load.mrviral.co Open in urlscan Pro
108.61.209.214  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://officecdn.microsofct.com/ Page URL
2. https://track.vcdc.com/?mid=108&f=108&domain=microsofct.com Page URL
3. https://track.vcdc.com/go.php?mid=108&f=108&domain=microsofct.com&ref=https://officecdn.microsofct.com/ Page URL
4. https://track.traffic.club/helper/forward.php?target=aHR0cHM6Ly9zeWx2ZXJsaWdodC5uZXQvP2FjdGlvbj1yZWRpcmVjdCZ0YXJnZXQ9YUhSMGNEb3ZMekEwTVRBeUxtUmwmaGFzaD1iOTJiNTg2MjViZTVjODI5NWJlOTBkZDI0YWI0YzJhYw==&hash=903cf4fbd5c3339eaea4ba1047d8a551 Page URL
5. https://track.traffic.club/helper/forward.php Page URL
6. https://sylverlight.net/?action=redirect&target=aHR0cDovLzA0MTAyLmRl&hash=b92b58625be5c8295be90dd24ab4c2ac Page URL
7. http://04102.de/ Page URL
8. https://mixupdef.com/i/9135?nsid={pubid}&partner_subid={click_id} Page URL
9. https://mixupdef.com/d/9135/1609320303106189-ZVQQbg?nsid={pubid}&partner_subid={click_id} HTTP 302
   https://misctraff.com/l/26997435f4616f161c90?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684 HTTP 302
   https://trk9.nundori.xyz/l/26997435f4616f161c90.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684 Page URL
   
10. https://trk9.nundori.xyz/l/26997435f4616f161c90.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684&code=1bY3VvBDU7NkA7Ozo.PEBDQEYRhYV3Fn.GGI9-cgI0OQRuamgJOjsLfHmCEFx6gIiMNY5PTnhQNAF2ZmwGBnB-CjtBPD0OeHgSQ0VERRZ4jxpLNjEyA2VtBzg6OToLgIcPPEZBEnWJfnoYGHyFZQIzA2dwaQg4CXl9eoEPD4Z-dhRbhIV.hH46SW9lMQRteW1rCn59gXIOdYJ.E3l1gYl8GI57AU5xfW1xcmg3Pjg7LDVbcHN6gIeDiH5SOGKIdGZuI1FmaSdXXCpjLD4.bkFFcUg9NVeHiIV-V2ZkTm15NTw7QDg.Qi02WlhlX19ANYKAg346R2ZlbnMuJkpwe3l4cTxGQj5BQEdFRUlFTko6U2JoZHZuNTw7QDg.Qg1vhRFJEneBFk4XeU1NATEyNDQ1NgdpPT4MPD0OgnYSQkNERRZ9fhpKMTECZmxpBzcIb3aBDXNve4N2EnZ8ghdISUoabG9pBDU1NjcIfH59cw4-QEFCQ0REFYWKe4mPAQFydWh4e2kJOzo7Pz0-P0cRd4mAgxdKSxmMZWcDA3ZnaWoJOjo9QT4-REMRdYGIhRcXj4eHAQF5anB7BzcIbG5yDT4-QEFCQ0RFRUZHSUpLMTEzNDU2Nzg5Ojs8PT4-QEFCQkRFRkdISUpLMTIzMzU2Nzg5Ojs8PT4-QEFCQ0RFRUcXe4KPATIzNDU2Nzg5Ojs8PT4.QEFBQ0NFRkdISRmRdXUDejI1QX42YkBhYkiFPYJFgIGCg1GORoVObm9wcT98NHs.fkWCOlJZfEhnEn6Ag30YfYdHVVQCdXh5BzcIdWt6DQ12e4MSQhOCiRdISUlLMTIyNDQFfWsJOjs8bj8OcoKJExOHeHoYSk0ac3FmBDY5Bmt4ews8DHtxcxFKQEwUgoqHGUpP&_tdf=12 HTTP 302
    https://trk9.nundori.xyz/gw.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ%3D%3D_7497_9135&url=https%3A%2F%2Ftiktok-labs.com%2Fgw.php%3Fcampaign_id%3D15_b_384142_b_122223_b_DE&vId=bmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e&hash=26997435f4616f161c90&ete=true Page URL
    
11. https://tiktok-labs.com/gw.php?campaign_id=15_b_384142_b_122223_b_DE HTTP 302
    https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Page URL
    

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

• https://mixupdef.com/d/9135/1609320303106189-ZVQQbg?nsid={pubid}&partner_subid={click_id} HTTP 302
• https://misctraff.com/l/26997435f4616f161c90?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684 HTTP 302
• https://trk9.nundori.xyz/l/26997435f4616f161c90.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684

Request Chain 13

• https://trk9.nundori.xyz/l/26997435f4616f161c90.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684&code=1bY3VvBDU7NkA7Ozo.PEBDQEYRhYV3Fn.GGI9-cgI0OQRuamgJOjsLfHmCEFx6gIiMNY5PTnhQNAF2ZmwGBnB-CjtBPD0OeHgSQ0VERRZ4jxpLNjEyA2VtBzg6OToLgIcPPEZBEnWJfnoYGHyFZQIzA2dwaQg4CXl9eoEPD4Z-dhRbhIV.hH46SW9lMQRteW1rCn59gXIOdYJ.E3l1gYl8GI57AU5xfW1xcmg3Pjg7LDVbcHN6gIeDiH5SOGKIdGZuI1FmaSdXXCpjLD4.bkFFcUg9NVeHiIV-V2ZkTm15NTw7QDg.Qi02WlhlX19ANYKAg346R2ZlbnMuJkpwe3l4cTxGQj5BQEdFRUlFTko6U2JoZHZuNTw7QDg.Qg1vhRFJEneBFk4XeU1NATEyNDQ1NgdpPT4MPD0OgnYSQkNERRZ9fhpKMTECZmxpBzcIb3aBDXNve4N2EnZ8ghdISUoabG9pBDU1NjcIfH59cw4-QEFCQ0REFYWKe4mPAQFydWh4e2kJOzo7Pz0-P0cRd4mAgxdKSxmMZWcDA3ZnaWoJOjo9QT4-REMRdYGIhRcXj4eHAQF5anB7BzcIbG5yDT4-QEFCQ0RFRUZHSUpLMTEzNDU2Nzg5Ojs8PT4-QEFCQkRFRkdISUpLMTIzMzU2Nzg5Ojs8PT4-QEFCQ0RFRUcXe4KPATIzNDU2Nzg5Ojs8PT4.QEFBQ0NFRkdISRmRdXUDejI1QX42YkBhYkiFPYJFgIGCg1GORoVObm9wcT98NHs.fkWCOlJZfEhnEn6Ag30YfYdHVVQCdXh5BzcIdWt6DQ12e4MSQhOCiRdISUlLMTIyNDQFfWsJOjs8bj8OcoKJExOHeHoYSk0ac3FmBDY5Bmt4ews8DHtxcxFKQEwUgoqHGUpP&_tdf=12 HTTP 302
• https://trk9.nundori.xyz/gw.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ%3D%3D_7497_9135&url=https%3A%2F%2Ftiktok-labs.com%2Fgw.php%3Fcampaign_id%3D15_b_384142_b_122223_b_DE&vId=bmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e&hash=26997435f4616f161c90&ete=true

Request Chain 59

• https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2500372977609723&output=html&h=250&slotname=PA_GR_OptimaNetwork%2Fmrviral.co%2F20428196_mrviral.co_ros_300x250&adk=1519538317&adf=287865396&pi=t.ma~as.PA_GR_OptimaNetwork_&w=300&url=https%3A%2F%2Fload.mrviral.co%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609320304516&bpp=6&bdt=332&idt=60&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&correlator=1193438672790&frm=23&ife=1&pv=2&ga_vid=486271191.1609320304&ga_sid=1609320305&ga_hid=2087485014&ga_fc=1&nhd=1&u_tz=60&u_his=11&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=1472&biw=1600&bih=1200&isw=300&ish=250&ifk=1728355919&scr_x=0&scr_y=0&eid=21066922%2C21067981%2C21068945%2C21069711&oid=3&pvsid=3080315123758359&pem=499&ref=https%3A%2F%2Ftrk9.nundori.xyz%2Fl%2F26997435f4616f161c90%3Fsub%3D1609320303106189-ZVQQbg-9135-12684%26source%3De3B1YmlkfQ%253D%253D_7497_9135%26url%3Dhttps%253A%252F%252Ftiktok-labs.com%252Fgw.php%253Fcampaign_id%253D15_b_384142_b_122223_b_DE%26vId%3Dbmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e%26hash%3D26997435f4616f161c90%26ete%3Dtrue&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.btufwhsqklhn&btvi=1&fsb=1&dtd=75 HTTP 302
• https://projectagoralibs.com/libs/adtag_blank.html

Request Chain 64

• https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2500372977609723&output=html&h=250&slotname=PA_GR_OptimaNetwork%2Fmrviral.co%2F20428196_mrviral.co_ros_300x250&adk=1519538317&adf=287865397&pi=t.ma~as.PA_GR_OptimaNetwork_&w=300&url=https%3A%2F%2Fload.mrviral.co%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609320304490&bpp=19&bdt=287&idt=111&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&correlator=1193438672790&frm=23&ife=1&pv=1&ga_vid=486271191.1609320304&ga_sid=1609320305&ga_hid=994373672&ga_fc=1&nhd=1&u_tz=60&u_his=11&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=20&ady=1915&biw=1600&bih=1200&isw=300&ish=250&ifk=1728355919&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=298426612309767&pem=499&ref=https%3A%2F%2Ftrk9.nundori.xyz%2Fl%2F26997435f4616f161c90%3Fsub%3D1609320303106189-ZVQQbg-9135-12684%26source%3De3B1YmlkfQ%253D%253D_7497_9135%26url%3Dhttps%253A%252F%252Ftiktok-labs.com%252Fgw.php%253Fcampaign_id%253D15_b_384142_b_122223_b_DE%26vId%3Dbmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e%26hash%3D26997435f4616f161c90%26ete%3Dtrue&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.si157y9jxg02&btvi=1&fsb=1&dtd=116 HTTP 302
• https://projectagoralibs.com/libs/adtag_blank.html

Request Chain 73

• https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
• https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
• https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b HTTP 302
• https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b&tbid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&query=taboola_hm%3Da26bf6dd-7e4f-4e1f-9057-7abc7a74351b&isDirect=0

Request Chain 75

• https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
• https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=mnYdJD1dQu1F&ev=1&orig=trc&pid=562107

Request Chain 77

• https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
• https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBarg1MvvdKUPqLCyQuTnQI&google_cver=1

Request Chain 79

• https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1

Request Chain 80

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
• https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=6f8b3c53-1c27-44d0-91f1-639be757c99a

Request Chain 81

• https://ce.lijit.com/merge?pid=42&3pid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
• https://ce.lijit.com/merge?pid=42&3pid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 83

• https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1 HTTP 302
• https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 87

• https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
• https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=ce8e14a6-fe32-4e42-9a61-ecd68ef588d4

Request Chain 88

• https://id5-sync.com/s/464/9.gif?puid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
• https://id5-sync.com/c/464/464/7/1.gif?puid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&gdpr=1&gdpr_consent= HTTP 302
• https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOUoH7BLRYgX9R7Jodgeh2411NWWiy6S2ChBcdEQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOUoH7BLRYgX9R7Jodgeh2411NWWiy6S2ChBcdEQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/cq/464/124/6/2.gif?puid=79818121-23ba-4fee-97c1-a1634c4b68fc&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/464/19/5/3.gif?puid=24e096171ea768cbe2c0565ee776b15b&gdpr=1&gdpr_consent= HTTP 302
• https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/464/101/4/4.gif?puid=2f41b7de-2d09-41bc-9743-db35e06a09d7&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/464/108/3/5.gif?puid=e7332499-4a80-11eb-8a81-ba8f63c18f37&gdpr=1&gdpr_consent= HTTP 302
• https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/464/112/2/6.gif?puid=7B19D3F24201C154&gdpr=1&gdpr_consent= HTTP 302
• https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
• https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/464/146/1/7.gif?puid=d403cea4-8aae-4016-ad6d-4dc542edcf09&gdpr=1&gdpr_consent=

Request Chain 89

• https://s.c.appier.net/taboola HTTP 302
• https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=nwzW5VQcBla7PmMNcUfsXw

Request Chain 92

• https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
• https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola HTTP 302
• https://x.bidswitch.net/sync?dsp_id=188&user_id=IbWDLNq7Rsdg2EMd0Ug6J7nUq0M&user_group=1&ssp=taboola HTTP 302
• https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=996116dc-5a99-4717-abb8-b1e62393392a

Request Chain 99

• https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
• https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b HTTP 302
• https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b&tbid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&query=taboola_hm%3Da26bf6dd-7e4f-4e1f-9057-7abc7a74351b&isDirect=0

Request Chain 101

• https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
• https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=XtJY8eV0v01i&ev=1&orig=trc&pid=562107

Request Chain 103

• https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
• https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAo6u0jhDXmflbYNUB3Hm_8&google_cver=1

Request Chain 104

• https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1

Request Chain 105

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
• https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=6f8b3c53-1c27-44d0-91f1-639be757c99a

Request Chain 107

• https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
• https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=ce8e14a6-fe32-4e42-9a61-ecd68ef588d4

Request Chain 108

• https://s.c.appier.net/taboola HTTP 302
• https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YPxWF5kUAIa--PNkcUfsXw

Request Chain 110

• https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
• https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=996116dc-5a99-4717-abb8-b1e62393392a HTTP 302
• https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b&ssp=taboola HTTP 302
• https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=996116dc-5a99-4717-abb8-b1e62393392a

Request Chain 115

• https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1 HTTP 302
• https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 118

• https://id5-sync.com/s/464/9.gif?puid=c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
• https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/6/2.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/464/19/6/2.gif?puid=24e096171ea768cbe2c0565ee776b15b&gdpr=1&gdpr_consent= HTTP 302
• https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/464/101/5/3.gif?puid=e5f4dd07-e295-46fb-8a9e-5c41b0a3810c&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/464/108/4/4.gif?puid=e7332499-4a80-11eb-8a81-ba8f63c18f37&gdpr=1&gdpr_consent= HTTP 302
• https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/464/112/3/5.gif?puid=7B19D3F24201C154&gdpr=1&gdpr_consent= HTTP 302
• https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
• https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/464/146/2/6.gif?puid=d403cea4-8aae-4016-ad6d-4dc542edcf09&gdpr=1&gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F398%2F1%2F7.gif%3Fpuid%3D%24%7Bbase64_profileid%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MjRlMDk2MTcxZWE3NjhjYmUyYzA1NjVlZTc3NmIxNWI&google_redir=https://id5-sync.com/c/464/398/1/7.gif?puid=MjRlMDk2MTcxZWE3NjhjYmUyYzA1NjVlZTc3NmIxNWI&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/464/398/1/7.gif?puid=MjRlMDk2MTcxZWE3NjhjYmUyYzA1NjVlZTc3NmIxNWI&gdpr=1&gdpr_consent= HTTP 302
• https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F0%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/464/441/0/8.gif?puid=e_03da0e45-d618-43d8-92a1-3ae3b95e2da2&gdpr=1&gdpr_consent=

Request Chain 141

• https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJubmy_o-reSYNEjCHaPbu4&google_cver=1

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response officecdn.microsofct.com/	2 KB 2 KB	173ms 52ms	Document text/html	159.69.83.207 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://officecdn.microsofct.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.83.207 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.207.83.69.159.clients.your-server.de Software openresty / Resource Hash f4c4b9398137a38bf1b03457f39ba634e83ed0f08a61b4b18ef3bb6aa2b75694 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority officecdn.microsofct.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server openresty date Wed, 30 Dec 2020 09:20:24 GMT content-type text/html; charset=utf8 set-cookie ndsp=eyJkb21haW5OYW1lIjoibWljcm9zb2ZjdC5jb20iLCJtZW1iZXIiOiIxMSIsInRlbXBsYXRlIjoic3BsaXR0ZXIiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhXC81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvODMuMC40MTAzLjYxIFNhZmFyaVwvNTM3LjM2Iiwic2Vzc2lvbiI6IjZmYzEyMTE3MzZkNGJkZWM3ZTY2ZGIyMGY2ZjY4Zjk5IiwidGltZV9pbml0IjoxNjA5MzIwMDI0fQ%3D%3D; expires=Wed, 30-Dec-2020 22:59:59 GMT; Max-Age=49175; path=/ x-content-type-options nosniff x-xss-protection 1; mode=block content-encoding gzip
GET H2	200	banner_ads.js Show response officecdn.microsofct.com/	111 B 326 B	26ms 26ms	Script application/javascript	159.69.83.207 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://officecdn.microsofct.com/banner_ads.js Requested by Host: officecdn.microsofct.com URL: https://officecdn.microsofct.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.83.207 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.207.83.69.159.clients.your-server.de Software openresty / Resource Hash 4aa355b64f75bc8293836eb2ca7ff4a0d7230f361c2e9b1b2d7394ac7c540f90 Request headers Referer https://officecdn.microsofct.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Wed, 30 Dec 2020 09:20:24 GMT last-modified Thu, 26 Sep 2019 08:13:05 GMT server openresty etag "5d8c7311-6f" content-type application/javascript cache-control max-age=2592000, public accept-ranges bytes content-length 111 expires Fri, 29 Jan 2021 09:20:24 GMT
GET H2	200	analytics.js www.google-analytics.com/	46 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: officecdn.microsofct.com URL: https://officecdn.microsofct.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://officecdn.microsofct.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 5667 date Wed, 30 Dec 2020 07:50:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Wed, 30 Dec 2020 09:50:34 GMT
GET H2	200	/ track.vcdc.com/	737 B 610 B	79ms 25ms	Document text/html	94.130.185.237 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://track.vcdc.com/?mid=108&f=108&domain=microsofct.com Requested by Host: officecdn.microsofct.com URL: https://officecdn.microsofct.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.130.185.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.237.185.130.94.clients.your-server.de Software nginx / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority track.vcdc.com :scheme https :path /?mid=108&f=108&domain=microsofct.com pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://officecdn.microsofct.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://officecdn.microsofct.com/ Response headers server nginx date Wed, 30 Dec 2020 09:25:01 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-content-type-options nosniff x-xss-protection 1; mode=block content-encoding gzip
POST H3-Q050	200	collect www.google-analytics.com/j/	2 B 131 B	45ms 12ms	XHR text/plain	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=716468309&t=event&ni=1&_s=1&dl=https%3A%2F%2Fofficecdn.microsofct.com%2F&ul=en-us&de=UTF-8&dt=microsofct.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blocking%20Ads&ea=No&_u=YEBAAEABAAAAAC~&jid=17047442&gjid=1862893705&cid=1744425099.1609320302&tid=UA-43967021-7&_gid=1743504350.1609320302&_r=1&_slc=1&cd1=splitter&cd2=11&cd3=yes&z=269076844 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://officecdn.microsofct.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://officecdn.microsofct.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/	35 B 384 B	31ms 19ms	Image image/gif	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=716468309&t=pageview&_s=2&dl=https%3A%2F%2Fofficecdn.microsofct.com%2F&ul=en-us&de=UTF-8&dt=microsofct.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1744425099.1609320302&tid=UA-43967021-7&_gid=1743504350.1609320302&cd1=splitter&cd2=11&cd3=yes&z=1774478102 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://officecdn.microsofct.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 29 Dec 2020 13:22:36 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 72145 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	go.php Show response track.vcdc.com/	694 B 773 B	497ms 496ms	Document text/html	94.130.185.237 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://track.vcdc.com/go.php?mid=108&f=108&domain=microsofct.com&ref=https://officecdn.microsofct.com/ Requested by Host: track.vcdc.com URL: https://track.vcdc.com/?mid=108&f=108&domain=microsofct.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.130.185.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.237.185.130.94.clients.your-server.de Software nginx / Resource Hash 738e3eee516a95feab5b24eb76dba0f8da5fcef43b93980d1548d6339b26b065 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority track.vcdc.com :scheme https :path /go.php?mid=108&f=108&domain=microsofct.com&ref=https://officecdn.microsofct.com/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document referer https://track.vcdc.com/?mid=108&f=108&domain=microsofct.com accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://track.vcdc.com/?mid=108&f=108&domain=microsofct.com Response headers server nginx date Wed, 30 Dec 2020 09:25:02 GMT content-type text/html; charset=utf-8 vary Accept-Encoding set-cookie XID=mc71837ctjs728rta92voqa5ai; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache x-content-type-options nosniff x-xss-protection 1; mode=block content-encoding gzip
GET H/1.1	200 OK	Cookie set forward.php Show response track.traffic.club/helper/	129 B 608 B	120ms 27ms	Document text/html	144.76.1.130 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://track.traffic.club/helper/forward.php?target=aHR0cHM6Ly9zeWx2ZXJsaWdodC5uZXQvP2FjdGlvbj1yZWRpcmVjdCZ0YXJnZXQ9YUhSMGNEb3ZMekEwTVRBeUxtUmwmaGFzaD1iOTJiNTg2MjViZTVjODI5NWJlOTBkZDI0YWI0YzJhYw==&hash=903cf4fbd5c3339eaea4ba1047d8a551 Requested by Host: track.vcdc.com URL: https://track.vcdc.com/go.php?mid=108&f=108&domain=microsofct.com&ref=https://officecdn.microsofct.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.76.1.130 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.130.1.76.144.clients.your-server.de Software nginx / PHP/5.3.10-1ubuntu3.24 Resource Hash 2f2792a94fdf35b39240ed6e151dd7e1ced76fdc0ae49f6957db59666fd79a66 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host track.traffic.club Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://track.vcdc.com/go.php?mid=108&f=108&domain=microsofct.com&ref=https://officecdn.microsofct.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://track.vcdc.com/go.php?mid=108&f=108&domain=microsofct.com&ref=https://officecdn.microsofct.com/ Response headers Server nginx Date Wed, 30 Dec 2020 09:25:02 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/5.3.10-1ubuntu3.24 Set-Cookie kkl6hi=aHR0cHM6Ly9zeWx2ZXJsaWdodC5uZXQvP2FjdGlvbj1yZWRpcmVjdCZ0YXJnZXQ9YUhSMGNEb3ZMekEwTVRBeUxtUmwmaGFzaD1iOTJiNTg2MjViZTVjODI5NWJlOTBkZDI0YWI0YzJhYw%3D%3D; expires=Wed, 30-Dec-2020 09:25:12 GMT X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block Content-Encoding gzip
GET H/1.1	200 OK	Cookie set forward.php Show response track.traffic.club/helper/	216 B 604 B	28ms 27ms	Document text/html	144.76.1.130 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://track.traffic.club/helper/forward.php Requested by Host: track.traffic.club URL: https://track.traffic.club/helper/forward.php?target=aHR0cHM6Ly9zeWx2ZXJsaWdodC5uZXQvP2FjdGlvbj1yZWRpcmVjdCZ0YXJnZXQ9YUhSMGNEb3ZMekEwTVRBeUxtUmwmaGFzaD1iOTJiNTg2MjViZTVjODI5NWJlOTBkZDI0YWI0YzJhYw==&hash=903cf4fbd5c3339eaea4ba1047d8a551 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.76.1.130 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.130.1.76.144.clients.your-server.de Software nginx / PHP/5.3.10-1ubuntu3.24 Resource Hash 4cd7760754903cfab8ef7074e9f38cc5d0dfff4bf2f64eb6e10d64362a7e16ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host track.traffic.club Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-origin Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://track.traffic.club/helper/forward.php?target=aHR0cHM6Ly9zeWx2ZXJsaWdodC5uZXQvP2FjdGlvbj1yZWRpcmVjdCZ0YXJnZXQ9YUhSMGNEb3ZMekEwTVRBeUxtUmwmaGFzaD1iOTJiNTg2MjViZTVjODI5NWJlOTBkZDI0YWI0YzJhYw==&hash=903cf4fbd5c3339eaea4ba1047d8a551 Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie kkl6hi=aHR0cHM6Ly9zeWx2ZXJsaWdodC5uZXQvP2FjdGlvbj1yZWRpcmVjdCZ0YXJnZXQ9YUhSMGNEb3ZMekEwTVRBeUxtUmwmaGFzaD1iOTJiNTg2MjViZTVjODI5NWJlOTBkZDI0YWI0YzJhYw%3D%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://track.traffic.club/helper/forward.php?target=aHR0cHM6Ly9zeWx2ZXJsaWdodC5uZXQvP2FjdGlvbj1yZWRpcmVjdCZ0YXJnZXQ9YUhSMGNEb3ZMekEwTVRBeUxtUmwmaGFzaD1iOTJiNTg2MjViZTVjODI5NWJlOTBkZDI0YWI0YzJhYw==&hash=903cf4fbd5c3339eaea4ba1047d8a551 Response headers Server nginx Date Wed, 30 Dec 2020 09:25:02 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/5.3.10-1ubuntu3.24 Set-Cookie kkl6hi=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT tc_rvs=1; expires=Wed, 30-Dec-2020 09:25:05 GMT X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block Content-Encoding gzip
GET H2	200	/ Show response sylverlight.net/	827 B 449 B	115ms 27ms	Document text/html	78.46.155.196 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sylverlight.net/?action=redirect&target=aHR0cDovLzA0MTAyLmRl&hash=b92b58625be5c8295be90dd24ab4c2ac Requested by Host: track.traffic.club URL: https://track.traffic.club/helper/forward.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.46.155.196 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi3962.your-server.de Software Apache / Resource Hash 648942eab06317a7a3a48c179da43fc141c6a4daac5ce1341410e69999e7b024 Request headers :method GET :authority sylverlight.net :scheme https :path /?action=redirect&target=aHR0cDovLzA0MTAyLmRl&hash=b92b58625be5c8295be90dd24ab4c2ac pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://track.traffic.club/helper/forward.php accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://track.traffic.club/helper/forward.php Response headers date Wed, 30 Dec 2020 09:25:02 GMT server Apache referrer-policy no-referrer x-mod-pagespeed 1.13.35.2-0 vary Accept-Encoding content-encoding gzip cache-control max-age=0, no-cache, s-maxage=10 content-length 284 content-type text/html;charset=utf-8
GET H/1.1	200 OK	Cookie set / Show response 04102.de/	517 B 840 B	76ms 55ms	Document text/html	78.46.155.196 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://04102.de/ Protocol HTTP/1.1 Server 78.46.155.196 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS dedi3962.your-server.de Software Apache / Resource Hash 539ced6b36ce26289f22ec1d399a020a696921bc00aed30a9d7280e9e20dd45e Request headers Host 04102.de Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Dec 2020 09:25:02 GMT Server Apache Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Content-Encoding gzip Vary Accept-Encoding Set-Cookie XID=1f06e007815f1adc6fcf0c16d2b46189; path=/ Upgrade h2c Connection Upgrade, Keep-Alive Keep-Alive timeout=15, max=100 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	9135 Show response mixupdef.com/i/	15 KB 3 KB	383ms 126ms	Document text/html	204.155.145.103 WZCOM-
General Check archive.org Show headers Download Go to Full URL https://mixupdef.com/i/9135?nsid={pubid}&partner_subid={click_id} Requested by Host: 04102.de URL: http://04102.de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.155.145.103 Dallas, United States, ASN40824 (WZCOM-, US), Reverse DNS proven.masterliberty.com Software nginx-more / Resource Hash 98daf9d3689c48de75788613298e07471b7891b91e5f83133aa30b64f64b3566 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Host mixupdef.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer http://04102.de/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://04102.de/ Response headers Date Wed, 30 Dec 2020 09:25:03 GMT Content-Type text/html; charset=utf8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Server nginx-more Strict-Transport-Security max-age=15768000 Content-Encoding br
GET H2	200	26997435f4616f161c90.js Show response trk9.nundori.xyz/l/ Redirect Chain https://mixupdef.com/d/9135/1609320303106189-ZVQQbg?nsid={pubid}&partner_subid={click_id} https://misctraff.com/l/26997435f4616f161c90?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684 https://trk9.nundori.xyz/l/26997435f4616f161c90.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684	36 KB 12 KB	46ms 28ms	Document text/html	2606:4700:e2::ac40:8d1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk9.nundori.xyz/l/26997435f4616f161c90.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8d1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a Request headers :method GET :authority trk9.nundori.xyz :scheme https :path /l/26997435f4616f161c90.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 Origin null Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:03 GMT content-type text/html set-cookie __cfduid=d9d9de22bd16110de5e82a890576f83c61609320303; expires=Fri, 29-Jan-21 09:25:03 GMT; path=/; domain=.nundori.xyz; HttpOnly; SameSite=Lax last-modified Thu, 15 Oct 2020 14:13:33 GMT expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 cf-cache-status HIT age 5022 cf-request-id 0754902373000064a99688d000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7AGSUDOlZhX7ALPmazpRGQryQCaF09Hzgg0mc5fS4zj3L%2FyTRrt%2BhZI12n0z3Lss%2FYO5BwrfYy8Y0AtDOo6X7tDSx3%2B2LUINSBQcqJeelJhW1Mg6YZ8lNj%2BM6hqQ"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 609ab618bb2064a9-FRA content-encoding br Redirect headers date Wed, 30 Dec 2020 09:25:03 GMT cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Thu, 01 Jan 1970 00:00:01 GMT location https://trk9.nundori.xyz/l/26997435f4616f161c90.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684 cf-request-id 075490234900002b1e372f7000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6aSMfQ3myRZ1S1F2EbKoHYxaC70byAp38Du9A7WgLVJzqLq8vOIQxs%2FjPCWyR96hLuG5qcmNVxxQWOxc4%2FOfxQrxRkIJuHENxbDbS3e0jgUSuK8UwSC7XeYV"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 609ab6187ec62b1e-FRA
GET H2	200	gw.js trk9.nundori.xyz/ Redirect Chain https://trk9.nundori.xyz/l/26997435f4616f161c90.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684&code=1bY3VvBDU7NkA7Ozo.P... https://trk9.nundori.xyz/gw.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ%3D%3D_7497_9135&url=https%3A%2F%2Ftiktok-labs.com%2Fgw.php%3Fcampaign_id%3D15_b_384142_b_122223_b_DE&vId=bmco...	1 KB 916 B	12ms 12ms	Document text/html	2606:4700:e2::ac40:8d1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk9.nundori.xyz/gw.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ%3D%3D_7497_9135&url=https%3A%2F%2Ftiktok-labs.com%2Fgw.php%3Fcampaign_id%3D15_b_384142_b_122223_b_DE&vId=bmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e&hash=26997435f4616f161c90&ete=true Requested by Host: officecdn.microsofct.com URL: https://officecdn.microsofct.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8d1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority trk9.nundori.xyz :scheme https :path /gw.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ%3D%3D_7497_9135&url=https%3A%2F%2Ftiktok-labs.com%2Fgw.php%3Fcampaign_id%3D15_b_384142_b_122223_b_DE&vId=bmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e&hash=26997435f4616f161c90&ete=true pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document referer https://trk9.nundori.xyz/l/26997435f4616f161c90.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684 accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=d9d9de22bd16110de5e82a890576f83c61609320303; BSESSID=trk2e1f9723-cfac-4233-b4c9-c04e73e8c035 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://trk9.nundori.xyz/l/26997435f4616f161c90.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ==_7497_9135&isubid=1609320303106189-ZVQQbg-9135-12684&icid=12684 Response headers date Wed, 30 Dec 2020 09:25:03 GMT content-type text/html last-modified Thu, 04 Jul 2019 15:58:34 GMT expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000 cf-cache-status HIT age 5077 cf-request-id 07549023d5000064a982b4d000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GUQwTS%2B%2FR2AwuNPCBbNQ3p%2Fwf4zRAiYyUqs6vUSS3kJLVNekWnExRiKm6gxbhTAXBnXDAgUbSCFMpJ%2FGyF8uLSON%2BYZfPUrOVFqQI246fJ93u3HLvefP%2FDCwZhAv"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 609ab6195b3b64a9-FRA content-encoding br Redirect headers date Wed, 30 Dec 2020 09:25:03 GMT location https://trk9.nundori.xyz/gw.js?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ%3D%3D_7497_9135&url=https%3A%2F%2Ftiktok-labs.com%2Fgw.php%3Fcampaign_id%3D15_b_384142_b_122223_b_DE&vId=bmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e&hash=26997435f4616f161c90&ete=true cache-control private, max-age=0, no-cache, no-store, must-revalidate pragma no-cache set-cookie BSESSID=trk2e1f9723-cfac-4233-b4c9-c04e73e8c035; Max-Age=63072000; Expires=Fri, 30 Dec 2022 09:25:03 GMT; Path=/ cf-cache-status DYNAMIC cf-request-id 07549023ad000064a9a31ca000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EzrWFR7MCA2F8mg04fGZbRM%2BTG%2B907IDdenLmQW5x9Vhh2pd0JUwuErDvxouRwDOdF3pdqVZ%2FEwA8OK7%2BHz7FUg04PJnUradhfWtBLMYOHlpy%2FTxZsFVUi%2FSZmk6"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 609ab6191b2e64a9-FRA
GET H/1.1	200 OK	Primary Request worst-diet-mistakes-1.html Show response load.mrviral.co/v2/v2/ Redirect Chain https://tiktok-labs.com/gw.php?campaign_id=15_b_384142_b_122223_b_DE https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html	6 KB 3 KB	148ms 26ms	Document text/html	108.61.209.214 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Requested by Host: trk9.nundori.xyz URL: https://trk9.nundori.xyz/l/26997435f4616f161c90?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ%3D%3D_7497_9135&url=https%3A%2F%2Ftiktok-labs.com%2Fgw.php%3Fcampaign_id%3D15_b_384142_b_122223_b_DE&vId=bmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e&hash=26997435f4616f161c90&ete=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.61.209.214 Paris, France, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.209.214.vultr.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 6e70fc062575444423dee9d17df4c25fa16b4051e87273bfa6fb091f708372ff Request headers Host load.mrviral.co Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://trk9.nundori.xyz/l/26997435f4616f161c90?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ%3D%3D_7497_9135&url=https%3A%2F%2Ftiktok-labs.com%2Fgw.php%3Fcampaign_id%3D15_b_384142_b_122223_b_DE&vId=bmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e&hash=26997435f4616f161c90&ete=true Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://trk9.nundori.xyz/l/26997435f4616f161c90?sub=1609320303106189-ZVQQbg-9135-12684&source=e3B1YmlkfQ%3D%3D_7497_9135&url=https%3A%2F%2Ftiktok-labs.com%2Fgw.php%3Fcampaign_id%3D15_b_384142_b_122223_b_DE&vId=bmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e&hash=26997435f4616f161c90&ete=true Response headers Date Wed, 30 Dec 2020 09:25:03 GMT Server Apache/2.4.18 (Ubuntu) Last-Modified Wed, 09 Dec 2020 14:49:19 GMT ETag "1657-5b6092a074180-gzip" Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 2330 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html Redirect headers date Wed, 30 Dec 2020 09:25:03 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d30c4f09b7f7ef5856ea6b4fbc33b18c81609320303; expires=Fri, 29-Jan-21 09:25:03 GMT; path=/; domain=.tiktok-labs.com; HttpOnly; SameSite=Lax x-powered-by PHP/7.3.10 location https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html cf-cache-status BYPASS cf-request-id 075490241700000c019ea31000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O7r7uTtG4Aoi2X2jMX1eVb3rBr%2FupRtO8MO9jjXj4xQPRJwti%2FFnjzXs66%2BJI%2B3hT9pKjrxe05AIHyBJHiBWa0ncBJcxXgkEC4aF8nR%2Bj88%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 609ab619bb920c01-AMS
GET H/1.1	200 OK	style.css load.mrviral.co/v2/v2/assets/css/	44 KB 8 KB	28ms 27ms	Stylesheet text/css	108.61.209.214 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://load.mrviral.co/v2/v2/assets/css/style.css Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.61.209.214 Paris, France, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.209.214.vultr.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 5c2322afa9af0f50c085db89af0264ced44ed068e84781df8e377bb91648f8d2 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Dec 2020 09:25:03 GMT Content-Encoding gzip Last-Modified Wed, 09 Dec 2020 13:03:47 GMT Server Apache/2.4.18 (Ubuntu) ETag "b05c-5b607b09d030a-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 7586
GET H2	200	cookiebar-latest.min.js Show response cdn.jsdelivr.net/npm/cookie-bar/	6 KB 2 KB	20ms 6ms	Script application/javascript	2a04:4e42:3::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1&showNoConsent=1&noConfirm=1 Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 74d5ee55409ae0b47cba969fc135806f74819622cfc6d81b8cd50eb222896e6e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 25096 x-cache HIT cross-origin-resource-policy cross-origin content-length 2059 etag W/"1676-cN80HtB1Xt7SBWpg+ji2RMK0Mdk" x-served-by cache-fra19180-FRA date Wed, 30 Dec 2020 09:25:03 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	20ms 18ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-56157376-1 Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash abc60102c860f3d074e0d5fc60b2de315955edd0ee92b4b2de96b059f7d86fe8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:03 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38976 x-xss-protection 0 last-modified Wed, 30 Dec 2020 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 30 Dec 2020 09:25:03 GMT
GET H2	200	/ Show response bidswitads.com/	26 KB 9 KB	353ms 114ms	Script application/javascript	3.140.64.241 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bidswitads.com/?uid=5d24cd5b95fb7a0012ef7512&w=300&h=250&click= Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.140.64.241 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-140-64-241.us-east-2.compute.amazonaws.com Software nginx/1.16.1 / Express Resource Hash ef783a1c202fce64eae77703e2b0c5602a6d9a6406780050bccbf33a5868e6f6 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip server nginx/1.16.1 x-powered-by Express content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept expires -1
GET H/1.1	200 OK	avatar2.jpg load.mrviral.co/v2/v2/assets/img/sample/	5 KB 6 KB	86ms 30ms	Image image/jpeg	108.61.209.214 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://load.mrviral.co/v2/v2/assets/img/sample/avatar2.jpg Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.61.209.214 Paris, France, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.209.214.vultr.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 9d14216bd0e6075f5d4e159b4b08354d214ebfda15d4e917c2dc320d09acc1a1 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Dec 2020 09:25:04 GMT Last-Modified Wed, 09 Dec 2020 13:03:52 GMT Server Apache/2.4.18 (Ubuntu) ETag "15ad-5b607b0e44d13" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 5549
GET H/1.1	200 OK	photo%204.png load.mrviral.co/v2/v2/assets/img/sample/	881 KB 882 KB	54ms 27ms	Image image/png	108.61.209.214 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://load.mrviral.co/v2/v2/assets/img/sample/photo%204.png Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.61.209.214 Paris, France, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.209.214.vultr.com Software Apache/2.4.18 (Ubuntu) / Resource Hash ac8c03c36f51602fcd811e98ee996d3d0ef82aae03330969b8751266ba4eb071 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Dec 2020 09:25:04 GMT Last-Modified Wed, 09 Dec 2020 13:03:53 GMT Server Apache/2.4.18 (Ubuntu) ETag "dc5fc-5b607b0eecc94" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 902652
GET H2	200	/ Show response ads.projectagoraservices.com/	27 KB 7 KB	23ms 8ms	Script application/javascript	2a02:26f0:64::210:6b1a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.projectagoraservices.com/?id=12481 Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:64::210:6b1a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash a3adfd72686d10bf175e0bed4216c1dcd177bfe4d93a22594ee6a5e33339102a Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:03 GMT content-encoding gzip vary Accept-Encoding content-type application/javascript cache-control private, no-cache, no-store, must-revalidate content-length 7006 expires Wed, 30 Dec 2020 09:25:03 GMT
GET H2	200	mrviral.co.1050042.js Show response jsc.adskeeper.co.uk/m/r/	225 KB 61 KB	67ms 30ms	Script text/javascript	104.19.133.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.adskeeper.co.uk/m/r/mrviral.co.1050042.js Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c0dd454079d261fdfc5b51466c414d696afffc6542d8721317fc3d77fd40ec0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding br cf-cache-status HIT age 489 cf-polished origSize=230044 last-modified Wed, 09 Dec 2020 14:45:28 GMT x-amz-request-id 632D2F6A432E499C x-amz-id-2 ZSOODDiLdaPghgrqyWQju6808Yh6n4evSVLPNkMdY3m9l6yW5fCfP4/d6a9Z8vDD9uBPMpaiT4I= cf-bgj minify server cloudflare etag W/"a735b0640b181faced3850ff64c42b17" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=14400 cf-request-id 075490257900000c69de396000000001 cf-ray 609ab61bfe0b0c69-AMS expires Wed, 30 Dec 2020 13:25:03 GMT
GET H/1.1	200 OK	jquery-3.4.1.min.js Show response load.mrviral.co/v2/v2/assets/js/lib/	86 KB 30 KB	36ms 36ms	Script application/javascript	108.61.209.214 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://load.mrviral.co/v2/v2/assets/js/lib/jquery-3.4.1.min.js Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.61.209.214 Paris, France, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.209.214.vultr.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Dec 2020 09:25:03 GMT Content-Encoding gzip Last-Modified Wed, 09 Dec 2020 13:03:48 GMT Server Apache/2.4.18 (Ubuntu) ETag "15851-5b607b0ad4eec-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 30677
GET H/1.1	200 OK	popper.min.js Show response load.mrviral.co/v2/v2/assets/js/lib/	21 KB 8 KB	29ms 27ms	Script application/javascript	108.61.209.214 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://load.mrviral.co/v2/v2/assets/js/lib/popper.min.js Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.61.209.214 Paris, France, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.209.214.vultr.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Dec 2020 09:25:03 GMT Content-Encoding gzip Last-Modified Wed, 09 Dec 2020 13:03:49 GMT Server Apache/2.4.18 (Ubuntu) ETag "520c-5b607b0b1c38c-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 7457
GET H/1.1	200 OK	bootstrap.min.js Show response load.mrviral.co/v2/v2/assets/js/lib/	57 KB 15 KB	34ms 32ms	Script application/javascript	108.61.209.214 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://load.mrviral.co/v2/v2/assets/js/lib/bootstrap.min.js Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.61.209.214 Paris, France, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.209.214.vultr.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Dec 2020 09:25:03 GMT Content-Encoding gzip Last-Modified Wed, 09 Dec 2020 13:03:48 GMT Server Apache/2.4.18 (Ubuntu) ETag "e2d8-5b607b0af816c-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 15437
GET H/1.1	200 OK	owl.carousel.min.js Show response load.mrviral.co/v2/v2/assets/js/plugins/	43 KB 11 KB	59ms 28ms	Script application/javascript	108.61.209.214 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://load.mrviral.co/v2/v2/assets/js/plugins/owl.carousel.min.js Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.61.209.214 Paris, France, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.209.214.vultr.com Software Apache/2.4.18 (Ubuntu) / Resource Hash a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Dec 2020 09:25:03 GMT Content-Encoding gzip Last-Modified Wed, 09 Dec 2020 13:03:48 GMT Server Apache/2.4.18 (Ubuntu) ETag "ad36-5b607b0a7152b-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 11412
GET H/1.1	200 OK	app.js Show response load.mrviral.co/v2/v2/assets/js/	2 KB 817 B	81ms 30ms	Script application/javascript	108.61.209.214 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://load.mrviral.co/v2/v2/assets/js/app.js Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.61.209.214 Paris, France, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.209.214.vultr.com Software Apache/2.4.18 (Ubuntu) / Resource Hash def2a365e3daa2c5da2cca76415cc4ee055084f88750b6f27a385beef90c899d Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Dec 2020 09:25:04 GMT Content-Encoding gzip Last-Modified Wed, 09 Dec 2020 13:03:49 GMT Server Apache/2.4.18 (Ubuntu) ETag "6ca-5b607b0b4636d-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 468
GET H/1.1	200 OK	bootstrap.min.css load.mrviral.co/v2/v2/assets/css/inc/bootstrap/	156 KB 23 KB	30ms 29ms	Stylesheet text/css	108.61.209.214 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://load.mrviral.co/v2/v2/assets/css/inc/bootstrap/bootstrap.min.css Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/assets/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.61.209.214 Paris, France, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.209.214.vultr.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6 Request headers Referer https://load.mrviral.co/v2/v2/assets/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Dec 2020 09:25:03 GMT Content-Encoding gzip Last-Modified Wed, 09 Dec 2020 13:03:46 GMT Server Apache/2.4.18 (Ubuntu) ETag "26f1b-5b607b08f4768-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 23688
GET H/1.1	200 OK	owl.carousel.min.css load.mrviral.co/v2/v2/assets/css/inc/owl-carousel/	3 KB 1 KB	69ms 26ms	Stylesheet text/css	108.61.209.214 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://load.mrviral.co/v2/v2/assets/css/inc/owl-carousel/owl.carousel.min.css Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/assets/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.61.209.214 Paris, France, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.209.214.vultr.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc Request headers Referer https://load.mrviral.co/v2/v2/assets/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Dec 2020 09:25:03 GMT Content-Encoding gzip Last-Modified Wed, 09 Dec 2020 13:03:47 GMT Server Apache/2.4.18 (Ubuntu) ETag "d17-5b607b09513c9-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1068
GET H/1.1	200 OK	owl.theme.default.css load.mrviral.co/v2/v2/assets/css/inc/owl-carousel/	1 KB 898 B	90ms 30ms	Stylesheet text/css	108.61.209.214 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://load.mrviral.co/v2/v2/assets/css/inc/owl-carousel/owl.theme.default.css Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/assets/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.61.209.214 Paris, France, ASN20473 (AS-CHOOPA, US), Reverse DNS 108.61.209.214.vultr.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 9d7055ec6af6954d2df80c0ab274b4e4362dcd9f35a184d74ba923ecb0501df3 Request headers Referer https://load.mrviral.co/v2/v2/assets/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 30 Dec 2020 09:25:03 GMT Content-Encoding gzip Last-Modified Wed, 09 Dec 2020 13:03:47 GMT Server Apache/2.4.18 (Ubuntu) ETag "564-5b607b0971769-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 562
GET H2	200	ionicons.min.css unpkg.com/ionicons@4.5.10-0/dist/css/	44 KB 7 KB	26ms 25ms	Stylesheet text/css	2606:4700::6810:7caf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/ionicons@4.5.10-0/dist/css/ionicons.min.css Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b82a2dd43936317fee3dc469880686b83caab009d9e71a9953f25bbe8c1b34ae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://load.mrviral.co/v2/v2/assets/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:03 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 365239 vary Accept-Encoding cf-request-id 07549024f00000d6c9d0325000000001 last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"b09c-0qR+qwWhl5h3I61TCWRhFVmJ40Y" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 access-control-allow-origin * x-cloud-trace-context 2439024e3f464f159d5ab8d39a6e9343 cache-control public, max-age=31536000 cf-ray 609ab61b194ad6c9-FRA
GET H2	200	css fonts.googleapis.com/	5 KB 514 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Heebo:100,300,400,500,700,800,900&display=swap Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2affb5ab55b68ca957404d808e676e697c7dfa83b35191319d7eaa1fa26d7e26 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/assets/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 30 Dec 2020 09:25:03 GMT server ESF date Wed, 30 Dec 2020 09:25:03 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 30 Dec 2020 09:25:03 GMT
GET H2	200	NGS6v5_NC0k9P9H2TbFhsqMA.woff2 fonts.gstatic.com/s/heebo/v9/	26 KB 27 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/heebo/v9/NGS6v5_NC0k9P9H2TbFhsqMA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Heebo:100,300,400,500,700,800,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 15040aad269371439a14ae08b56199df71ce20bc0d476c61917dec53c11983fc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://load.mrviral.co Referer https://fonts.googleapis.com/css?family=Heebo:100,300,400,500,700,800,900&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 25 Dec 2020 01:48:54 GMT x-content-type-options nosniff last-modified Fri, 26 Jun 2020 02:43:44 GMT server sffe age 459369 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27080 x-xss-protection 0 expires Sat, 25 Dec 2021 01:48:54 GMT
GET H3-Q050	200	analytics.js Show response www.google-analytics.com/	46 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-56157376-1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 2096 date Wed, 30 Dec 2020 08:50:07 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Wed, 30 Dec 2020 10:50:07 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	1 B 67 B	13ms 12ms	XHR text/plain	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1784630416&t=pageview&_s=1&dl=https%3A%2F%2Fload.mrviral.co%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html&dr=https%3A%2F%2Ftrk9.nundori.xyz%2Fl%2F26997435f4616f161c90%3Fsub%3D1609320303106189-ZVQQbg-9135-12684%26source%3De3B1YmlkfQ%253D%253D_7497_9135%26url%3Dhttps%253A%252F%252Ftiktok-labs.com%252Fgw.php%253Fcampaign_id%253D15_b_384142_b_122223_b_DE%26vId%3Dbmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e%26hash%3D26997435f4616f161c90%26ete%3Dtrue&ul=en-us&de=UTF-8&dt=MrViral%20-%20Diet%20Lost%20Articles&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1058648278&gjid=1738384485&cid=486271191.1609320304&tid=UA-56157376-1&_gid=1056940683.1609320304&_r=1&gtm=2oubu0&z=44702235 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:04 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://load.mrviral.co cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	postscribe.min.js Show response cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/	17 KB 6 KB	30ms 15ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js Requested by Host: bidswitads.com URL: https://bidswitads.com/?uid=5d24cd5b95fb7a0012ef7512&w=300&h=250&click= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 365253 cross-origin-resource-policy cross-origin vary Accept-Encoding content-length 5117 cf-request-id 075490264700002c2e680fd000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:15:38 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03faa-45f4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YF9calPdOHCb%2BmkQoesUt2%2B0WylNmEkst7%2BCzOHYwkzWwAC5Z5%2BRtodnYEXQK0Sf4Vqt3PfhpXoT%2FTcEhE9mzomtiJYfmPkiRktFDokw4QuYeuO5CkLA9g3vaV7tfvQFMw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 609ab61d3f3b2c2e-FRA expires Mon, 20 Dec 2021 09:25:04 GMT
GET H2	200	prebid.js Show response projectagora.net/libs/prebidv3/	256 KB 75 KB	50ms 29ms	Script application/javascript	2606:4700:3035::6812:3c5e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://projectagora.net/libs/prebidv3/prebid.js Requested by Host: ads.projectagoraservices.com URL: https://ads.projectagoraservices.com/?id=12481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6812:3c5e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2ae0135c75c674d5cea853eed74d70e980e58df82e4187628c496f691e6762f Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4608 x-amz-request-id 40EAF7BB0DE2CC7D x-amz-id-2 raeJdnNlCJeM/Pss0Iy9xVMawneYEVQjysOoW76Zlnj+fmw6xK00BIdaV/3km7vYPeBl8xX4SQw= last-modified Wed, 14 Oct 2020 14:40:28 GMT server cloudflare etag W/"c023f73152f02e459390529cfb6ccb15" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N8ovYkkjwpgZJOSYu7fsIhQps8cTQ%2B0zwfDEz77Izp2RFMHxlM93DL8Yuldpvfg%2FIyTO1ChVNWidQdxBZ6kMxDgIxUGElolrpJr0oiDjjdlOxf8WjvVDtgH4ikba"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-request-id 075490264f00004aaa0b85e000000001 cf-ray 609ab61d4c6d4aaa-FRA
GET H2	200	/ Show response ads.projectagoraservices.com/	27 KB 7 KB	7ms 7ms	Script application/javascript	2a02:26f0:64::210:6b1a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.projectagoraservices.com/?id=12481 Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:64::210:6b1a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash a3adfd72686d10bf175e0bed4216c1dcd177bfe4d93a22594ee6a5e33339102a Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip vary Accept-Encoding content-type application/javascript cache-control private, no-cache, no-store, must-revalidate content-length 7006 expires Wed, 30 Dec 2020 09:25:04 GMT
GET H2	200	/ Show response freegeoip.app/json/	204 B 869 B	46ms 29ms	XHR application/json	2606:4700:3033::ac43:bc9a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freegeoip.app/json/ Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1&showNoConsent=1&noConfirm=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:bc9a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b9619571c6e811506afd0988748f83d06ff3e0aa05e1242c576bc12ff45a3a5 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding br vary Origin cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} x-database-date Thu, 16 Jul 2020 08:44:46 GMT cf-request-id 075490267200004a73cc3db000000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-ratelimit-remaining 14999 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Uj%2Bhdc9MXpJRHZkiUNfQ9WHUhitk3%2B7XhlNZeLrmRVqVx3gP1AG9hN21b%2FFanl%2FYGSRSCvL7qEJB%2BNn2g13PosSPTpgW2tD7o%2FWhJQYXdLu1o6Iq7iBhv%2BiO"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://load.mrviral.co access-control-allow-credentials true x-ratelimit-reset 3600 x-ratelimit-limit 15000 cf-ray 609ab61d78bb4a73-FRA
GET H3-Q050	200	css fonts.googleapis.com/	2 KB 988 B	44ms 30ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 30 Dec 2020 08:58:27 GMT server ESF date Wed, 30 Dec 2020 09:25:04 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 30 Dec 2020 09:25:04 GMT
GET H2	200	cookiebar.min.css cdn.jsdelivr.net/npm/cookie-bar/themes/	4 KB 1 KB	6ms 5ms	Stylesheet text/css	2a04:4e42:3::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/cookie-bar/themes/cookiebar.min.css Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1&showNoConsent=1&noConfirm=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f01e41da7d7433620e5e5bad1557ed160f94c79902e41613b8fc09a1bd194f36 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 20393 x-cache HIT cross-origin-resource-policy cross-origin content-length 1160 etag W/"1135-1Hoi9SXjWU+nRmQD07jOTc8EJzU" x-served-by cache-fra19180-FRA date Wed, 30 Dec 2020 09:25:04 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	en.html Show response cdn.jsdelivr.net/npm/cookie-bar/lang/	4 KB 2 KB	24ms 11ms	XHR text/plain	2a04:4e42:3::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/cookie-bar/lang/en.html Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?tracking=1&thirdparty=1&always=1&showNoConsent=1&noConfirm=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1dd4a74c078c80eb9f1158831965dcb60f16197e8666d6d57a46f37c2479d516 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 25078 x-cache HIT cross-origin-resource-policy cross-origin content-length 1208 etag W/"ebc-Hnu+A0nmPRqVBgttQIAudE7zqAI" x-served-by cache-fra19165-FRA date Wed, 30 Dec 2020 09:25:04 GMT vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 713 B	69ms 35ms	XHR application/json	185.33.220.241 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 30 Dec 2020 09:25:04 GMT X-Proxy-Origin 185.212.171.67; 185.212.171.67; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.136:80 AN-X-Request-Uuid 7b813e78-da7a-4e2a-bda2-20c32ed144e7 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://load.mrviral.co Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	arj Show response projectagora-d.openx.net/w/1.0/	172 B 559 B	71ms 31ms	XHR application/json	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fload.mrviral.co%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=73991bb8-e632-4c87-aa11-9524df03ca29&nocache=1609320304333&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x250&divIds=20428196_mrviral.co_ros_300x250&auid=542527265 Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 , United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.199.0 / Resource Hash 3a1b6ad6a1340950770937906fde34b73bbb229e1f2f0fe986f7ffb9c93a3993 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip server OXGW/16.199.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://load.mrviral.co cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 163 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	284 B 1 KB	92ms 27ms	XHR application/json	213.19.162.61 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=294828&zone_id=1873158&size_id=15&rp_schain=1.0,0!projectagora.com,101038,1,,,&rf=https%3A%2F%2Fload.mrviral.co%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html&tk_flint=pbjs_lite_v4.10.0&x_source.tid=73991bb8-e632-4c87-aa11-9524df03ca29&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.813410789962191 Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash eb3d1042303249d817f49d0ad56bc6bcf86f625d92d2fe68d69c309872ad5ffe Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 30 Dec 2020 09:25:04 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://load.mrviral.co Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 284 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	284 B 1 KB	89ms 24ms	XHR application/json	213.19.162.61 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=294828&zone_id=1873158&size_id=15&rp_schain=1.0,0!projectagora.com,101038,1,,,&rf=https%3A%2F%2Fload.mrviral.co%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html&tk_flint=pbjs_lite_v4.10.0&x_source.tid=77ec88ce-4b26-4ab3-85f8-466b7dba5378&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5050394412212109 Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash b7da311de406fbc730142d04c93816ddc2550b0f12d934b7127565e00c33d5d4 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 30 Dec 2020 09:25:04 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://load.mrviral.co Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 284 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	arj Show response projectagora-d.openx.net/w/1.0/	172 B 355 B	67ms 32ms	XHR application/json	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fload.mrviral.co%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=77ec88ce-4b26-4ab3-85f8-466b7dba5378&nocache=1609320304338&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x250&divIds=20428196_mrviral.co_ros_300x250&auid=542527265 Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 , United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.199.0 / Resource Hash 753933315e655c24a794a9207cd1e735a3840bc7e288a5fe6ba3e36a5aec4cef Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip server OXGW/16.199.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://load.mrviral.co cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 163 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 713 B	50ms 20ms	XHR application/json	185.33.220.241 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 30 Dec 2020 09:25:04 GMT X-Proxy-Origin 185.212.171.67; 185.212.171.67; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.139:80 AN-X-Request-Uuid 082f8daf-7c41-466c-8bdc-342dd49067f6 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://load.mrviral.co Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pa_backupads_lib.js Show response projectagoralibs.com/libs/ Frame 24E7	4 KB 1 KB	36ms 12ms	Script application/javascript	2606:4700:e2::ac40:8f06 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://projectagoralibs.com/libs/pa_backupads_lib.js Requested by Host: ads.projectagoraservices.com URL: https://ads.projectagoraservices.com/?id=12481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8f06 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4582 x-amz-request-id A34795DBEB95C6FF x-amz-id-2 gdp5Re7KzV6o5+wbfMLO3l5Uke2oAHJtmNUwWlOvLMw6glg0b0eqqq180erR/EhF3R74bKFho0Y= last-modified Tue, 27 Oct 2020 14:01:47 GMT server cloudflare etag W/"388809d00c3186d72408292dde1dfc83" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L%2FUljlNML3vz0CgiNl8xK5FhxgKA%2FSC6U7HzhxFH6eMXScCx3%2BTZZPCUVYtpn9R0CI0ABX1oAhK5sjGJjuxeUIK%2B9g8WIT0%2FSnZ8fKUPgdQzSEu1RcYsmbjdxa0u%2FtaO%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-request-id 075490274f00004a8512317000000001 cf-ray 609ab61eea5c4a85-FRA
GET H2	200	show_ads.js Show response pagead2.googlesyndication.com/pagead/ Frame 24E7	92 KB 33 KB	44ms 21ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_ads.js Requested by Host: ads.projectagoraservices.com URL: https://ads.projectagoraservices.com/?id=12481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b06666a84e0d8fb440cd6dcfb4e9431e14f15ad1c20bc172fcafc23d9b081e76 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 33111 x-xss-protection 0 server cafe etag 3338715496686780052 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Wed, 30 Dec 2020 09:25:04 GMT
GET H/1.1	204 No Content	/ projectagora-483829-hdb.adomik.com/	0 103 B	151ms 34ms	Image text/plain	34.255.253.25 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNDQxNjYyMzAtNDgyZi00YTY5LTkzNzEtNTg2YWIxZTA3Y2U0IiwiaG9zdG5hbWUiOiJsb2FkLm1ydmlyYWwuY28iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJSVUJJQ09OIn0seyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX1dfQ%3D%3D&id=44166230-482f-4a69-9371-586ab1e07ce4&part=0&on=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.255.253.25 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-255-253-25.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection keep-alive Date Wed, 30 Dec 2020 09:25:04 GMT Server nginx
GET H2	200	pa_backupads_lib.js Show response projectagoralibs.com/libs/ Frame 4BA1	4 KB 2 KB	31ms 12ms	Script application/javascript	2606:4700:e2::ac40:8f06 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://projectagoralibs.com/libs/pa_backupads_lib.js Requested by Host: ads.projectagoraservices.com URL: https://ads.projectagoraservices.com/?id=12481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8f06 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4582 x-amz-request-id A34795DBEB95C6FF x-amz-id-2 gdp5Re7KzV6o5+wbfMLO3l5Uke2oAHJtmNUwWlOvLMw6glg0b0eqqq180erR/EhF3R74bKFho0Y= last-modified Tue, 27 Oct 2020 14:01:47 GMT server cloudflare etag W/"388809d00c3186d72408292dde1dfc83" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fa2Ao7Kb0r7RPhnVlUDDZRwDnWXo%2F6XmSJBhwMxQx6A3YAaVRQm%2FXQFmte69D4kJRbJ5A%2FKUpxNZjA%2BBR3qvje2%2FljoEy0TKNcTSScQluLeQWQKgxEz9Ek7NLT1XHQA0sA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-request-id 075490274f00004a85bdbaf000000001 cf-ray 609ab61eea614a85-FRA
GET H2	200	show_ads.js Show response pagead2.googlesyndication.com/pagead/ Frame 4BA1	92 KB 32 KB	45ms 26ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_ads.js Requested by Host: ads.projectagoraservices.com URL: https://ads.projectagoraservices.com/?id=12481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b06666a84e0d8fb440cd6dcfb4e9431e14f15ad1c20bc172fcafc23d9b081e76 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 33111 x-xss-protection 0 server cafe etag 3338715496686780052 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Wed, 30 Dec 2020 09:25:04 GMT
GET H3-Q050	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame 24E7	234 KB 87 KB	59ms 44ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 89527 x-xss-protection 0 server cafe etag 1810063338415286733 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Wed, 30 Dec 2020 09:25:04 GMT
GET H2	200	zrt_lookup.html googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame CB3B	0 0	6ms 5ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20201203/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Tue, 29 Dec 2020 10:01:15 GMT expires Tue, 12 Jan 2021 10:01:15 GMT content-type text/html; charset=UTF-8 etag 10723747146953794269 x-content-type-options nosniff content-encoding gzip server cafe content-length 4923 x-xss-protection 0 age 84229 cache-control public, max-age=1209600 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame 4BA1	234 KB 88 KB	37ms 36ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 89527 x-xss-protection 0 server cafe etag 1810063338415286733 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Wed, 30 Dec 2020 09:25:04 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/ Frame 4BA1	200 B 259 B	84ms 31ms	Script text/javascript	172.217.21.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=load.mrviral.co&callback=_gfp_s_&client=ca-pub-2500372977609723 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.21.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s13-in-f226.1e100.net Software cafe / Resource Hash 963363c1bf53d80a0cc6cdd3065fc2d200d91965230a56461c4e2b7615314838 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 191 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/ Frame 4BA1	107 B 799 B	37ms 15ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=load.mrviral.co&meb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 4BA1	107 B 799 B	36ms 15ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=load.mrviral.co&meb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	adtag_blank.html projectagoralibs.com/libs/ Frame 4F94 Redirect Chain https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2500372977609723&output=html&h=250&slotname=PA_GR_OptimaNetwork%2Fmrviral.co%2F20428196_mrviral.co_ros_300x250&adk=... https://projectagoralibs.com/libs/adtag_blank.html	0 0	23ms 22ms	Document text/html	2606:4700:e2::ac40:8f06 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://projectagoralibs.com/libs/adtag_blank.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8f06 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority projectagoralibs.com :scheme https :path /libs/adtag_blank.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-type text/html set-cookie __cfduid=d2f27267818892c974e441b72549a05b21609320304; expires=Fri, 29-Jan-21 09:25:04 GMT; path=/; domain=.projectagoralibs.com; HttpOnly; SameSite=Lax; Secure x-amz-id-2 PzKeOpT69WPpQZO/ebXUC8ck7nAfSx+8EJCTHipoP98REqdTgYLGdAxyVSYfY1ImfZo53+7c+xg= x-amz-request-id 4C4F8D4E26FDE1CE last-modified Thu, 18 Jun 2020 07:01:49 GMT cf-cache-status DYNAMIC cf-request-id 07549028f500004a85e7b77000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g0zZn5DLa4voEsdUKsiUSqfndlTAoqEb%2B4s1zf%2FaR4bxEXAQX5f4Re5r8IKkOQBOlAvFlnyWS%2BRat9GyBDHwgmqMR9oYwBU29Q71krPEhvTwYzReRpR986RAU8q%2BZJJZUA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 609ab621894a4a85-FRA content-encoding gzip Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin location https://projectagoralibs.com/libs/adtag_blank.html content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Wed, 30 Dec 2020 09:25:04 GMT server cafe content-length 46 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Wed, 30-Dec-2020 09:40:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 4BA1	74 KB 28 KB	15ms 13ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1607690616793149" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28334 x-xss-protection 0 expires Wed, 30 Dec 2020 09:25:04 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/ Frame 24E7	200 B 638 B	64ms 30ms	Script text/javascript	172.217.21.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=load.mrviral.co&callback=_gfp_s_&client=ca-pub-2500372977609723 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.21.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s13-in-f226.1e100.net Software cafe / Resource Hash bfc6feea42e95dc56c2b196ffee527c0e5e5bcb4d5cc986b6781330c38153dd0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 189 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/ Frame 24E7	109 B 172 B	18ms 16ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=load.mrviral.co Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 24E7	109 B 172 B	19ms 17ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=load.mrviral.co Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	adtag_blank.html projectagoralibs.com/libs/ Frame FF13 Redirect Chain https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2500372977609723&output=html&h=250&slotname=PA_GR_OptimaNetwork%2Fmrviral.co%2F20428196_mrviral.co_ros_300x250&adk=... https://projectagoralibs.com/libs/adtag_blank.html	0 0	37ms 37ms	Document text/html	2606:4700:e2::ac40:8f06 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://projectagoralibs.com/libs/adtag_blank.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8f06 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority projectagoralibs.com :scheme https :path /libs/adtag_blank.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-type text/html set-cookie __cfduid=d2f27267818892c974e441b72549a05b21609320304; expires=Fri, 29-Jan-21 09:25:04 GMT; path=/; domain=.projectagoralibs.com; HttpOnly; SameSite=Lax; Secure x-amz-id-2 GCbgVm0cigas00yt6JJ9eDwD6kmTfWNLKR+5XWV2vjrsZdyIVUA+YyeTYWKBgXszCFcZg0Tg7l0= x-amz-request-id 756F7D71966AEB45 last-modified Thu, 18 Jun 2020 07:01:49 GMT cf-cache-status DYNAMIC cf-request-id 075490292900004a85062a8000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dmwwK2RRhjxbMvSrOjatTdSB4nTA%2Fc6AhRwfHfCty51DS%2B1ZkXB9kK8nx06t8%2BUDcRIk83r8Z4Jk0IHKJPHxzrDshYYoeWajoDTo7iDvhGGp0FIn%2B3pes5oUBXXDVgEqsg%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 609ab621da244a85-FRA content-encoding gzip Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin location https://projectagoralibs.com/libs/adtag_blank.html content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Wed, 30 Dec 2020 09:25:04 GMT server cafe content-length 46 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Wed, 30-Dec-2020 09:40:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 24E7	74 KB 28 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:04 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1607690616793149" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28334 x-xss-protection 0 expires Wed, 30 Dec 2020 09:25:04 GMT
GET H2	200	loader.js Show response cdn.taboola.com/libtrc/mrviral300x250gr-r20428196/ Frame 4BA1	69 KB 19 KB	68ms 22ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/mrviral300x250gr-r20428196/loader.js Requested by Host: officecdn.microsofct.com URL: https://officecdn.microsofct.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ef47fc3255dfd6ac05a9984e590239dae731a6b62225ef740c89aa9894122621 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id QPdnFNM2mzMVfEbwiGhTd2WTILC3DKIu content-encoding gzip etag "efe68b6e97b0da0654c0e7789f3c2926" age 25 x-cache HIT content-length 19126 x-amz-id-2 fQQrBKSV8SQNSWCOgC9C1y71jZK8ihDqwaL1tLqoSFhjn9KbABJNRk/7V1qyqLotONoEh720QK4= x-served-by cache-fra19136-FRA last-modified Tue, 29 Dec 2020 14:10:55 GMT server AmazonS3 x-timer S1609320305.977146,VS0,VE1 date Wed, 30 Dec 2020 09:25:04 GMT vary Accept-Encoding x-amz-request-id FRCQAX1SET5P0X9M via 1.1 varnish cache-control private,max-age=14401 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 52 x-cache-hits 1
GET H2	200	loader.js Show response cdn.taboola.com/libtrc/mrviral300x250gr-r20428196/ Frame 24E7	69 KB 19 KB	22ms 22ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/mrviral300x250gr-r20428196/loader.js Requested by Host: officecdn.microsofct.com URL: https://officecdn.microsofct.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ef47fc3255dfd6ac05a9984e590239dae731a6b62225ef740c89aa9894122621 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id QPdnFNM2mzMVfEbwiGhTd2WTILC3DKIu content-encoding gzip etag "efe68b6e97b0da0654c0e7789f3c2926" age 25 x-cache HIT content-length 19126 x-amz-id-2 fQQrBKSV8SQNSWCOgC9C1y71jZK8ihDqwaL1tLqoSFhjn9KbABJNRk/7V1qyqLotONoEh720QK4= x-served-by cache-fra19136-FRA last-modified Tue, 29 Dec 2020 14:10:55 GMT server AmazonS3 x-timer S1609320305.997159,VS0,VE0 date Wed, 30 Dec 2020 09:25:04 GMT vary Accept-Encoding x-amz-request-id FRCQAX1SET5P0X9M via 1.1 varnish cache-control private,max-age=14401 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 52 x-cache-hits 2
GET H2	200	impl.20201229-13-RELEASE.js Show response cdn.taboola.com/libtrc/ Frame 4BA1	450 KB 104 KB	22ms 22ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20201229-13-RELEASE.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/mrviral300x250gr-r20428196/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3-br / Resource Hash 36e8c21ca3fd2744c216dbcc492ce5b418d0bda5c3a6027108205c05be1732aa Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id M_r6Q_mUB8rtHR7uybIOFjVKcHh2Mn5h content-encoding br etag "4da478e9b3219c99260a47cbedc87cfb" age 15616 x-cache HIT content-length 105966 x-amz-id-2 M7xFgwuiZheVyjeRpxctkcse9KiZlsIPpC3vFDLxtPhvgcDbJ1aVZezEojzwlZFDMzvYyrldC9I= x-served-by cache-fra19136-FRA last-modified Tue, 29 Dec 2020 13:02:48 GMT server AmazonS3-br x-timer S1609320305.018419,VS0,VE0 date Wed, 30 Dec 2020 09:25:05 GMT vary Accept-Encoding x-amz-request-id 20AC8388A72A80B5 via 1.1 varnish cache-control private,max-age=31536000 accept-ranges bytes content-type application/javascript abp 97 x-cache-hits 75412
GET H2	200	impl.20201229-13-RELEASE.js Show response cdn.taboola.com/libtrc/ Frame 24E7	450 KB 104 KB	36ms 36ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20201229-13-RELEASE.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/mrviral300x250gr-r20428196/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3-br / Resource Hash 36e8c21ca3fd2744c216dbcc492ce5b418d0bda5c3a6027108205c05be1732aa Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id M_r6Q_mUB8rtHR7uybIOFjVKcHh2Mn5h content-encoding br etag "4da478e9b3219c99260a47cbedc87cfb" age 15616 x-cache HIT content-length 105966 x-amz-id-2 M7xFgwuiZheVyjeRpxctkcse9KiZlsIPpC3vFDLxtPhvgcDbJ1aVZezEojzwlZFDMzvYyrldC9I= x-served-by cache-fra19136-FRA last-modified Tue, 29 Dec 2020 13:02:48 GMT server AmazonS3-br x-timer S1609320305.029560,VS0,VE0 date Wed, 30 Dec 2020 09:25:05 GMT vary Accept-Encoding x-amz-request-id 20AC8388A72A80B5 via 1.1 varnish cache-control private,max-age=31536000 accept-ranges bytes content-type application/javascript abp 97 x-cache-hits 75413
GET H2	200	json Show response trc.taboola.com/mrviral300x250gr-r20428196/trc/3/ Frame 4BA1	5 KB 3 KB	167ms 120ms	XHR application/javascript	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/mrviral300x250gr-r20428196/trc/3/json?tim=10%3A25%3A05.078&lti=deflated&data=%7B%22id%22%3A36%2C%22ii%22%3A%22%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1609251050399%2C%22vi%22%3A1609320305076%2C%22cv%22%3A%2220201229-13-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fload.mrviral.co%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Ftrk9.nundori.xyz%2Fl%2F26997435f4616f161c90%3Fsub%3D1609320303106189-ZVQQbg-9135-12684%26source%3De3B1YmlkfQ%253D%253D_7497_9135%26url%3Dhttps%253A%252F%252Ftiktok-labs.com%252Fgw.php%253Fcampaign_id%253D15_b_384142_b_122223_b_DE%26vId%3Dbmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e%26hash%3D26997435f4616f161c90%26ete%3Dtrue%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2220428196%22%2C%22orig_uip%22%3A%2220428196%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html%2C20428196%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20201229-13-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash b589ef54fd3fdd6a3476061da5935c98d5d71a70264129f0d3159c3bee8f750c Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers x-vcl-time-ms 98 date Wed, 30 Dec 2020 09:25:05 GMT content-encoding gzip server nginx x-timer S1609320305.139633,VS0,VE98 x-served-by cache-hhn11563-HHN vary Accept-Encoding x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://load.mrviral.co access-control-allow-credentials true accept-ranges bytes content-type application/javascript; charset=utf-8 via 1.1 varnish x-cache-hits 0
GET H2	200	json Show response trc.taboola.com/mrviral300x250gr-r20428196/trc/3/ Frame 24E7	5 KB 3 KB	214ms 199ms	XHR application/javascript	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/mrviral300x250gr-r20428196/trc/3/json?tim=10%3A25%3A05.112&lti=deflated&data=%7B%22id%22%3A121%2C%22ii%22%3A%22%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1609251050399%2C%22vi%22%3A1609320305076%2C%22cv%22%3A%2220201229-13-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fload.mrviral.co%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Ftrk9.nundori.xyz%2Fl%2F26997435f4616f161c90%3Fsub%3D1609320303106189-ZVQQbg-9135-12684%26source%3De3B1YmlkfQ%253D%253D_7497_9135%26url%3Dhttps%253A%252F%252Ftiktok-labs.com%252Fgw.php%253Fcampaign_id%253D15_b_384142_b_122223_b_DE%26vId%3Dbmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e%26hash%3D26997435f4616f161c90%26ete%3Dtrue%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2220428196%22%2C%22orig_uip%22%3A%2220428196%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html%2C20428196%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20201229-13-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 47410b30ba65a610c95bae1fdbf72e0896ded6c92d3d2197c35bc3b0103e6f94 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers x-vcl-time-ms 177 date Wed, 30 Dec 2020 09:25:05 GMT content-encoding gzip server nginx x-timer S1609320305.139617,VS0,VE177 x-served-by cache-hhn11563-HHN vary Accept-Encoding x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://load.mrviral.co access-control-allow-credentials true accept-ranges bytes content-type application/javascript; charset=utf-8 via 1.1 varnish x-cache-hits 0
GET H2	200	userx.20201229-13-RELEASE.es6.js Show response cdn.taboola.com/libtrc/ Frame 4BA1	23 KB 8 KB	22ms 22ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/userx.20201229-13-RELEASE.es6.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/mrviral300x250gr-r20428196/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 104c4504b7ba97f70a2670bb561e4de6b70143e2fc6b84dd71e1fb9e6f0b0f70 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id N8DtXtIYaQmPclI4pah6y9nYk07RaYWc content-encoding gzip etag "13200606e31e91a6d40423f2b15dccf7" age 47 x-cache HIT x-amz-replication-status COMPLETED content-length 7879 x-amz-id-2 zFZ+0vdNuQ1PbHLwBv3jH7h0uwv2At1hnc0dGVHq1uJQLHUJkMcU/rT17qFo0tBQ0VWV5avQjTg= x-served-by cache-fra19136-FRA last-modified Tue, 29 Dec 2020 13:06:35 GMT server AmazonS3 x-timer S1609320305.285272,VS0,VE0 date Wed, 30 Dec 2020 09:25:05 GMT vary Accept-Encoding x-amz-request-id B156C74040C5B3E7 via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 31 x-cache-hits 69
GET H2	200	rtb-h match.taboola.com/sg/mediaforcebidder-network/1/ Frame F84B Redirect Chain https://rtb.mfadsrvr.com/sync?ssp=taboola https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b&tbid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&query=taboola_hm%3Da26bf6dd-7e4f-...	0 68 B	33ms 31ms	Image text/plain	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b&tbid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&query=taboola_hm%3Da26bf6dd-7e4f-4e1f-9057-7abc7a74351b&isDirect=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:05 GMT via 1.1 varnish server nginx x-timer S1609320305.435486,VS0,VE10 x-cache MISS x-cache-hits 0 accept-ranges bytes content-length 0 x-served-by cache-fra19136-FRA Redirect headers location https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b&tbid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&query=taboola_hm%3Da26bf6dd-7e4f-4e1f-9057-7abc7a74351b&isDirect=0 tbl-x-upstream 10.40.0.134:10213 date Wed, 30 Dec 2020 09:25:05 GMT server nginx x-fastly-to-nlb-rtt 1916
GET H/1.1	204 No Content	sync.php pixel.rubiconproject.com/exchange/ Frame F84B	0 239 B	114ms 31ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=16698 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost a66cbf3142c6ef39e3614b84a34262cf Content-Type image/gif
GET H2	204	/ sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame F84B Redirect Chain https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=mnYdJD1dQu1F&ev=1&orig=trc&pid=562107	0 217 B	16ms 16ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=mnYdJD1dQu1F&ev=1&orig=trc&pid=562107 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers tbl-x-upstream 10.41.34.64:10213 date Wed, 30 Dec 2020 09:25:05 GMT server nginx x-fastly-to-nlb-rtt 8775 Redirect headers strict-transport-security max-age=15768000 server Jetty(9.4.14.v20181114) p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" content-language en-US location https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=mnYdJD1dQu1F&ev=1&orig=trc&pid=562107 cache-control private, max-age=0, no-cache, no-store cw-server bh-deployment-659d447f4f-p7jlj expires -1
GET H/1.1	200 OK	getuidnb ib.adnxs.com/ Frame F84B	43 B 693 B	22ms 19ms	Image image/gif	185.33.220.241 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 30 Dec 2020 09:25:05 GMT X-Proxy-Origin 185.212.171.67; 185.212.171.67; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.132:80 AN-X-Request-Uuid 154a24fd-c6c3-416b-93bb-59cfac9173b6 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ trc.taboola.com/sg/google-network/1/rtb-h/ Frame F84B Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBarg1MvvdKUPqLCyQuTnQI&google_cver=1	0 55 B	32ms 30ms	Image text/plain	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBarg1MvvdKUPqLCyQuTnQI&google_cver=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-vcl-time-ms 9 date Wed, 30 Dec 2020 09:25:05 GMT via 1.1 varnish server nginx x-timer S1609320305.382918,VS0,VE9 x-cache MISS x-cache-hits 0 accept-ranges bytes content-length 0 x-served-by cache-hhn11563-HHN Redirect headers pragma no-cache date Wed, 30 Dec 2020 09:25:05 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEBarg1MvvdKUPqLCyQuTnQI&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 304 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	Pug simage2.pubmatic.com/AdServer/ Frame F84B	42 B 1009 B	94ms 22ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1:$UID Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Cnection close Pragma no-cache Date Wed, 30 Dec 2020 09:25:05 GMT X-lat Pug23004:0:264 Server Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Cache-Control no-store, no-cache, private Content-Type image/gif; charset=utf-8 Content-Length 42
GET H2	200	pixel cm.g.doubleclick.net/ Frame F84B Redirect Chain https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1	170 B 243 B	31ms 31ms	Image image/png	216.58.207.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s25-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1 tbl-x-upstream 10.41.22.84:10213 date Wed, 30 Dec 2020 09:25:05 GMT server nginx x-fastly-to-nlb-rtt 1871
GET H2	200	/ trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame F84B Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=6f8b3c53-1c27-44d0-91f1-639be757c99a	0 54 B	31ms 30ms	Image text/plain	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=6f8b3c53-1c27-44d0-91f1-639be757c99a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-vcl-time-ms 9 date Wed, 30 Dec 2020 09:25:05 GMT via 1.1 varnish server nginx x-timer S1609320305.439560,VS0,VE9 x-cache MISS x-cache-hits 0 accept-ranges bytes content-length 0 x-served-by cache-hhn11563-HHN Redirect headers pragma no-cache date Wed, 30 Dec 2020 09:25:05 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=6f8b3c53-1c27-44d0-91f1-639be757c99a cache-control private,no-cache, must-revalidate content-type text/html content-length 239
GET H/1.1	204 No Content	merge ce.lijit.com/ Frame F84B Redirect Chain https://ce.lijit.com/merge?pid=42&3pid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&us_privacy=&gdpr=0&gdpr_consent= https://ce.lijit.com/merge?pid=42&3pid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&us_privacy=&gdpr=0&gdpr_consent=&dnr=1	0 433 B	17ms 16ms	Image text/plain	72.251.249.13 VOXEL-DOT-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=42&3pid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&us_privacy=&gdpr=0&gdpr_consent=&dnr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US), Reverse DNS Software nginx / raptor Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 30 Dec 2020 09:25:05 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap2ams1 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 30 Dec 2020 09:25:05 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Location https://ce.lijit.com/merge?pid=42&3pid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&us_privacy=&gdpr=0&gdpr_consent=&dnr=1 Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap2ams1 Content-Length 0 Expires Fri, 20 Mar 2009 00:00:00 GMT
GET H2	200	rtset bh.contextweb.com/bh/ Frame F84B	49 B 406 B	275ms 88ms	Image image/gif	198.148.27.139 PULSEPOINT
General Check archive.org Show headers Download Go to Show image Full URL https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US), Reverse DNS Software Jetty(9.4.14.v20181114) / Resource Hash d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=15768000 server Jetty(9.4.14.v20181114) content-language en-US p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" cache-control private, max-age=0, no-cache, no-store content-type image/gif;charset=iso-8859-1 cw-server bh-deployment-659d447f4f-q6s5v expires -1
GET H2	200	rtb-h sync.taboola.com/sg/storygize-network/1/ Frame F84B Redirect Chain https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1 https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301	0 226 B	16ms 16ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers tbl-x-upstream 10.40.0.134:10213 date Wed, 30 Dec 2020 09:25:06 GMT server nginx x-fastly-to-nlb-rtt 7360 Redirect headers Location https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301 Pragma no-cache cache-control no-cache, no-store, must-revalidate Connection keep-alive P3P CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL Content-Length 0 expires 0
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame F84B	43 B 697 B	77ms 26ms	Image image/gif	185.86.137.110 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:05 GMT cache-control no-cache,no-store content-type image/gif transfer-encoding chunked p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET H/1.1	200 OK	sync dsp.adkernel.com/ Frame F84B	42 B 233 B	279ms 92ms	Image image/gif	174.137.133.49 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Show image Full URL https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 30 Dec 2020 09:25:05 GMT Server nginx Age 0 Content-Type image/gif Cache-Control no-store Connection keep-alive Content-Length 42
GET H2	200	put e1.emxdgt.com/ Frame F84B	43 B 124 B	121ms 30ms	Image image/gif	18.195.155.181 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://e1.emxdgt.com/put?d=d41&uid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-155-181.eu-central-1.compute.amazonaws.com Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:05 GMT content-length 43 x-nosync emp content-type image/gif
GET H2	200	/ sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame F84B Redirect Chain https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=ce8e14a6-fe32-4e42-9a61-ecd68ef588d4	0 227 B	24ms 15ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=ce8e14a6-fe32-4e42-9a61-ecd68ef588d4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers tbl-x-upstream 10.41.34.201:10213 date Wed, 30 Dec 2020 09:25:05 GMT server nginx x-fastly-to-nlb-rtt 3551 Redirect headers pragma no-cache x-errorlevel 0 date Wed, 30 Dec 2020 09:25:04 GMT p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" location https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=ce8e14a6-fe32-4e42-9a61-ecd68ef588d4 cache-control no-cache server-processing-duration-in-ticks 1998 content-type text/html; charset=utf-8 content-length 222 expires Wed, 30 Dec 2020 00:00:00 GMT
GET		7.gif id5-sync.com/c/464/146/1/ Frame F84B Redirect Chain https://id5-sync.com/s/464/9.gif?puid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D... https://id5-sync.com/c/464/464/7/1.gif?puid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&gdpr=1&gdpr_consent= https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOUoH7BLRYgX9R7Jodgeh2411NWWiy6S2ChBcdEQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D... https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOUoH7BLRYgX9R7Jodgeh2411NWWiy6S2ChBcdEQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp... https://id5-sync.com/cq/464/124/6/2.gif?puid=79818121-23ba-4fee-97c1-a1634c4b68fc&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= https://id5-sync.com/c/464/19/5/3.gif?puid=24e096171ea768cbe2c0565ee776b15b&gdpr=1&gdpr_consent= https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/464/101/4/4.gif?puid=2f41b7de-2d09-41bc-9743-db35e06a09d7&gdpr=1&gdpr_consent= https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con... https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd... https://id5-sync.com/c/464/108/3/5.gif?puid=e7332499-4a80-11eb-8a81-ba8f63c18f37&gdpr=1&gdpr_consent= https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/464/112/2/6.gif?puid=7B19D3F24201C154&gdpr=1&gdpr_consent= https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/464/146/1/7.gif?puid=d403cea4-8aae-4016-ad6d-4dc542edcf09&gdpr=1&gdpr_consent=	0 0
GET H2	204	rtb-h sync.taboola.com/sg/appierrtb-network/1/ Frame F84B Redirect Chain https://s.c.appier.net/taboola https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=nwzW5VQcBla7PmMNcUfsXw	0 219 B	16ms 15ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=nwzW5VQcBla7PmMNcUfsXw Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers tbl-x-upstream 10.41.34.222:10213 date Wed, 30 Dec 2020 09:25:06 GMT server nginx x-fastly-to-nlb-rtt 10069 Redirect headers location https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=nwzW5VQcBla7PmMNcUfsXw date Wed, 30 Dec 2020 09:25:05 GMT cache-control no-store server nginx content-type text/html; charset=utf-8 content-length 110 p3p CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
GET H/1.1	200 OK	cookiesync bttrack.com/pixel/ Frame F84B	35 B 380 B	403ms 101ms	Image image/gif	192.132.33.46 BIDTELLECT
General Check archive.org Show headers Download Go to Show image Full URL https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US), Reverse DNS 46.bidtellect.com Software Microsoft-IIS/8.5 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-ServerName Track002-dc3 Pragma no-cache Date Wed, 30 Dec 2020 09:24:21 GMT X-AspNetMvc-Version 5.2 Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 P3P CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC" Cache-Control private,no-cache Content-Type image/gif Content-Length 35 Expires -1
GET H/1.1	204 No Content	/ cds.taboola.com/ Frame F84B	0 155 B	268ms 88ms	Image text/plain	141.226.224.32 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cds.taboola.com/?uid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&_r=6351350 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 30 Dec 2020 09:25:05 GMT Cache-Control no-store Server nginx Connection close
GET H2	200	rtb-h sync-t1.taboola.com/sg/bidswitch-network/1/ Frame F84B Redirect Chain https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola https://x.bidswitch.net/sync?dsp_id=188&user_id=IbWDLNq7Rsdg2EMd0Ug6J7nUq0M&user_group=1&ssp=taboola https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=996116dc-5a99-4717-abb8-b1e62393392a	0 226 B	16ms 16ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=996116dc-5a99-4717-abb8-b1e62393392a Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers tbl-x-upstream 10.41.22.84:10213 date Wed, 30 Dec 2020 09:25:06 GMT server nginx x-fastly-to-nlb-rtt 8143 Redirect headers location //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=996116dc-5a99-4717-abb8-b1e62393392a date Wed, 30 Dec 2020 09:25:06 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	33055d9ec07f8373445976ea0aeea9b5.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4BA1	11 KB 12 KB	25ms 23ms	Image image/jpeg	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/33055d9ec07f8373445976ea0aeea9b5.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cloudinary / Resource Hash 68e1992041dbb926e2ae311cc0a8e64d108dc2a128dc0429b84be784f01b7e4a Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-vcl-time-ms 1 date Wed, 30 Dec 2020 09:25:05 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish age 3486280 edge-cache-tag 369291807495640604778561702959407628839,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70 expiration expiry-date="Sun, 20 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days" x-cache MISS, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/33055d9ec07f8373445976ea0aeea9b5.jpg content-length 11591 x-served-by cache-dca17756-DCA, cache-dca17752-DCA, cache-hhn11563-HHN last-modified Thu, 19 Nov 2020 11:34:13 GMT server cloudinary x-timer S1609320306.527233,VS0,VE1 etag "00c9119dffcd4185eca2b4df560c8a13" content-type image/jpeg access-control-allow-origin * cache-control public, max-age=7776000 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 1, 1
GET H2	200	/ Show response ads.projectagoraservices.com/	27 KB 7 KB	8ms 7ms	Script application/javascript	2a02:26f0:64::210:6b1a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.projectagoraservices.com/?id=12481 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:64::210:6b1a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash a3adfd72686d10bf175e0bed4216c1dcd177bfe4d93a22594ee6a5e33339102a Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:05 GMT content-encoding gzip vary Accept-Encoding content-type application/javascript cache-control private, no-cache, no-store, must-revalidate content-length 7006 expires Wed, 30 Dec 2020 09:25:05 GMT
GET H2	200	f539211219b796ffbb49949997c764f0.png cdn.taboola.com/libtrc/static/thumbnails/ Frame 4BA1	254 B 649 B	22ms 22ms	Image image/png	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC via 1.1 varnish etag "dfa7b52c86e56bd67fa4002f6ed19854" age 19685 x-cache HIT x-amz-replication-status COMPLETED content-length 254 x-amz-id-2 Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4= x-served-by cache-fra19136-FRA last-modified Wed, 24 Jun 2015 07:14:11 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567 x-timer S1609320305.325895,VS0,VE0 date Wed, 30 Dec 2020 09:25:05 GMT x-amz-request-id F6D91014AAA6CDC4 cache-control private,max-age=31536000 accept-ranges bytes content-type image/png abp 31 x-cache-hits 12934
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 712 B	34ms 33ms	XHR application/json	185.33.220.241 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 30 Dec 2020 09:25:05 GMT X-Proxy-Origin 185.212.171.67; 185.212.171.67; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.47:80 AN-X-Request-Uuid de8c3dfa-99f8-45bf-81ea-ef8df1952956 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://load.mrviral.co Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	284 B 763 B	29ms 28ms	XHR application/json	213.19.162.61 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=294828&zone_id=1873158&size_id=15&rp_schain=1.0,0!projectagora.com,101038,1,,,&rf=https%3A%2F%2Fload.mrviral.co%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html&tk_flint=pbjs_lite_v4.10.0&x_source.tid=d37764a1-d50e-4a97-bcd3-7ee438a99597&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4097944845646504 Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash e472ee69e56cecf3da512076a55967ce2e38f0052fc9c728f8b37c9bc80978f7 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 30 Dec 2020 09:25:05 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://load.mrviral.co Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 284 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	arj Show response projectagora-d.openx.net/w/1.0/	173 B 360 B	37ms 36ms	XHR application/json	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fload.mrviral.co%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d37764a1-d50e-4a97-bcd3-7ee438a99597&nocache=1609320305326&schain=1.0%2C0!projectagora.com%2C101038%2C1%2C%2C%2C&aus=300x250&divIds=20428196_mrviral.co_ros_300x250&auid=542527265 Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 , United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.199.0 / Resource Hash 2acaaf569e4fe5cde93da1425836e54fe67fe7be742f108ff9a8dad22833c53c Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:05 GMT content-encoding gzip server OXGW/16.199.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://load.mrviral.co cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 164 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	rtb-h match.taboola.com/sg/mediaforcebidder-network/1/ Frame D411 Redirect Chain https://rtb.mfadsrvr.com/sync?ssp=taboola https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b&tbid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&query=taboola_hm%3Da26bf6dd-7e4f-...	0 52 B	31ms 30ms	Image text/plain	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b&tbid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&query=taboola_hm%3Da26bf6dd-7e4f-4e1f-9057-7abc7a74351b&isDirect=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:05 GMT via 1.1 varnish server nginx x-timer S1609320306.593003,VS0,VE9 x-cache MISS x-cache-hits 0 accept-ranges bytes content-length 0 x-served-by cache-fra19136-FRA Redirect headers location https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b&tbid=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&query=taboola_hm%3Da26bf6dd-7e4f-4e1f-9057-7abc7a74351b&isDirect=0 tbl-x-upstream 10.40.0.134:10213 date Wed, 30 Dec 2020 09:25:05 GMT server nginx x-fastly-to-nlb-rtt 7913
GET H/1.1	204 No Content	sync.php pixel.rubiconproject.com/exchange/ Frame D411	0 239 B	33ms 33ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=16698 Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20201229-13-RELEASE.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost a66cbf3142c6ef39e3614b84a34262cf Content-Type image/gif
GET H2	204	/ sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame D411 Redirect Chain https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=XtJY8eV0v01i&ev=1&orig=trc&pid=562107	0 217 B	17ms 16ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=XtJY8eV0v01i&ev=1&orig=trc&pid=562107 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers tbl-x-upstream 10.40.0.175:10213 date Wed, 30 Dec 2020 09:25:05 GMT server nginx x-fastly-to-nlb-rtt 6499 Redirect headers strict-transport-security max-age=15768000 server Jetty(9.4.14.v20181114) p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" content-language en-US location https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=XtJY8eV0v01i&ev=1&orig=trc&pid=562107 cache-control private, max-age=0, no-cache, no-store cw-server bh-deployment-659d447f4f-q6s5v expires -1
GET H/1.1	200 OK	getuidnb ib.adnxs.com/ Frame D411	43 B 692 B	16ms 16ms	Image image/gif	185.33.220.241 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20201229-13-RELEASE.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 30 Dec 2020 09:25:05 GMT X-Proxy-Origin 185.212.171.67; 185.212.171.67; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80 AN-X-Request-Uuid c3be0b05-1fad-4204-a635-70be422fef7c Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ trc.taboola.com/sg/google-network/1/rtb-h/ Frame D411 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAo6u0jhDXmflbYNUB3Hm_8&google_cver=1	0 54 B	32ms 31ms	Image text/plain	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAo6u0jhDXmflbYNUB3Hm_8&google_cver=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-vcl-time-ms 9 date Wed, 30 Dec 2020 09:25:05 GMT via 1.1 varnish server nginx x-timer S1609320305.383402,VS0,VE9 x-cache MISS x-cache-hits 0 accept-ranges bytes content-length 0 x-served-by cache-hhn11563-HHN Redirect headers pragma no-cache date Wed, 30 Dec 2020 09:25:05 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAo6u0jhDXmflbYNUB3Hm_8&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 304 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame D411 Redirect Chain https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1	170 B 232 B	32ms 32ms	Image image/png	216.58.207.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s25-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:05 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1 tbl-x-upstream 10.41.34.64:10213 date Wed, 30 Dec 2020 09:25:05 GMT server nginx x-fastly-to-nlb-rtt 1863
GET H2	200	/ trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame D411 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=6f8b3c53-1c27-44d0-91f1-639be757c99a	0 245 B	31ms 30ms	Image text/plain	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=6f8b3c53-1c27-44d0-91f1-639be757c99a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-vcl-time-ms 9 date Wed, 30 Dec 2020 09:25:05 GMT via 1.1 varnish server nginx x-timer S1609320306.617598,VS0,VE9 x-cache MISS x-cache-hits 0 accept-ranges bytes content-length 0 x-served-by cache-hhn11563-HHN Redirect headers pragma no-cache date Wed, 30 Dec 2020 09:25:05 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=6f8b3c53-1c27-44d0-91f1-639be757c99a cache-control private,no-cache, must-revalidate content-type text/html content-length 239
GET H/1.1	200 OK	sync dsp.adkernel.com/ Frame D411	42 B 233 B	156ms 91ms	Image image/gif	174.137.133.49 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Show image Full URL https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20201229-13-RELEASE.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 174.137.133.49 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 30 Dec 2020 09:25:05 GMT Server nginx Age 0 Content-Type image/gif Cache-Control no-store Connection keep-alive Content-Length 42
GET H2	200	/ sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D411 Redirect Chain https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=ce8e14a6-fe32-4e42-9a61-ecd68ef588d4	0 227 B	17ms 17ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=ce8e14a6-fe32-4e42-9a61-ecd68ef588d4 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers tbl-x-upstream 10.41.34.222:10213 date Wed, 30 Dec 2020 09:25:05 GMT server nginx x-fastly-to-nlb-rtt 7160 Redirect headers pragma no-cache x-errorlevel 0 date Wed, 30 Dec 2020 09:25:04 GMT p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" location https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=ce8e14a6-fe32-4e42-9a61-ecd68ef588d4 cache-control no-cache server-processing-duration-in-ticks 2740 content-type text/html; charset=utf-8 content-length 222 expires Wed, 30 Dec 2020 00:00:00 GMT
GET H2	204	rtb-h sync.taboola.com/sg/appierrtb-network/1/ Frame D411 Redirect Chain https://s.c.appier.net/taboola https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YPxWF5kUAIa--PNkcUfsXw	0 218 B	17ms 16ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YPxWF5kUAIa--PNkcUfsXw Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers tbl-x-upstream 10.40.0.199:10213 date Wed, 30 Dec 2020 09:25:06 GMT server nginx x-fastly-to-nlb-rtt 10069 Redirect headers location https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YPxWF5kUAIa--PNkcUfsXw date Wed, 30 Dec 2020 09:25:05 GMT cache-control no-store server nginx content-type text/html; charset=utf-8 content-length 110 p3p CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
GET H/1.1	200 OK	cookiesync bttrack.com/pixel/ Frame D411	35 B 380 B	349ms 101ms	Image image/gif	192.132.33.46 BIDTELLECT
General Check archive.org Show headers Download Go to Show image Full URL https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20201229-13-RELEASE.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US), Reverse DNS 46.bidtellect.com Software Microsoft-IIS/8.5 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-ServerName Track004-dc3 Pragma no-cache Date Wed, 30 Dec 2020 09:24:21 GMT X-AspNetMvc-Version 5.2 Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 P3P CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC" Cache-Control private,no-cache Content-Type image/gif Content-Length 35 Expires -1
GET H2	200	rtb-h sync-t1.taboola.com/sg/bidswitch-network/1/ Frame D411 Redirect Chain https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=996116dc-5a99-4717-abb8-b1e62393392a https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a26bf6dd-7e4f-4e1f-9057-7abc7a74351b&ssp=taboola https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=996116dc-5a99-4717-abb8-b1e62393392a	0 227 B	16ms 16ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=996116dc-5a99-4717-abb8-b1e62393392a Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers tbl-x-upstream 10.40.0.175:10213 date Wed, 30 Dec 2020 09:25:05 GMT server nginx x-fastly-to-nlb-rtt 11231 Redirect headers location //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=996116dc-5a99-4717-abb8-b1e62393392a date Wed, 30 Dec 2020 09:25:05 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	userx.20201229-13-RELEASE.es6.js Show response cdn.taboola.com/libtrc/ Frame 24E7	23 KB 8 KB	31ms 31ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/userx.20201229-13-RELEASE.es6.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/mrviral300x250gr-r20428196/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 104c4504b7ba97f70a2670bb561e4de6b70143e2fc6b84dd71e1fb9e6f0b0f70 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id N8DtXtIYaQmPclI4pah6y9nYk07RaYWc content-encoding gzip etag "13200606e31e91a6d40423f2b15dccf7" age 47 x-cache HIT x-amz-replication-status COMPLETED content-length 7879 x-amz-id-2 zFZ+0vdNuQ1PbHLwBv3jH7h0uwv2At1hnc0dGVHq1uJQLHUJkMcU/rT17qFo0tBQ0VWV5avQjTg= x-served-by cache-fra19136-FRA last-modified Tue, 29 Dec 2020 13:06:35 GMT server AmazonS3 x-timer S1609320305.353257,VS0,VE0 date Wed, 30 Dec 2020 09:25:05 GMT vary Accept-Encoding x-amz-request-id B156C74040C5B3E7 via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 31 x-cache-hits 70
GET H/1.1	200 OK	Pug simage2.pubmatic.com/AdServer/ Frame D411	42 B 1009 B	23ms 22ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1:$UID Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Cnection close Pragma no-cache Date Wed, 30 Dec 2020 09:25:05 GMT X-lat Pug23005:0:302 Server Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Cache-Control no-store, no-cache, private Content-Type image/gif; charset=utf-8 Content-Length 42
GET H/1.1	200 OK	merge ce.lijit.com/ Frame D411	43 B 687 B	18ms 17ms	Image image/gif	72.251.249.13 VOXEL-DOT-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=42&3pid=c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1&us_privacy=&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US), Reverse DNS Software nginx / raptor Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Wed, 30 Dec 2020 09:25:05 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap2ams1 Content-Type image/gif Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT
GET H2	200	rtset bh.contextweb.com/bh/ Frame D411	49 B 333 B	90ms 90ms	Image image/gif	198.148.27.139 PULSEPOINT
General Check archive.org Show headers Download Go to Show image Full URL https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US), Reverse DNS Software Jetty(9.4.14.v20181114) / Resource Hash d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=15768000 server Jetty(9.4.14.v20181114) content-language en-US p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" cache-control private, max-age=0, no-cache, no-store content-type image/gif;charset=iso-8859-1 cw-server bh-deployment-659d447f4f-q6s5v expires -1
GET H2	200	rtb-h sync.taboola.com/sg/storygize-network/1/ Frame D411 Redirect Chain https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1 https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301	0 226 B	17ms 17ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers tbl-x-upstream 10.40.0.134:10213 date Wed, 30 Dec 2020 09:25:06 GMT server nginx x-fastly-to-nlb-rtt 6682 Redirect headers Location https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301 Pragma no-cache cache-control no-cache, no-store, must-revalidate Connection keep-alive P3P CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL Content-Length 0 expires 0
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame D411	43 B 438 B	25ms 25ms	Image image/gif	185.86.137.110 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:05 GMT cache-control no-cache,no-store content-type image/gif transfer-encoding chunked p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET H2	200	put e1.emxdgt.com/ Frame D411	43 B 75 B	23ms 22ms	Image image/gif	18.195.155.181 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://e1.emxdgt.com/put?d=d41&uid=c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-155-181.eu-central-1.compute.amazonaws.com Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:05 GMT content-length 43 x-nosync emp content-type image/gif
GET		8.gif id5-sync.com/c/464/441/0/ Frame D411 Redirect Chain https://id5-sync.com/s/464/9.gif?puid=c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D... https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/6/2.gif?puid=${profile_id}&gdpr=1&gdpr_consent= https://id5-sync.com/c/464/19/6/2.gif?puid=24e096171ea768cbe2c0565ee776b15b&gdpr=1&gdpr_consent= https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/464/101/5/3.gif?puid=e5f4dd07-e295-46fb-8a9e-5c41b0a3810c&gdpr=1&gdpr_consent= https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con... https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F4%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd... https://id5-sync.com/c/464/108/4/4.gif?puid=e7332499-4a80-11eb-8a81-ba8f63c18f37&gdpr=1&gdpr_consent= https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F3%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/464/112/3/5.gif?puid=7B19D3F24201C154&gdpr=1&gdpr_consent= https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F2%2F6.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/464/146/2/6.gif?puid=d403cea4-8aae-4016-ad6d-4dc542edcf09&gdpr=1&gdpr_consent= https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F398%2F1%2F7.... https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MjRlMDk2MTcxZWE3NjhjYmUyYzA1NjVlZTc3NmIxNWI&google_redir=https://id5-sync.com/c/464/398/1/7.gif?puid=MjRlMDk2MTcxZWE3NjhjYmUyYzA1N... https://id5-sync.com/c/464/398/1/7.gif?puid=MjRlMDk2MTcxZWE3NjhjYmUyYzA1NjVlZTc3NmIxNWI&gdpr=1&gdpr_consent= https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F0%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= https://id5-sync.com/c/464/441/0/8.gif?puid=e_03da0e45-d618-43d8-92a1-3ae3b95e2da2&gdpr=1&gdpr_consent=	0 0
GET H/1.1	204 No Content	/ cds.taboola.com/ Frame D411	0 155 B	263ms 88ms	Image text/plain	141.226.224.32 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cds.taboola.com/?uid=c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1&_r=6691661 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 30 Dec 2020 09:25:05 GMT Cache-Control no-store Server nginx Connection close
GET H2	204	fix-user-id trc.taboola.com/mrviral300x250gr-r20428196/log/3/ Frame 24E7	0 90 B	31ms 31ms	Image image/gif	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/mrviral300x250gr-r20428196/log/3/fix-user-id?lti=deflated&ri=a68a11d321ed6ac4daaf99edfd3a922b&sd=v2_899703507aff8412c8d9ec22f8c296cc_c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1_1609320305_1609320305_CKaL-BsQ7-BRGLSj3JfrLiABKAEwoQE4l-oLQJWXEEj-0toDUP___________wFYAGAAaOKmqpGyrZficA&ui=c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1&pi=/v2/v2/worst-diet-mistakes-1.html&wi=3409185702036153321&pt=text&vi=1609320305076&time=1609320305336&fromUser=d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1&toUser=c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1&fromSD=v2_f8e18f094cbc3353f30b13ecec882c97_d22f7e94-171a-4951-bb89-ac7955ccdf9a-tuct6e5ccf1_1609320305_1609320305_CKaL-BsQ7-BRGLSj3JfrLiABKAEwoQE4l-oLQJWXEEj-0toDUP___________wFYAGAAaOKmqpGyrZficA&toSD=v2_899703507aff8412c8d9ec22f8c296cc_c838764d-5822-4a44-98db-b40ec81c9bd2-tuct6e5ccf1_1609320305_1609320305_CKaL-BsQ7-BRGLSj3JfrLiABKAEwoQE4l-oLQJWXEEj-0toDUP___________wFYAGAAaOKmqpGyrZficA&tim=10%3A25%3A05.337&id=1649&llvl=1&cv=20201229-13-RELEASE& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-vcl-time-ms 9 pragma no-cache date Wed, 30 Dec 2020 09:25:05 GMT via 1.1 varnish server nginx x-timer S1609320305.354849,VS0,VE9 x-served-by cache-hhn11563-HHN x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin * cache-control no-cache access-control-allow-credentials true accept-ranges bytes content-type image/gif x-cache-hits 0
GET H2	200	c98a8254d637665e0c2e0f343135de11.png images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 24E7	11 KB 12 KB	27ms 26ms	Image image/jpeg	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c98a8254d637665e0c2e0f343135de11.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cloudinary / Resource Hash 7d13ae6b9c70c2ad6db5d180443fb6da82fc6c17958a0e79b3549e774b9caed3 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-vcl-time-ms 5 date Wed, 30 Dec 2020 09:25:05 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish age 2494871 edge-cache-tag 390488622230599119048482131454963415469,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache MISS, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c98a8254d637665e0c2e0f343135de11.png content-length 11682 x-request-id 12c3abe9248a720c7179f7bc443169d4 x-served-by cache-dca17760-DCA, cache-dca17755-DCA, cache-hhn11563-HHN last-modified Mon, 30 Nov 2020 19:58:00 GMT server cloudinary x-timer S1609320306.872131,VS0,VE5 etag "2c848784f4ff4bb935f2d84a0d566b1b" content-type image/jpeg access-control-allow-origin * cache-control public, max-age=7776000 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 1, 4
GET H2	200	pa_backupads_lib.js Show response projectagoralibs.com/libs/ Frame 7273	4 KB 2 KB	11ms 9ms	Script application/javascript	2606:4700:e2::ac40:8f06 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://projectagoralibs.com/libs/pa_backupads_lib.js Requested by Host: ads.projectagoraservices.com URL: https://ads.projectagoraservices.com/?id=12481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8f06 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:05 GMT content-encoding gzip cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4583 x-amz-request-id A34795DBEB95C6FF x-amz-id-2 gdp5Re7KzV6o5+wbfMLO3l5Uke2oAHJtmNUwWlOvLMw6glg0b0eqqq180erR/EhF3R74bKFho0Y= last-modified Tue, 27 Oct 2020 14:01:47 GMT server cloudflare etag W/"388809d00c3186d72408292dde1dfc83" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ype4yxtdMd79XMK2bsUONljz4XyeuvjqILKRBYB1ucf2N6E9iR5z%2Bu8RoZWvHTPuHBuK7ZfhdJCVTGuHx0c6afcJ0rDMHdDdl7xktsEONWJcKdNUik9XaQqV%2FMR7gWZgWg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-request-id 0754902adc00004a855696b000000001 cf-ray 609ab62499af4a85-FRA
GET H3-Q050	200	show_ads.js Show response pagead2.googlesyndication.com/pagead/ Frame 7273	92 KB 32 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_ads.js Requested by Host: ads.projectagoraservices.com URL: https://ads.projectagoraservices.com/?id=12481 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b06666a84e0d8fb440cd6dcfb4e9431e14f15ad1c20bc172fcafc23d9b081e76 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:05 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 33111 x-xss-protection 0 server cafe etag 3338715496686780052 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Wed, 30 Dec 2020 09:25:05 GMT
GET H/1.1	204 No Content	/ projectagora-483829-hdb.adomik.com/	0 103 B	36ms 34ms	Image text/plain	34.255.253.25 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiODY0OGU0YTEtZWNlZS00ZWNjLWI3MDItNmVkZDdmYWIzMjllIiwiaG9zdG5hbWUiOiJsb2FkLm1ydmlyYWwuY28iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IlJVQklDT04ifSx7ImJpZGRlciI6Ik9QRU5YIn1dLCJyZXNwb25zZXMiOltdLCJ3aW5uZXJzIjpbXX19XX0%3D&id=8648e4a1-ecee-4ecc-b702-6edd7fab329e&part=0&on=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.255.253.25 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-255-253-25.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection keep-alive Date Wed, 30 Dec 2020 09:25:05 GMT Server nginx
GET H2	200	f539211219b796ffbb49949997c764f0.png cdn.taboola.com/libtrc/static/thumbnails/ Frame 24E7	254 B 326 B	22ms 22ms	Image image/png	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC via 1.1 varnish etag "dfa7b52c86e56bd67fa4002f6ed19854" age 19685 x-cache HIT x-amz-replication-status COMPLETED content-length 254 x-amz-id-2 Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4= x-served-by cache-fra19136-FRA last-modified Wed, 24 Jun 2015 07:14:11 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567 x-timer S1609320305.390099,VS0,VE0 date Wed, 30 Dec 2020 09:25:05 GMT x-amz-request-id F6D91014AAA6CDC4 cache-control private,max-age=31536000 accept-ranges bytes content-type image/png abp 31 x-cache-hits 12936
GET H3-Q050	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame 7273	234 KB 87 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:05 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 89527 x-xss-protection 0 server cafe etag 1810063338415286733 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Wed, 30 Dec 2020 09:25:05 GMT
GET H3-Q050	200	zrt_lookup.html googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame D02F	0 0	7ms 6ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20201203/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUl9dRtpVtRDcSHMOM8iLqRw2bhbjYijDMuXghanS9GkgN1bIwZyY7cNEZTS Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Tue, 29 Dec 2020 10:01:15 GMT expires Tue, 12 Jan 2021 10:01:15 GMT content-type text/html; charset=UTF-8 etag 10723747146953794269 x-content-type-options nosniff content-encoding gzip server cafe content-length 4923 x-xss-protection 0 age 84230 cache-control public, max-age=1209600 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	cookie.js Show response partner.googleadservices.com/gampad/ Frame 7273	12 B 458 B	73ms 44ms	Script text/javascript	172.217.21.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=load.mrviral.co&callback=_gfp_s_&client=ca-pub-2500372977609723&cookie=ID%3D2f7dfa453b7bbac1-227439f677b900d3%3AT%3D1609320304%3ART%3D1609320304%3AS%3DALNI_MZs36r5fpEvqJuBYG7xpMEcpqaIAw Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.21.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s13-in-f226.1e100.net Software cafe / Resource Hash daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:05 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32 x-xss-protection 0
GET H3-Q050	200	integrator.js Show response adservice.google.de/adsid/ Frame 7273	109 B 781 B	42ms 28ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=load.mrviral.co Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 30 Dec 2020 09:25:05 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H3-Q050	200	integrator.js Show response adservice.google.com/adsid/ Frame 7273	109 B 781 B	44ms 30ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=load.mrviral.co Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 30 Dec 2020 09:25:05 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H3-Q050	200	ads googleads.g.doubleclick.net/pagead/ Frame 5387	0 0	414ms 413ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2500372977609723&output=html&h=250&slotname=PA_GR_OptimaNetwork%2Fmrviral.co%2F20428196_mrviral.co_ros_300x250&adk=1519538317&adf=287865386&pi=t.ma~as.PA_GR_OptimaNetwork_&w=300&url=https%3A%2F%2Fload.mrviral.co%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609320305396&bpp=4&bdt=73&idt=47&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D2f7dfa453b7bbac1-227439f677b900d3%3AT%3D1609320304%3ART%3D1609320304%3AS%3DALNI_MZs36r5fpEvqJuBYG7xpMEcpqaIAw&correlator=1193438672790&frm=23&ife=1&pv=1&ga_vid=486271191.1609320304&ga_sid=1609320305&ga_hid=108277733&ga_fc=1&nhd=1&u_tz=60&u_his=11&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=24&biw=1600&bih=1200&isw=300&ish=250&ifk=1728355919&scr_x=0&scr_y=0&eid=21068768%2C21068986&oid=3&pvsid=1991421236178659&pem=499&ref=https%3A%2F%2Ftrk9.nundori.xyz%2Fl%2F26997435f4616f161c90%3Fsub%3D1609320303106189-ZVQQbg-9135-12684%26source%3De3B1YmlkfQ%253D%253D_7497_9135%26url%3Dhttps%253A%252F%252Ftiktok-labs.com%252Fgw.php%253Fcampaign_id%253D15_b_384142_b_122223_b_DE%26vId%3Dbmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e%26hash%3D26997435f4616f161c90%26ete%3Dtrue&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.lz01trekesmk&fsb=1&dtd=53 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-2500372977609723&output=html&h=250&slotname=PA_GR_OptimaNetwork%2Fmrviral.co%2F20428196_mrviral.co_ros_300x250&adk=1519538317&adf=287865386&pi=t.ma~as.PA_GR_OptimaNetwork_&w=300&url=https%3A%2F%2Fload.mrviral.co%2Fv2%2Fv2%2Fworst-diet-mistakes-1.html&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609320305396&bpp=4&bdt=73&idt=47&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D2f7dfa453b7bbac1-227439f677b900d3%3AT%3D1609320304%3ART%3D1609320304%3AS%3DALNI_MZs36r5fpEvqJuBYG7xpMEcpqaIAw&correlator=1193438672790&frm=23&ife=1&pv=1&ga_vid=486271191.1609320304&ga_sid=1609320305&ga_hid=108277733&ga_fc=1&nhd=1&u_tz=60&u_his=11&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=24&biw=1600&bih=1200&isw=300&ish=250&ifk=1728355919&scr_x=0&scr_y=0&eid=21068768%2C21068986&oid=3&pvsid=1991421236178659&pem=499&ref=https%3A%2F%2Ftrk9.nundori.xyz%2Fl%2F26997435f4616f161c90%3Fsub%3D1609320303106189-ZVQQbg-9135-12684%26source%3De3B1YmlkfQ%253D%253D_7497_9135%26url%3Dhttps%253A%252F%252Ftiktok-labs.com%252Fgw.php%253Fcampaign_id%253D15_b_384142_b_122223_b_DE%26vId%3Dbmconv_20201230102503_2bf023db_228c_4a9b_bc07_542e4943736e%26hash%3D26997435f4616f161c90%26ete%3Dtrue&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.lz01trekesmk&fsb=1&dtd=53 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUl9dRtpVtRDcSHMOM8iLqRw2bhbjYijDMuXghanS9GkgN1bIwZyY7cNEZTS Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Wed, 30 Dec 2020 09:25:05 GMT server cafe content-length 17953 x-xss-protection 0 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 7273	74 KB 28 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:05 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1607690616793149" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28334 x-xss-protection 0 expires Wed, 30 Dec 2020 09:25:05 GMT
GET H2	200	33055d9ec07f8373445976ea0aeea9b5.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 4BA1	11 KB 12 KB	22ms 22ms	Image image/jpeg	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/33055d9ec07f8373445976ea0aeea9b5.jpg Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cloudinary / Resource Hash 68e1992041dbb926e2ae311cc0a8e64d108dc2a128dc0429b84be784f01b7e4a Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-vcl-time-ms 0 date Wed, 30 Dec 2020 09:25:05 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish age 3486280 edge-cache-tag 369291807495640604778561702959407628839,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70 expiration expiry-date="Sun, 20 Dec 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days" x-cache MISS, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/33055d9ec07f8373445976ea0aeea9b5.jpg content-length 11591 x-served-by cache-dca17756-DCA, cache-dca17752-DCA, cache-hhn11563-HHN last-modified Thu, 19 Nov 2020 11:34:13 GMT server cloudinary x-timer S1609320306.955337,VS0,VE0 etag "00c9119dffcd4185eca2b4df560c8a13" content-type image/jpeg access-control-allow-origin * cache-control public, max-age=7776000 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 1, 2
GET H2	200	c98a8254d637665e0c2e0f343135de11.png images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 24E7	11 KB 12 KB	26ms 25ms	Image image/jpeg	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c98a8254d637665e0c2e0f343135de11.png Requested by Host: load.mrviral.co URL: https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cloudinary / Resource Hash 7d13ae6b9c70c2ad6db5d180443fb6da82fc6c17958a0e79b3549e774b9caed3 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-vcl-time-ms 0 date Wed, 30 Dec 2020 09:25:05 GMT via 1.1 varnish, 1.1 varnish, 1.1 varnish age 2494871 edge-cache-tag 390488622230599119048482131454963415469,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-cache MISS, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c98a8254d637665e0c2e0f343135de11.png content-length 11682 x-request-id 12c3abe9248a720c7179f7bc443169d4 x-served-by cache-dca17760-DCA, cache-dca17755-DCA, cache-hhn11563-HHN last-modified Mon, 30 Nov 2020 19:58:00 GMT server cloudinary x-timer S1609320306.978464,VS0,VE0 etag "2c848784f4ff4bb935f2d84a0d566b1b" content-type image/jpeg access-control-allow-origin * cache-control public, max-age=7776000 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 1, 5
GET H3-Q050	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 7273	8 KB 7 KB	45ms 31ms	XHR application/json	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4b983fbb3897022cfccc8d2ae67ec4b06e8791bcbd86eeca958a1008d9eb35d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Wed, 30 Dec 2020 09:25:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 6562 x-xss-protection 0
GET H3-Q050	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 7273	16 KB 6 KB	42ms 28ms	Script text/javascript	2a00:1450:4001:81d::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 30 Dec 2020 09:25:06 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1603823857801521" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6015 x-xss-protection 0 expires Wed, 30 Dec 2020 09:25:06 GMT
GET H3-Q050	200	runner.html tpc.googlesyndication.com/sodar/sodar2/219/ Frame 3ADF	0 0	6ms 6ms	Document text/html	2a00:1450:4001:81d::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/219/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 4867 date Wed, 30 Dec 2020 08:35:48 GMT expires Thu, 30 Dec 2021 08:35:48 GMT last-modified Mon, 05 Oct 2020 22:33:01 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 2958 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	204	bulk Show response trc.taboola.com/mrviral300x250gr-r20428196/log/3/ Frame 4BA1	0 424 B	31ms 31ms	XHR image/gif	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/mrviral300x250gr-r20428196/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1 Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20201229-13-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-vcl-time-ms 9 pragma no-cache date Wed, 30 Dec 2020 09:25:06 GMT via 1.1 varnish server nginx x-timer S1609320306.309674,VS0,VE9 x-served-by cache-hhn11563-HHN x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://load.mrviral.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes content-type image/gif x-cache-hits 0
POST H2	204	bulk Show response trc.taboola.com/mrviral300x250gr-r20428196/log/3/ Frame 24E7	0 57 B	32ms 32ms	XHR image/gif	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/mrviral300x250gr-r20428196/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1 Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20201229-13-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-vcl-time-ms 9 pragma no-cache date Wed, 30 Dec 2020 09:25:06 GMT via 1.1 varnish server nginx x-timer S1609320306.361682,VS0,VE9 x-served-by cache-hhn11563-HHN x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://load.mrviral.co cache-control no-cache access-control-allow-credentials true accept-ranges bytes content-type image/gif x-cache-hits 0
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7273	0 144 B	15ms 15ms	Image image/gif	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=1991421236178659&bg=!9_Sl9NTNAAXKjztBylhPw20SzsBXOQIAAABgUgAAABBoAQcKAVxAr7uTzr6gKHI3VCyD9iahGbDis9m-blSkLDosZQb8ZeinyywytpeUeyvni67lhuZ38Pc699CWVNBqC7SHMDFQoYvgGkkLElWPWYpdxYAZzUKyy7aotYvagQfp7uMrW9ZqL2MVvi75kVGRhCa3Srejiwx0ewkr8cyJ-4B6K2p4oWvlVD7ACvqYuu_d9jvfdGGyeG6qSn_kp4b4bQnI57Y4eiV7oNGQF4oE96IwsI4KOjDt8uu9Z3FhOMZEP135mhM5wlb7LY8OIR1SSIgC-L0riQgUSH4ERTVa_gKa15I62vIPKayB7oOf-FX278wM457k4osX2Cr3-DVWLSOZEQesqoGLHwSQ2vk3TqBOfwsieNkk4aGFH_M1qsZvPNzraz90rVAqfn5MGH5eTVPdVBu0CktuPVEdaUb9e1SeMo9CpY86Zqynf_6IIZ3dajdHWEpZcAc-XbkdDtsEfT2ZAdHu6gnVA5GyiF4ynDdmbcYSEDUMkKyYzW9T9YY6B3_FbOU1yRI5Q_9dNvPiaqvVfK6WP6h8tp8Sww-YAqFdD8Dnkyjc65bVeoYKAbmGbmsjjTEFcEdaK6j_6krBj3frkeAu-vDtG4xHEKm-Qs_MAb0u06XlICSKqHoB429gjHdshJtelOqlW8H1_kDLyks-v2d1CGBeIZoWwufwbrsASh2HiRm2LesnTR0uB5nY4ZNn7kU5SpzmMg2bc7amBPolgZQkTUf1CGWLVDMnHXk0kcCAZN-hoUfDCCNpZDrcs8KwiYKYHl8rDe9DRu6nopdh8RJT5vkPI-DMQ7dhjSpJGk7J2EsO8tQWOBuasTiSwZDAuzFHVwChEKu0ISLPcSOT1pod8tLVm4t860__Ttcq2kJferc8SbEz4tGXV-qsqsrNl5xGqSmToORKyP-e2NGKAqB0uhtAE5-c-g_Nmddt3nGVOYEdAeQqX7SGoGeieym6im-jCa_A23Brn8tFJucfBUw2kjsh40KoDU3_yX9NFLdfHND-NmzdstmIBLeyWoQWMfXn3cXt1JCcbBSjxRhIrYxlaw5T-WXaOaTBN7ZYS1O2BIU6yOWAOEV2FpvIz62V6bs Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:06 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=1 https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJubmy_o-reSYNEjCHaPbu4&google_cver=1	43 B 114 B	23ms 21ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJubmy_o-reSYNEjCHaPbu4&google_cver=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 , United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.199.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://load.mrviral.co/v2/v2/worst-diet-mistakes-1.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Wed, 30 Dec 2020 09:25:07 GMT via 1.1 google server OXGW/16.199.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Wed, 30 Dec 2020 09:25:07 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJubmy_o-reSYNEjCHaPbu4&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

id5-sync.com

URL

https://id5-sync.com/c/464/146/1/7.gif?puid=d403cea4-8aae-4016-ad6d-4dc542edcf09&gdpr=1&gdpr_consent=

Domain

id5-sync.com

URL

https://id5-sync.com/c/464/441/0/8.gif?puid=e_03da0e45-d618-43d8-92a1-3ae3b95e2da2&gdpr=1&gdpr_consent=