqEvLK_cu86nn8sfTg-CMTNerGh2lGSh_v2cyp1Zy5nJawT0D6tavnerrYJsMVyaLROrO8AOaj0YfNSRGZ9hBNDd4kwtSjEyn-UnSA3VftKYoREBiutjCXafWxg5d1LdDivJX7JKIlnXfaVw9kw7LoB1WPCxQjyZiETtjF6Mcr8k4EFbukmD7VcottYkHHES2uQJdS9Msiy9WHje9Y5D3ahGvm3RPyKIvaKg5wuIO6AdpBIF6TYELPCabNMTJ9lTGpZScxsRf6n7NZKI6S_02Q-35ZZE-ZsiIq88ko4n6URrk6ErEkNgjTPaEloCHaFaELS0CfiPO_eGF8kYngV1_EXpkeS5zf2YtG_qBOG3q6Xg1WrmBqSFugHAJkD9HU-5abHoU3vBiJ5FxQBpHRkve2_cP8b_FELkT6CYaREBhiGLiTmw1l0fJZO9qqybcw0hDAzftco6vgiZ5pjipZGbsx-Yh7xfnnH1R1vzTlCNmLt6wwIdUCVWuP5klo7Xqy2kmIdQD7r0paK0NcOGfikSYJVMjh5DHLv2xFxqBLe2sbfZPYg-m1ayJ1TBQBdwjq0VEPVYDHz0HFpPO7qErvBL9sMrkfLUtKCoZoYCpMRHwTif_yCLMPvV51qCqLw01Sg5RoqZfPIKOKVpJtL9M3sX5n8XyDpJIeWT7nI00NLzhaiLZfd-ew-qPZE1m_vKDAICN5vsmgj9HB862N2XwSop5AwtF9itLNIgWHJmGaNKyG9TMrud3YyLCILw88RFtK_RUFvGDpJWeuTYDhpHIc8/wp/35B9BF8456262B97
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.143.58 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:20 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 35
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: image/gif

GET
H2 200 inside.js Show response
cdn.js7k.com/rq/iv/ Frame 9FA6 43 KB
14 KB 744ms
394ms Script
application/javascript 106.10.236.40

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/rq/iv/inside.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

106.10.236.40 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: HGSVM4TRMVPZKRTK
age: 2859
x-amz-server-side-encryption: AES256
content-length: 14353
x-amz-id-2: LIkPCS0AxG3EBEk42WuV6Gsep6cM73wcXtF2o6M3IcQG9Rcfz8PcExImBiEP4+AL5aSQ9q5I8Jg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Sep 2021 15:05:50 GMT
server: ATS
etag: "8ceeaab271ed688991789ed1090cb398-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=14400
accept-ranges: bytes

GET
H2 200 adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 9FA6 565 B
603 B 605ms
256ms Image
image/png 119.161.10.12

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 13:01:28 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: BE7P7H33GRCXGS0J
age: 17513
x-amz-server-side-encryption: AES256
content-length: 565
x-amz-id-2: GX9cjiJ2JVzwgYC49h9pMKkh6ff0sXbGVmpof8lYltYCJ80wVUdE6ppt2B2qZ2+idZkvkpI6DVA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Jul 2020 18:15:42 GMT
server: ATS
etag: "349bad1100a940608cb9109eb2b166a2"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: max-age=15552000, public
accept-ranges: bytes

GET
H2 200 %7B%22adCsm%22:[%7B%22tld%22:%22www.empowher.com%22%7D,%7B%22ns%22:1666547595864,%22st%22:%221509.10%22,%22re%22:%221732.20%22,%22ldTot%22:%22223.10%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.1...
aax.amazon-adsystem.com/x/px/JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a/ Frame E1C9 43 B
309 B 222ms
201ms Image
image/gif 13.35.17.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax.amazon-adsystem.com/x/px/JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a/%7B%22adCsm%22:[%7B%22tld%22:%22www.empowher.com%22%7D,%7B%22ns%22:1666547595864,%22st%22:%221509.10%22,%22re%22:%221732.20%22,%22ldTot%22:%22223.10%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.10%22,%22ltpq%22:%220.00%22,%22lths%22:%220.10%22,%22ltpm%22:%220.10%22,%22ltdm%22:%220.20%22,%22ltdb%22:%220.00%22,%22csmTot%22:%220.50%22%7D],%22pixelId%22:%22s3v01yb8p8%22,%22ts%22:1666547600101,%22ver%22:%22d-1.20%22%7D?cb=2657935
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.17.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-17-5.sin5.r.cloudfront.net
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:19 GMT
via: 1.1 490cd3b4c8c8e2aafa0be58f76446f44.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN5-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: ryywLSKEzz6C3nwvbwaQoOXeo__FdEOElZPvNncXLrycqhx-6sAW-A==

GET
H2 200 09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html Show response
s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/ Frame 9E2D 3 KB
2 KB 196ms
196ms Document
text/html 119.161.10.12

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ch/html5/ypd_assemble_html5_ad_v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

940bba0dac8a86b8637cb6a0a7536c79e16b45484e8b010ee934e0b03a8327d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aax-fe-sin.amazon-adsystem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 51127
cache-control: max-age=15552000, public
content-encoding: gzip
content-length: 1410
content-type: text/html
date: Sun, 23 Oct 2022 03:41:15 GMT
etag: "2415c2711e06e2ac17494e3b3bd1c964-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Mon, 01 Aug 2022 04:45:54 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=15552000
vary: Origin, Accept-Encoding
x-amz-id-2: 0FjZ3sCzoSAF6OGEvu9E33I7T7fzNappviwFOhqYC/q32YYUrAiyac15lV/jUFzxdmVJSZ9AyUQ=
x-amz-request-id: ABCMSA7BNS4TYVTN
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 6a3e0d92-62c6-4b90-8c36-32baadd94ef9.html Show response
s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/ Frame E25D 3 KB
2 KB 207ms
207ms Document
text/html 119.161.10.12

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/6a3e0d92-62c6-4b90-8c36-32baadd94ef9.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ch/html5/ypd_assemble_html5_ad_v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

aa51374fc66fe96f9ce5de40c2ecb6915ed2f433b17ac34e2e0a9ed7beecbd01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aax-fe-sin.amazon-adsystem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 3526371
cache-control: max-age=15552000, public
content-encoding: gzip
content-length: 1623
content-type: text/html
date: Mon, 12 Sep 2022 22:20:31 GMT
etag: "9ffe7217e97d1b0acb39989be9c4b42f-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Mon, 01 Aug 2022 04:31:36 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=15552000
vary: Origin, Accept-Encoding
x-amz-id-2: 43ifIMp5pGqx8zLA8Hg+JS4zwoV35YsOwcMaGUbImGaoUf6Vv3C++VBwSbr/p7/e4Ps967skj3U=
x-amz-request-id: 90QSFE7QFDNG3Y45
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html Show response
s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/ Frame 69CA 3 KB
1 KB 204ms
203ms Document
text/html 119.161.10.12

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ch/html5/ypd_assemble_html5_ad_v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

940bba0dac8a86b8637cb6a0a7536c79e16b45484e8b010ee934e0b03a8327d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aax-fe-sin.amazon-adsystem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 51127
cache-control: max-age=15552000, public
content-encoding: gzip
content-length: 1410
content-type: text/html
date: Sun, 23 Oct 2022 03:41:15 GMT
etag: "2415c2711e06e2ac17494e3b3bd1c964-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
last-modified: Mon, 01 Aug 2022 04:45:54 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
strict-transport-security: max-age=15552000
vary: Origin, Accept-Encoding
x-amz-id-2: 0FjZ3sCzoSAF6OGEvu9E33I7T7fzNappviwFOhqYC/q32YYUrAiyac15lV/jUFzxdmVJSZ9AyUQ=
x-amz-request-id: ABCMSA7BNS4TYVTN
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A7E1 281 B
554 B 254ms
254ms Document
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=as&co=au
Requested by: Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a&rnd=7359936628671666547595875&pp=qupybk&p=t54lq8&crid=2974:5045116
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://aax-fe-sin.amazon-adsystem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 23 Oct 2022 17:53:20 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
us-u.openx.net/w/1.0/ Frame 855E 503 B
335 B 195ms
194ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=a2bf9d7a-e644-4ead-a00a-7c3fd53db43e
Requested by: Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW&rnd=2682420845261666547595895&pp=qupybk&p=bdul8g&crid=5045060
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: db06c35e3e67606869e26a7ea5a3739f25eef9d87a6877d5193cf8c20704eb08

Request headers

Referer: https://aax-fe-sin.amazon-adsystem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 316
content-type: text/html
date: Sun, 23 Oct 2022 17:53:20 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 9E2D 236 KB
63 KB 893ms
304ms Script
text/javascript 72.247.127.224

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.127.224 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:21 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sun, 23 Oct 2022 18:08:21 GMT

GET
H/1.1 200
OK desert_728x90.js Show response
ta0027.s3.ap-southeast-2.amazonaws.com/Desert/ Frame 9E2D 48 KB
48 KB 362ms
122ms Script
application/javascript 52.95.131.38

General

Check archive.org

Show headers Download Go to

Full URL: https://ta0027.s3.ap-southeast-2.amazonaws.com/Desert/desert_728x90.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.38 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 040e9d6cda6133b046fb4b968791eec070a090b64c2b268a497b9e2e5eb03740

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 Oct 2022 17:53:21 GMT
Last-Modified: Thu, 21 Jul 2022 01:26:42 GMT
Server: AmazonS3
x-amz-request-id: NQB2JW882SP601BH
ETag: "2776823d6bbfcf859b8eea717fd5c449"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 48644
x-amz-id-2: jSiyvUBuFHmtxZUZ3CP7jwRDeBA5nqq0u4GJf6Nfhf2Jc2D5JQlSNkNzEiz6LQCAbAhzuIWqTJ0=

GET
H2 200 %7B%22adCsm%22:[%7B%22tld%22:%22www.empowher.com%22%7D,%7B%22ns%22:1666547595904,%22st%22:%221767.10%22,%22re%22:%221990.10%22,%22ldTot%22:%22223.00%22%7D,%7B%22lteu%22:%220.00%22,%22ltut%22:%220.0...
aax.amazon-adsystem.com/x/px/JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj/ Frame A38D 43 B
308 B 200ms
200ms Image
image/gif 13.35.17.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax.amazon-adsystem.com/x/px/JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj/%7B%22adCsm%22:[%7B%22tld%22:%22www.empowher.com%22%7D,%7B%22ns%22:1666547595904,%22st%22:%221767.10%22,%22re%22:%221990.10%22,%22ldTot%22:%22223.00%22%7D,%7B%22lteu%22:%220.00%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.00%22,%22lths%22:%220.00%22,%22ltpm%22:%220.10%22,%22ltdm%22:%220.00%22,%22ltdb%22:%220.00%22,%22csmTot%22:%220.40%22%7D],%22pixelId%22:%22wpxz5meom59%22,%22ts%22:1666547600400,%22ver%22:%22d-1.20%22%7D?cb=7688322
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.17.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-17-5.sin5.r.cloudfront.net
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:20 GMT
via: 1.1 490cd3b4c8c8e2aafa0be58f76446f44.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN5-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: z7MVprjSRDm1D0wTCBho9Flvwqau934F8UEKXgEE3tsLi_apnJoFjw==

GET
H2 200 %7B%22adCsm%22:[%7B%22tld%22:%22www.empowher.com%22%7D,%7B%22ns%22:1666547595885,%22st%22:%221826.60%22,%22re%22:%222048.00%22,%22ldTot%22:%22221.40%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.0...
aax.amazon-adsystem.com/x/px/JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW/ Frame F3C8 43 B
308 B 201ms
200ms Image
image/gif 13.35.17.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax.amazon-adsystem.com/x/px/JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW/%7B%22adCsm%22:[%7B%22tld%22:%22www.empowher.com%22%7D,%7B%22ns%22:1666547595885,%22st%22:%221826.60%22,%22re%22:%222048.00%22,%22ldTot%22:%22221.40%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.00%22,%22lths%22:%220.00%22,%22ltpm%22:%220.00%22,%22ltdm%22:%220.00%22,%22ltdb%22:%220.00%22,%22csmTot%22:%220.40%22%7D],%22pixelId%22:%22koz5d00lto%22,%22ts%22:1666547600442,%22ver%22:%22d-1.20%22%7D?cb=6854375
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.17.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-17-5.sin5.r.cloudfront.net
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:19 GMT
via: 1.1 490cd3b4c8c8e2aafa0be58f76446f44.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN5-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: HS82f9bga9DbV2MK_4Lli0_yKwCeIF1JfSeLdENyxj3RH0ZDNupI2w==

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame E25D 236 KB
63 KB 1061ms
559ms Script
text/javascript 72.247.127.224

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/6a3e0d92-62c6-4b90-8c36-32baadd94ef9.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.127.224 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/6a3e0d92-62c6-4b90-8c36-32baadd94ef9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:21 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sun, 23 Oct 2022 18:08:21 GMT

GET
H/1.1 200
OK new-york_300x600.js Show response
ta0027.s3.ap-southeast-2.amazonaws.com/New-York/ Frame E25D 51 KB
51 KB 315ms
118ms Script
application/javascript 52.95.131.38

General

Check archive.org

Show headers Download Go to

Full URL: https://ta0027.s3.ap-southeast-2.amazonaws.com/New-York/new-york_300x600.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/6a3e0d92-62c6-4b90-8c36-32baadd94ef9.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.38 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48ef4b934d344f017714a7b8f3026e57d636636f882b9bc6cef2aec7b83f2487

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/6a3e0d92-62c6-4b90-8c36-32baadd94ef9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 Oct 2022 17:53:21 GMT
Last-Modified: Wed, 20 Jul 2022 22:45:11 GMT
Server: AmazonS3
x-amz-request-id: NQB6PQCDT8JWB3C1
ETag: "82da1fe03ecdacd7df203f54abdd22ae"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 51864
x-amz-id-2: lTBKc0QvCmtl6RBYjs3Rx3mWuSq67klxQDXUcphf8VkJFtTwM/Ug0E58C2t7YPyzBymp0CtRDYc=

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame EFA8 281 B
554 B 283ms
282ms Document
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=as&co=au
Requested by: Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj&rnd=7708285815651666547595913&pp=qupybk&p=t54lq8&crid=2974:5045116
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://aax-fe-sin.amazon-adsystem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 23 Oct 2022 17:53:20 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 69CA 236 KB
63 KB 961ms
559ms Script
text/javascript 72.247.127.224

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.127.224 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:21 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sun, 23 Oct 2022 18:08:21 GMT

GET
H/1.1 200
OK desert_728x90.js Show response
ta0027.s3.ap-southeast-2.amazonaws.com/Desert/ Frame 69CA 48 KB
48 KB 321ms
124ms Script
application/javascript 52.95.131.38

General

Check archive.org

Show headers Download Go to

Full URL: https://ta0027.s3.ap-southeast-2.amazonaws.com/Desert/desert_728x90.js
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.38 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 040e9d6cda6133b046fb4b968791eec070a090b64c2b268a497b9e2e5eb03740

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 Oct 2022 17:53:21 GMT
Last-Modified: Thu, 21 Jul 2022 01:26:42 GMT
Server: AmazonS3
x-amz-request-id: NQBC4TJ04N802J2T
ETag: "2776823d6bbfcf859b8eea717fd5c449"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 48644
x-amz-id-2: R9SScBnHqO6MSAdqZVfjoJcceb4ROwKu+f98UpVzVzndLVjONTO6ZOAMPlZ5dXKQTKHxdS5+Shk=

GET
H2 200 15359845-ad5c-a613-655a-e5c32e51c9b0
pr-bh.ybp.yahoo.com/sync/openx/ Frame 855E 43 B
601 B 203ms
203ms Image
image/gif 52.77.4.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/15359845-ad5c-a613-655a-e5c32e51c9b0?gdpr=0

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=a2bf9d7a-e644-4ead-a00a-7c3fd53db43e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.77.4.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-77-4-205.ap-southeast-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET openx
cs.nex8.net/cs/ Frame 855E 0
0

GET
H3

200

dds
rtb.openx.net/sync/ Frame 855E
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=XqR0PZR2jXSy-b-BAh8-Qw==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
64 B

293ms
193ms

Image
image/gif

35.227.252.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=a2bf9d7a-e644-4ead-a00a-7c3fd53db43e
Protocol: H3
Server: 35.227.252.103 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:21 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: f3irppv1hqpr7hkhc8s5snp1hb041ch4

Redirect headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 855E 43 B
243 B 878ms
265ms Image
image/gif 202.131.200.84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=a2bf9d7a-e644-4ead-a00a-7c3fd53db43e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.131.200.84 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Oct 2022 17:53:21 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
expires: -1

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 855E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=8bc86355-7f91-4d00-80d5-9819b90bbe95

43 B
61 B

193ms
192ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=536872786&val=8bc86355-7f91-4d00-80d5-9819b90bbe95
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=a2bf9d7a-e644-4ead-a00a-7c3fd53db43e
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 23 Oct 2022 17:53:21 GMT
Server: MT3 4539 98cc2da master hkg-pixel-x17 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://jp-u.openx.net/w/1.0/sd?id=536872786&val=8bc86355-7f91-4d00-80d5-9819b90bbe95
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 23 Oct 2022 17:53:20 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 855E
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2387188589106948273&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

194ms
193ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=2387188589106948273&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=a2bf9d7a-e644-4ead-a00a-7c3fd53db43e
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Oct 2022 17:53:20 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=2387188589106948273&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 23 Oct 2022 17:53:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A7E1 32 KB
10 KB 283ms
282ms Script
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=as&co=au
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=as&co=au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 Oct 2022 17:53:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9943
Connection: keep-alive
Content-Length: 9455
Expires: Sun, 23 Oct 2022 20:39:03 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame EFA8 32 KB
10 KB 282ms
282ms Script
text/html 23.9.185.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=as&co=au
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-185-218.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=as&co=au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 23 Oct 2022 17:53:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9943
Connection: keep-alive
Content-Length: 9455
Expires: Sun, 23 Oct 2022 20:39:03 GMT

POST
H2 200 yv
beap-bc.yahoo.com/ Frame ACEC 43 B
78 B 202ms
199ms Ping
image/gif 106.10.236.40

General

Check archive.org

Show headers Download Go to

Full URL

https://beap-bc.yahoo.com/yv?sek=9201001541173114467:1666547594446&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=Pi9QDaXZ9kLSsZ1VYmrFCAPZfoZgvvNlP7G280LRtrq-sykOzieUZMP8s9CprMDECsm9-D8u49dBDpJ4Ii8xHZI5W3pfDAM80iaFu3N619_nSwtyYaqKXzMuBeDfOr2UL6YTNgEdm6U7V8M3yua6RKUCWY8IVasQJJavOkq5AmgAVz9e7uFMChieFLbbbIA-U4hH7uQ8VPcxZjWlLRJxK3aslWzBg2MECg6A93WaVOk&iv=99&v=1&m=2&r=1666547601399&im=1&b=100&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7

Requested by

Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

106.10.236.40 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:21 GMT
strict-transport-security: max-age=15552000
accept-charset: utf-8
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, private
content-length: 43
x-xss-protection: 1; mode=block

POST
H2 200 yv
beap-bc.yahoo.com/ Frame B2BB 43 B
768 B 201ms
199ms Ping
image/gif 106.10.236.40

General

Check archive.org

Show headers Download Go to

Full URL

https://beap-bc.yahoo.com/yv?sek=3378551179263438379:1666547594444&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=2nnsu36y1JEXDPLocBuOGw_ds1k05IeYUuLb8g8aAv4mdqlrg8wrZp7TT1wrsA5Nl0bFUhgqnL1gCawrhOlSEdQTMGvnEXY60u1moKsrwk5KBIwAqDfsBn8su0HPxS7sWN8UgVlPqagjMy9FFIU4f01jvVsIvyf25mTuRPdu-a8v0sMYaOfjhwSMHYsm3yF7zER3iAPbbWVeG7tM3gfJU1lJwz3GVH-hNp3Fw_RGr0c&iv=100&v=1&m=2&r=1666547601400&im=1&b=100&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7

Requested by

Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

106.10.236.40 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:21 GMT
strict-transport-security: max-age=15552000
accept-charset: utf-8
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, private
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 Flare_02.png
s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/images/ Frame 9E2D 23 KB
23 KB 196ms
195ms Image
image/png 119.161.10.12

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/images/Flare_02.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

3e15633a3d6daa4e87c450b066f5d72a09f843f2059b1430a08a94a886d8d741

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 08:05:16 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: 316E9NCKCRE3C209
age: 3750487
x-amz-server-side-encryption: AES256
content-length: 23086
x-amz-id-2: HU6HdIUWdZsASn/H+KOFHfHQhz9JbIF+WNVCpvcA4psLZPcFRj5CQk9u0bPnogYLDKqN7JbK7GA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 01 Aug 2022 04:45:54 GMT
server: ATS
etag: "8824a1ab026aeec9e7abb99ab2d9a7a5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: max-age=15552000, public
accept-ranges: bytes

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E1C9 0
0 197ms
196ms Fetch
image/gif 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqH74ZL6N9qT0Uwi-GRcIkZgZyLK6T7zbiwzsWdZunP_BPoAuMbSUZraiXvsUYzMKlsIY0mGZNi0e9z9HqcgoLoY_oNZ2LCt5gIh6F1O4QIxWY38xutKWEs0gbTYyHd0ZlxksGu4vqWSlJbsYb23auUnjZRZ1R2bgxcJP4ZCVDRAMOrOtnWlFx9xTisHh3lm-289Ad6jozQjmnsA1SYalmOcLwxufjkQ5X7k9GxL5LEguh1oY8B_-LVoZhAdLqgYc7NwaNFHnxwZHvphyr13VvPbu4Z5coUh8AySGn50pezOWXcUV2hchul4ID4UQrBepfEw4Xy3o&sai=AMfl-YRa2gBaMZWRX3XwD8JwI7edgrWZ5sgynCLjMkRm2qhkPx72XbGMKnbeaQOKPHyXfhtFkT7u1EYrC-_HTAyehjtekq0QM8s-LTsPOt7Z7eEm1Pd1BK1TO4fcF2JxMr-aZ15Nbg&sig=Cg0ArKJSzMpODRr3cUGkEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 23 Oct 2022 17:53:21 GMT

GET
H/1.1 200
OK %7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:91,%22aw%22:728,%22ttv%22:2.79,%22ts%22:1666547601615,%22bn%22:false,%22pixelId%22:%22r90cxpjwtz%22,%22ver%...
aax-fe-sin.amazon-adsystem.com/x/px/JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a/v/ Frame ACEC 43 B
245 B 203ms
202ms Image
image/gif 52.119.187.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-fe-sin.amazon-adsystem.com/x/px/JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a/v/%7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:91,%22aw%22:728,%22ttv%22:2.79,%22ts%22:1666547601615,%22bn%22:false,%22pixelId%22:%22r90cxpjwtz%22,%22ver%22:%22r-1.30%22%7D?cb=6780159
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.187.0 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a&rnd=7359936628671666547595875&pp=qupybk&p=t54lq8&crid=2974:5045116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Oct 2022 17:53:21 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H/1.1 200
OK %7B%22atf%22:true,%22f%22:0.99,%22vs%22:%22visible%22,%22ah%22:91,%22aw%22:728,%22ts%22:1666547601615,%22bn%22:false,%22pixelId%22:%22r90cxpjwtz%22,%22ver%22:%22r-1.30%22%7D
aax-fe-sin.amazon-adsystem.com/x/px/JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a/atf/ Frame ACEC 43 B
245 B 201ms
200ms Image
image/gif 52.119.187.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-fe-sin.amazon-adsystem.com/x/px/JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a/atf/%7B%22atf%22:true,%22f%22:0.99,%22vs%22:%22visible%22,%22ah%22:91,%22aw%22:728,%22ts%22:1666547601615,%22bn%22:false,%22pixelId%22:%22r90cxpjwtz%22,%22ver%22:%22r-1.30%22%7D?cb=1926954
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.187.0 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JMC_VJm2EME-E522__wpqSkAAAGEBfo1ngUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA3xT2a&rnd=7359936628671666547595875&pp=qupybk&p=t54lq8&crid=2974:5045116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Oct 2022 17:53:21 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H2 200 Flare_01.jpg
s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/images/ Frame E25D 7 KB
7 KB 197ms
196ms Image
image/jpeg 119.161.10.12

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/images/Flare_01.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

05824f0dc408385982fa56c09812fc3aa5f13f2f734fc99decfe956a88498dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/6a3e0d92-62c6-4b90-8c36-32baadd94ef9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 14:33:50 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: 71J1Z4RPWNB535E6
age: 2344773
x-amz-server-side-encryption: AES256
content-length: 7351
x-amz-id-2: LHTC1NyoBNB3pKue5JLTuQ/NLbbCm7elm4Uho+eAS4SEEALyUT2JyOsHcn9G+e795I29xHOfQYA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 01 Aug 2022 04:31:35 GMT
server: ATS
etag: "a8a0eb3af7db02d0e5f85c21225763ba"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/jpeg
cache-control: max-age=15552000, public
accept-ranges: bytes

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F3C8 0
0 195ms
195ms Fetch
image/gif 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhBjqyXqkANeZRExGd5Y7etCJf1yb-mTp5JXHWmEOTsgoDPMPEgRm7ThvtaPn4JHoGlqILsf_y6Trzguax6jfn1OsNw5WfYw3LlEUUr0mLJRXtEpiHSsKBOeHBPhqjvfRbI7NqaVYFW0oBlp1b3t7laU4IX-vC08hII31ggxbSAq6dZ9JrdtiWrk37Mo-EcMWCOLH_ahD23abpbjNmTJoZ-sKnXSORI3NwFyl_3jUh7bZgrbIFvEsBPbcmSAy7PBWfZJ1jNL6mGufTMAat1ghYiSoMlMwntmD2QXd8sYe9X05ASOWr_Z_Iuq4jkaNxg942yjhGsoqm&sai=AMfl-YTX4e0FvgJFWrkwfMxC5Pt8aGAaFkolpaTWU3V1refpT7ZbFmhJpQWUadlt8JuXDDkcrZwmH_UBhJ30H7aNEcC2TCWYnMaBYmrX24ViOpKPKbdyIo5O4wbqC71EpDRPFSHAmf_XUmmrTemNLGRwkbA&sig=Cg0ArKJSzNLE7rzf3esYEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 23 Oct 2022 17:53:21 GMT

GET
H/1.1 200
OK %7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:601,%22aw%22:300,%22ttv%22:2.7,%22ts%22:1666547601865,%22bn%22:false,%22pixelId%22:%22xlbc6q5nxbe%22,%22ver...
aax-fe-sin.amazon-adsystem.com/x/px/JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW/v/ Frame B2BB 43 B
245 B 204ms
204ms Image
image/gif 52.119.187.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-fe-sin.amazon-adsystem.com/x/px/JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW/v/%7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:601,%22aw%22:300,%22ttv%22:2.7,%22ts%22:1666547601865,%22bn%22:false,%22pixelId%22:%22xlbc6q5nxbe%22,%22ver%22:%22r-1.30%22%7D?cb=2968760
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.187.0 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW&rnd=2682420845261666547595895&pp=qupybk&p=bdul8g&crid=5045060
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Oct 2022 17:53:21 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H/1.1 200
OK %7B%22atf%22:true,%22f%22:1,%22vs%22:%22visible%22,%22ah%22:601,%22aw%22:300,%22ts%22:1666547601865,%22bn%22:false,%22pixelId%22:%22xlbc6q5nxbe%22,%22ver%22:%22r-1.30%22%7D
aax-fe-sin.amazon-adsystem.com/x/px/JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW/atf/ Frame B2BB 43 B
245 B 200ms
200ms Image
image/gif 52.119.187.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-fe-sin.amazon-adsystem.com/x/px/JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW/atf/%7B%22atf%22:true,%22f%22:1,%22vs%22:%22visible%22,%22ah%22:601,%22aw%22:300,%22ts%22:1666547601865,%22bn%22:false,%22pixelId%22:%22xlbc6q5nxbe%22,%22ver%22:%22r-1.30%22%7D?cb=2505963
Requested by: Host: www.empowher.com
URL: https://www.empowher.com/users/covertail9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.187.0 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JDLSFNo50A5ActQr2qWC-FEAAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICCBDiPW&rnd=2682420845261666547595895&pp=qupybk&p=bdul8g&crid=5045060
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Oct 2022 17:53:21 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H2 200 Flare_02.png
s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/images/ Frame 69CA 23 KB
23 KB 196ms
195ms Image
image/png 119.161.10.12

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/images/Flare_02.png

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

3e15633a3d6daa4e87c450b066f5d72a09f843f2059b1430a08a94a886d8d741

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 08:05:16 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: 316E9NCKCRE3C209
age: 3750488
x-amz-server-side-encryption: AES256
content-length: 23086
x-amz-id-2: HU6HdIUWdZsASn/H+KOFHfHQhz9JbIF+WNVCpvcA4psLZPcFRj5CQk9u0bPnogYLDKqN7JbK7GA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 01 Aug 2022 04:45:54 GMT
server: ATS
etag: "8824a1ab026aeec9e7abb99ab2d9a7a5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: max-age=15552000, public
accept-ranges: bytes

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A38D 0
0 194ms
194ms Fetch
image/gif 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPS_NMU-muoPOJc-jVCfRQDyjW6U6MHYPL_IeVvnbGt7c_oCMOSX1Q38IDbNQ_aLIcbiY4lNL07AGGFXBrqUX7GzTAlHgg9lijGEuYn2zLOMvpE6pH_yXxvg1_S33LEycAGqflTGwTbXP140qzWgb1c1gVOvYHuMqsRk8a70JbNIGf0cmtvE74wOb68w22-pJ5hc0hEZhDZhpqlOhI4I0QO9AXHQy4lC5WC0PQ-Qjy_bsOVydrFCAEcB4gXWmusJGa7eDeGbtK3BabTTW11BYERHDngKzYhs5b73iKTPAy5CM9PZ81U8cBf59cFw85HDh6z0Dmjji0pYc&sai=AMfl-YSIFk1fZ-rXT4EXPCxEiqmvy_vFvEbauH8YSbk533ksUWYdaK7HJbLIcqyd0KAP9-waqQ9MeKYaTTqkpJuiLIMY4duFWxd0pI74CWeAz1ZNncr_kY7OwwryHYDrO4wCLwjf&sig=Cg0ArKJSzCNDuErZVt0IEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.empowher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 17:53:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 23 Oct 2022 17:53:22 GMT

GET _ate.track.config_resp
v1.addthisedge.com/live/boost/ra-4fff53e0007f7bfc/ 0
0

GET 300lo.json
m.addthis.com/live/red_lojson/ 0
0

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame C8D7 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 29C7 71 KB
26 KB 346ms
346ms Document
text/html 23.52.112.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.112.115 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-112-115.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.empowher.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26419
content-type: text/html
date: Sun, 23 Oct 2022 17:53:22 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET sodar
pagead2.googlesyndication.com/getconfig/ 0
0

GET
H/1.1 200
OK %7B%22atf%22:false,%22f%22:0,%22vs%22:%22visible%22,%22ah%22:91,%22aw%22:728,%22ts%22:1666547601987,%22bn%22:false,%22pixelId%22:%22jslaz9u5y2p%22,%22ver%22:%22r-1.30%22%7D
aax-fe-sin.amazon-adsystem.com/x/px/JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj/atf/ Frame 9FA6 43 B
245 B 200ms
200ms Image
image/gif 52.119.187.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-fe-sin.amazon-adsystem.com/x/px/JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj/atf/%7B%22atf%22:false,%22f%22:0,%22vs%22:%22visible%22,%22ah%22:91,%22aw%22:728,%22ts%22:1666547601987,%22bn%22:false,%22pixelId%22:%22jslaz9u5y2p%22,%22ver%22:%22r-1.30%22%7D?cb=9260198
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.187.0 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JLUqKgocwTnf_NA6KMihuK0AAAGEBfo1nwUAAAJYAQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICB8N-Qj&rnd=7708285815651666547595913&pp=qupybk&p=t54lq8&crid=2974:5045116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 23 Oct 2022 17:53:22 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43

GET
H2 200 Purple_01.jpg
s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/images/ Frame 9E2D 9 KB
9 KB 195ms
195ms Image
image/jpeg 119.161.10.12

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/images/Purple_01.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

f921604918685b78e5110b340d4a87ed4031afb73620d063982ff83990f01f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 11:40:20 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: F90P6VD43YFBA439
age: 6329584
x-amz-server-side-encryption: AES256
content-length: 9509
x-amz-id-2: JjyfdSTS3j+4tAK5//AI4jGjoxS8q6Q8Fo3Y6+9gEX+C7VpI6ZT5Mw4XeD8CbLWXr+px7R1naig=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 01 Aug 2022 04:45:54 GMT
server: ATS
etag: "e8f1e24677bbb89708140d4933042641"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/jpeg
cache-control: max-age=15552000, public
accept-ranges: bytes

GET
H2 200 Flare_02.png
s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/images/ Frame E25D 23 KB
23 KB 196ms
196ms Image
image/png 119.161.10.12

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/images/Flare_02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

3e15633a3d6daa4e87c450b066f5d72a09f843f2059b1430a08a94a886d8d741

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/6a3e0d92-62c6-4b90-8c36-32baadd94ef9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:08:20 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: N4BJCMBJV6JFJ5Y0
age: 506704
x-amz-server-side-encryption: AES256
content-length: 23086
x-amz-id-2: WFF6lyBnn+HGImV/QWTco/sTEhWcIoKMBwxr2BpmssOm92XmuFqvd8ekIGLJYtJ4iBBtffXHM40=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 01 Aug 2022 04:31:36 GMT
server: ATS
etag: "8824a1ab026aeec9e7abb99ab2d9a7a5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
cache-control: max-age=15552000, public
accept-ranges: bytes

GET
H2 200 Purple_01.jpg
s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/images/ Frame 69CA 9 KB
9 KB 196ms
195ms Image
image/jpeg 119.161.10.12

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/images/Purple_01.jpg

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.12 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

f921604918685b78e5110b340d4a87ed4031afb73620d063982ff83990f01f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/09c7824d-07e9-47ae-a4dc-e5a3fb09ca55.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 11:40:20 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: F90P6VD43YFBA439
age: 6329584
x-amz-server-side-encryption: AES256
content-length: 9509
x-amz-id-2: JjyfdSTS3j+4tAK5//AI4jGjoxS8q6Q8Fo3Y6+9gEX+C7VpI6ZT5Mw4XeD8CbLWXr+px7R1naig=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 01 Aug 2022 04:45:54 GMT
server: ATS
etag: "e8f1e24677bbb89708140d4933042641"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/jpeg
cache-control: max-age=15552000, public
accept-ranges: bytes

GET Scene_01.jpg
s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/images/ Frame 9E2D 0
0

GET Purple_01.jpg
s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/images/ Frame E25D 0
0

GET Scene_01.jpg
s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/images/ Frame 69CA 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.nex8.net
URL: https://cs.nex8.net/cs/openx

Domain: v1.addthisedge.com
URL: https://v1.addthisedge.com/live/boost/ra-4fff53e0007f7bfc/_ate.track.config_resp

Domain: m.addthis.com
URL: https://m.addthis.com/live/red_lojson/300lo.json?si=63557f8b9ef21df8&bkl=0&bl=1&pdt=1389&sid=63557f8b9ef21df8&pub=ra-4fff53e0007f7bfc&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.empowher.com&fp=users%2Fcovertail9&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1666547601963&jsl=129&uvs=63557f8bc0fe4614000&skipb=1&callback=addthis.cbs.jsonp__98039436451175850

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env

Domain: s.yimg.com
URL: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/images/Scene_01.jpg

Domain: s.yimg.com
URL: https://s.yimg.com/ch/html5/7d89d7bf-2a66-4e1c-bd65-603556f6f3a2/images/Purple_01.jpg

Domain: s.yimg.com
URL: https://s.yimg.com/ch/html5/9b5315cc-2ed3-4f2f-86ff-94630fed922b/images/Scene_01.jpg

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.empowher.com/users	1969-12-31 23:59:59	Name: ntvSession Value: {}
www.empowher.com/	1970-01-20 15:41:23	Name: poll-10444745 Value: 173.245.209.112-754741064
.empowher.com/	1970-01-20 07:29:07	Name: SESSce6bccc42be748aec24dd90a6cb095af Value: b9202cd5861e7da6e6bd69b4d3e948a7
.empowher.com/	1970-01-20 15:41:23	Name: _privy_C27276E9A39ACE9B437BA993 Value: %7B%22uuid%22%3A%2216173db6-7edc-46b4-bcb2-39e9037bf54f%22%7D
.empowher.com/	1970-01-20 16:31:47	Name: _ga Value: GA1.2.351501688.1666547594
.empowher.com/	1970-01-20 06:57:13	Name: _gid Value: GA1.2.1057808277.1666547594
.empowher.com/	1970-01-20 06:55:47	Name: _gat Value: 1
.media.net/	1970-01-20 15:41:23	Name: visitor-id Value: 3095491936830498000V10
.empowher.com/	1970-01-20 09:05:23	Name: _fbp Value: fb.1.1666547594541.466079308
.empowher.com/	1970-01-20 16:17:23	Name: __gads Value: ID=89a5584c32d4c0ec-22e8198f79d70095:T=1666547595:S=ALNI_MYLEsu3GCbOIQsftpb4_gdAfFtTVg
.empowher.com/	1970-01-20 16:17:23	Name: __gpi Value: UID=00000b6a6ed15cd7:T=1666547595:RT=1666547595:S=ALNI_Mb3BZ2DGzigkYwXGpTnuVbAXhTNkA
.postrelease.com/	1970-01-20 15:41:23	Name: visitor Value: f05d2652-e56c-49e4-979c-696213d5e214
.postrelease.com/	1970-01-20 15:41:23	Name: status Value: 0
.doubleclick.net/	1970-01-20 16:31:47	Name: IDE Value: AHWqTUnYiaVP8Q7XAL-hpQMbtWwjD2V2quFwSwg4XbFgarWONWSIN06UEmJQMi71nDU
.amazon-adsystem.com/	1970-01-20 12:57:13	Name: ad-id Value: A-MwYhRGH0uWrzyK_oUJVEE
.amazon-adsystem.com/	1970-01-20 16:31:47	Name: ad-privacy Value: 0
.openx.net/	1970-01-20 15:41:23	Name: i Value: 525ec158-9477-0bad-0e5b-3bdeb5213704\|1666547596
.openx.net/	1970-01-20 07:17:23	Name: pd Value: v2\|1666547597\|jElYiuvOhI
.adsrvr.org/	1970-01-20 15:41:23	Name: TDID Value: c4963f58-4c67-45bb-bcca-3f446d2c9cec
.turn.com/	1970-01-20 11:14:59	Name: uid Value: 2387188589106948273
.openx.net/	1970-01-20 07:17:23	Name: univ_id Value: 537072971\|c4963f58-4c67-45bb-bcca-3f446d2c9cec\|1666547597808583
.ladsp.com/	1970-01-20 06:55:51	Name: cr Value: 1
.gumgum.com/	1970-01-20 15:41:23	Name: cs Value: true
.socdm.com/	1970-01-20 16:31:47	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjY2NTQ3NTk3fQ
.ladsp.com/	1970-01-20 16:31:47	Name: smn_uid Value: T2nFST46xWRl7WU2L_YAlA7_4wiE9vo
.ladsp.com/	1970-01-20 16:31:47	Name: lum Value: CJGG6a_AMBIFCAMQ0AU
.rubiconproject.com/	1970-01-20 15:41:23	Name: khaos Value: L9LNESSA-A-M5BP
.adsrvr.org/	1970-01-20 15:41:23	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCOqe7YKwypo7EAUYBSACKAIyCwigtqilxsqaOxAFOAE.
.yahoo.com/	1970-01-20 15:41:45	Name: A3 Value: d=AQABBI9_VWMCEBt_OymeujIiAvuXO4XsdBsFEgEBAQHRVmNfYwAAAAAA_eMAAA&S=AQAAAizV5qp7rmJWakuqBiBc1Jk
.rubiconproject.com/	1970-01-20 15:41:23	Name: audit Value: 1\|B8D+HHznqAMHqN6rPQya/HDz3qCQEhCuOU39sjJXIqOcmAZnLQTPdAoGMlpnIbn9Bt3JthgEC8EiZ07GJqnMno4BjqNRGrmz

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cs.nex8.net/cs/openx Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f134eb73da58455e85f9ff8bcbc7196.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
aax-fe-sin.amazon-adsystem.com
aax.amazon-adsystem.com
ad.turn.com
adservice.google.com
adservice.google.com.au
ajax.googleapis.com
api.privy.com
beacon-sin1.rubiconproject.com
beap-bc.yahoo.com
c.amazon-adsystem.com
cdn.js7k.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
contextual.media.net
cr-p3.ladsp.com
cs.nex8.net
eus.rubiconproject.com
fonts.googleapis.com
g2.gumgum.com
jadserve.postrelease.com
jp-u.openx.net
js.gumgum.com
m.addthis.com
match.adsrvr.org
ox-rtb-asia-southeast1.openx.net
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.zprk.io
pr-bh.ybp.yahoo.com
pr.ybp.yahoo.com
px.ads.linkedin.com
rtb.openx.net
s.amazon-adsystem.com
s.ntv.io
s.yimg.com
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync.mathtag.com
ta0027.s3.ap-southeast-2.amazonaws.com
tag.marinsm.com
tg.socdm.com
token.rubiconproject.com
u.openx.net
us-u.openx.net
v1.addthisedge.com
widget.privy.com
www.empowher.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagservices.com
www.honcode.ch
z.moatads.com
cs.nex8.net
m.addthis.com
pagead2.googlesyndication.com
s.yimg.com
s7.addthis.com
v1.addthisedge.com
103.229.206.241
104.17.25.14
104.22.20.108
104.22.21.108
104.26.11.151
104.83.196.24
106.10.218.42
106.10.236.40
119.161.10.12
124.146.215.42
13.107.42.14
13.225.2.118
13.227.254.74
13.35.17.5
142.250.4.154
142.250.4.155
142.250.4.95
142.251.10.102
142.251.10.156
142.251.10.157
142.251.10.94
151.101.192.65
157.240.13.19
157.240.235.35
172.217.194.104
172.217.194.95
195.70.1.181
202.131.200.84
23.52.112.115
23.72.45.156
23.72.45.55
23.9.185.218
3.33.220.150
34.96.111.110
35.227.252.103
35.244.159.8
50.116.239.135
52.119.187.0
52.193.163.182
52.46.155.104
52.77.4.205
52.84.251.95
52.95.126.138
52.95.131.38
54.241.194.120
54.255.143.58
69.173.151.100
69.173.158.64
69.173.158.67
72.247.127.224
74.125.24.132
74.125.24.154
00b0bb16de8eae437365efd3da79ec0a5dd7bc7314351d5d440b409be1b87fb0
01c99f21455c85f6e0f9132807541d12dd2d41536fbd0a8f20637bb82a36f0a4
040e9d6cda6133b046fb4b968791eec070a090b64c2b268a497b9e2e5eb03740
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05824f0dc408385982fa56c09812fc3aa5f13f2f734fc99decfe956a88498dde
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
085775193a3438660321ef433979fcf52fafcd58fb1d2bd8cec61b0503380111
0aedcd5a6cd7dd971d727a6e234a77d2ece5fd329be114eadc3d93d9465e96cd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e069aab9c03d3eba35a1e4e15b2e033b73503e011b5dff0540ea04e77022d80
1159500ec113a58c8e68c1889b0d7a4bf551f10c01173442dc90b72c562ccfe6
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8
14a2c91fb720c33b46379b2318e70c953933042617d4360726ddd83386b599d1
174521645b2f535c99f2e1c681ac39a149510e3920b16c9370e407b923601300
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
1c7adf907fdaeb92e7323570e9600071f5cc36b8c11372e0516acb4ce3edf7d3
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
29ce4d077043eb550f778602c3a213aa6e413823b5fe6cc30c4c7928b23694a2
3055597f43adef2648996efac659bd63f616b0d1937f6e774ae3ac8fe35fb195
3105e6bbf8092f88e7b1b13b3597c9d3915c6670117714280a96ee50da8fec03
37c3974fe9fcf3d844b0560a439e6fdad6118dd7a25c418c6a59a991beba3e97
3d4ee981afa9fff8433c869d26d5d889d5e54336bbcba0cf02932b8b80160001
3d553f17fdfd8d3a2dd97c541ac3ad2a4a6dcf505305037b8d7d78790cf085b4
3e15633a3d6daa4e87c450b066f5d72a09f843f2059b1430a08a94a886d8d741
3e628fd05bb45972a7eda13d94f633c46a08e2a1cc949bf2f18c6544f74db134
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40cb29c6823e44efb83a3f11ea4d5f63f6ba7d029afa2058205dbecfa7d9ca30
4186b16ec0a11311f90a6a972532452398b44c87ea599b434b8e662ad5c01057
44d72b2a243cac67ff4b1c1a86da71e3d392ee998a98ba2b70b1c3789351804d
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4635a4a86c801f09194a1bf5ba3c46ec1eabd966dfd8a19f460fdb37300a6564
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ef4b934d344f017714a7b8f3026e57d636636f882b9bc6cef2aec7b83f2487
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc4050385b003f8d7a6f5ed9bf0b6c1d2e4b2bdaea8fdc5ffabe312135e4477
53649d3c20f6a27387663fddc70fff4333dfd34918b7c24b1cb2d211244cba72
5ade699031aded0d2243454e2d3fe0e371938e25cd7e87e0b8486e6f8a457a39
5d4942a6c27e7ea76bef60f21fb00f72ee1398c6e57dda88bd2f6c53262e24e0
5ef6285bdae45fa27d9cb8f00ca85b4f8d5721cb87241923b8dfce7a4739083a
629019c3f248473efe64d5fdbf31209d07d997a5269b16c5e4baeeccbffe6ecf
62c53d8848db5c8251b277e9335e317af46c20f9599b69799256d81b4b3a67b1
62e127b1ca9a253499e0ae40a6d473a91b7e679dec727251d62c287d0a86606d
646a64f97e7ca5c37c5f9f6c0d910117a3ece78225aed53e0a5806caed884c78
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6daa800a9f14a171bce9bb9cf2b244578a4db4866048c79033b2cb66657ccef3
701d38f6b8d480f286b457439a8bdb3ce29c5d913c680429754efdb4f8a9562d
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d3b7e88b3c83dd902ced3b8daaa79f99eec78ccd9002f6b312b65d5aef381f1
825bcade67052cde99899ccc90782226d1c1baab39244f26884dae084e7fc021
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8714be2a868cfbf4f205f3d01f6ee6e1da9ae2babd4f23cf31c7d87bfc6d09cf
88b7bffe1d13b4c3553ff50398b30638f19b69965a4c56cb92aef1866352d09c
89a28fb60cbbf25fd7f1f8954ea448fc92188d83a49b1085a2af13e4f19717f8
8a57b79b77e9b4a9f191413e2e4582b3b09b95f40a7a7f360234d9c7c5103eba
8a8f90024e627e1f88232bdb7f177e632cc0086bf8988f51828c048547e8233c
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
940bba0dac8a86b8637cb6a0a7536c79e16b45484e8b010ee934e0b03a8327d1
9a5b84b047c9cc91ed81c5a043634d21df2a87dbb0cac52fa8b972206c8b54f2
9def4d10c09ec3a4f91bff6bf44a83a1ecc4410ac78d84a50053fb22c35697f5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a42cb1511e0ecf1b9267ae0c7c447b61b39bbbeabff381358b75fc664e0af969
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a597cd612de032ce869270484a423e5ce3cb67f0d1bcc295af6b792787242f63
a6cd42dc30d979bbd002c528b0615c835525058e820fdc3595194af64c157d4f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa51374fc66fe96f9ce5de40c2ecb6915ed2f433b17ac34e2e0a9ed7beecbd01
aac2522d7d4debe282b3deeed6f22a080410ff825829ad6c6fe692ef009b4cc2
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
b8e2692e2e414ade41180a29a51e87fba6c8a06a03f849d0b5840e57f4586931
c0ab4d6f0d376f206927168dcae1f6ede1bd61777ca7b7caa80e89f016ce17ae
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5bf8156fb0839656e2c5e95f87e0e2d70674ee2c2ba809886161daf6614dca6
cdaac4172371a0d13c66325be74f92f4cb23575f7f8a2781d1d74323f926c720
d29d000556b37c68c8a38e57ee0b4838d6bc7d2fa656c54dedf5f4ee9b6b005d
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
db06c35e3e67606869e26a7ea5a3739f25eef9d87a6877d5193cf8c20704eb08
dfe4d56a7fc93e6699273e82312b3936906a121bf2f97a43380a153c31a00892
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e853f4a567f05b6bbb685f49dd1de673ae348efa5a328ee82ac83fc0fc3c8354
eb4c26248b227477ac86e55431f1478db8a2bab39352585519b9c7e08d88d4a5
ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59ff797b78853b110b03a4f27bac47a6d31faa53e47d55a56e3725d013f0d83
f76d8f1b667390be2a1859c9fa5ea8f6d97539f295e1c2448a6bea2f694a92d5
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
f921604918685b78e5110b340d4a87ed4031afb73620d063982ff83990f01f57
f9dea05d028fcf02fbb9121411d6c8e86655469ad671feb0716d0846f0f66e0d
fa5278204f6f231236aa7c4734f6a380f4fce3636b8ac041d7aac61b742fc07b

www.empowher.com Open in urlscan Pro 104.26.11.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

174 Requests

87 %HTTPS

0 %IPv6

38 Domains

62 Subdomains

47 IPs

5 Countries

2198 kBTransfer

6110 kBSize

30 Cookies

4 Outgoing links

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.empowher.com Open in urlscan Pro
104.26.11.151 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

87 %
HTTPS

0 %
IPv6

38
Domains

62
Subdomains

47
IPs

5
Countries

2198 kB
Transfer

6110 kB
Size

30
Cookies

174 HTTP transactions
4 data transactions