dfiles.eu Open in urlscan Pro
94.242.227.155  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://depositfiles.org/files/xsvb507vm HTTP 302
   https://depositfiles.org/files/xsvb507vm HTTP 302
   https://dfiles.eu/files/xsvb507vm Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

• https://adsbb.dfiles.eu//ad.php?z=56&c=FR HTTP 303
• https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

Request Chain 23

• https://adsbb.dfiles.eu//ad.php?z=58&c=FR&g=gateway HTTP 303
• https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752

Request Chain 107

• https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
• https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9ZWbRjZXwF7k&ev=1&orig=trc&pid=562107

Request Chain 109

• https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
• https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENWTc2jUPXidFwosbmHGJ58&google_cver=1

Request Chain 111

• https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=2d83a1b0-6659-4142-a3d0-7eee5f93f89b-tuct7e8d058 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=2d83a1b0-6659-4142-a3d0-7eee5f93f89b-tuct7e8d058&google_tc=

Request Chain 112

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
• https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1ec5f14b-fbe8-4c3f-92b4-fa76ae3b082f

Request Chain 113

• https://ce.lijit.com/merge?pid=42&3pid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
• https://ce.lijit.com/merge?pid=42&3pid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 117

• https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
• https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=d5ebf754-3291-4803-b86a-6acf7a1083a7

Request Chain 118

• https://id5-sync.com/s/464/9.gif?puid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
• https://id5-sync.com/c/464/464/7/1.gif?puid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/464/108/6/2.gif?puid=037e6341-909c-48a4-8934-e44f3d48d1c9&gdpr=1&gdpr_consent= HTTP 302
• https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMObOkOFTcTi3V5Sj_PFBD2pgpbVJJGtOvsItCvqQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMObOkOFTcTi3V5Sj_PFBD2pgpbVJJGtOvsItCvqQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/cq/464/124/5/3.gif?puid=7ad4b61b-4d47-4a10-bbe7-9c213b60aa6f&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
• https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/464/441/4/4.gif?puid=e_21b20e9a-fe96-4273-8edf-98a09e4ec2af&gdpr=1&gdpr_consent= HTTP 302
• https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
• https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1 HTTP 303
• https://id5-sync.com/c/464/9/3/5.gif?puid=GwfWTBwIMfL_i9wFLtGOFHfut8Yvvw-g5anXg0CHWBk&gdpr=1&gdpr_consent= HTTP 302
• https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
• https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
• https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
• https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEHRPWIDYmXUnW-qpczYJnOE&google_cver=1 HTTP 303
• https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEHRPWIDYmXUnW-qpczYJnOE&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
• https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4583384604084776194&opid=apx&ops=&utidl=tech:goo:CAESEHRPWIDYmXUnW-qpczYJnOE&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
• https://id5-sync.com/qp/18.gif?puid=vec%3A18973895730&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
• https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=

Request Chain 119

• https://s.c.appier.net/taboola HTTP 302
• https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=p51MG1CuCvKP9nhq2ErvYA

Request Chain 121

• https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
• https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
• https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
• https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=30959869-9efa-4d7f-8675-a1707bd86fc4&ssp=taboola HTTP 302
• https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ccb6e9cd-d7ea-4811-b2d4-50d939bdd8ee

Request Chain 122

• https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
• https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
• https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a467fc42-6d1f-4c29-9d39-8f72277cf2b5 HTTP 302
• https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a467fc42-6d1f-4c29-9d39-8f72277cf2b5&tbid=2d83a1b0-6659-4142-a3d0-7eee5f93f89b-tuct7e8d058&query=taboola_hm%3Da467fc42-6d1f-4c29-9d39-8f72277cf2b5&isDirect=0

Request Chain 124

• https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
• https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=660785ab-7940-52c3-896b-9a03e984d0db

Request Chain 126

• https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=set-RK7ORG2HMq-c35NheQ&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3Dd458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055%26ui%3Dset-RK7ORG2HMq-c35NheQ HTTP 302
• https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&ui=set-RK7ORG2HMq-c35NheQ

Request Chain 127

• https://eb2.3lift.com/xuid?mid=7772&xuid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&dongle=tbla HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=

Request Chain 131

• https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUY1NjNGRjctNzlCMC00MTZELUIwN0UtRjNBREVFNEYyNjE5&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 132

• https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBP9l_W1mBWZpgGqPy7wbPo&google_cver=1

Request Chain 134

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set xsvb507vm Show response dfiles.eu/files/ Redirect Chain http://depositfiles.org/files/xsvb507vm https://depositfiles.org/files/xsvb507vm https://dfiles.eu/files/xsvb507vm	20 KB 7 KB	425ms 327ms	Document text/html	94.242.227.155 ROOT
General Check archive.org Show headers Download Go to Full URL https://dfiles.eu/files/xsvb507vm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.155 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-227-155.server.lu Software nginx / Resource Hash 6d7e23dd2d5e08463463bb7c6ec061f14fbdab159c50d21c2683c665f9316afe Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Host dfiles.eu Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Server nginx Date Wed, 14 Jul 2021 20:36:35 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Set-Cookie uprand=a839defe77b9b9cbec93f597a6c57f82; path=/; domain=.dfiles.eu last_file=xsvb507vm; path=/; domain=.dfiles.eu lang_current=en; expires=Thu, 14-Jul-2022 20:36:35 GMT; Max-Age=31536000; path=/; domain=.dfiles.eu Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache X-Frame-Options SAMEORIGIN Content-Encoding gzip Redirect headers Server nginx Date Wed, 14 Jul 2021 20:36:35 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Location //dfiles.eu/files/xsvb507vm
GET H/1.1	200 OK	main.css static.depositfiles.com/css/	190 KB 46 KB	167ms 57ms	Stylesheet text/css	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Full URL https://static.depositfiles.com/css/main.css Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash 50d446eade67c33dc4dba74f2f2b7480b5021de5a98bfedc1f10ce5c35d966f3 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Content-Encoding gzip Last-Modified Mon, 05 Apr 2021 16:16:12 GMT Server nginx ETag W/"606b37cc-2f719" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=300 Connection keep-alive Expires Wed, 14 Jul 2021 20:41:35 GMT
GET H/1.1	200 OK	base2.js Show response static.depositfiles.com/js/	390 KB 390 KB	178ms 68ms	Script application/javascript	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Full URL https://static.depositfiles.com/js/base2.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash d29ab86f64b4fcfbc45b9ef806c147f1e42e37e37d44a559147232288063badc Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Mon, 01 Apr 2019 16:12:07 GMT Server nginx ETag "5ca23857-6164f" Content-Type application/javascript Cache-Control max-age=300 Connection keep-alive Accept-Ranges bytes Content-Length 398927 Expires Wed, 14 Jul 2021 20:41:35 GMT
GET H/1.1	200 OK	jquery.validate.js Show response static.depositfiles.com/js/	37 KB 38 KB	179ms 69ms	Script application/javascript	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Full URL https://static.depositfiles.com/js/jquery.validate.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash 95434a8a2568a6481a1fbcf5808a75dd58e77348ed6d70b4f7aeda8842e8f0c7 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Fri, 10 Nov 2017 14:14:44 GMT Server nginx ETag "5a05b454-957d" Content-Type application/javascript Cache-Control max-age=300 Connection keep-alive Accept-Ranges bytes Content-Length 38269 Expires Wed, 14 Jul 2021 20:41:35 GMT
GET H/1.1	200 OK	function.js Show response static.depositfiles.com/js/	34 KB 34 KB	186ms 74ms	Script application/javascript	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Full URL https://static.depositfiles.com/js/function.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash 51d26403861d61a7842bc73f518d4a4351a7027c40c9f0347f61421226950b84 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Sun, 29 Apr 2018 18:38:59 GMT Server nginx ETag "5ae61143-8863" Content-Type application/javascript Cache-Control max-age=300 Connection keep-alive Accept-Ranges bytes Content-Length 34915 Expires Wed, 14 Jul 2021 20:41:35 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 702 B	15ms 14ms	Script text/javascript	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash b53381303a6bc0505e09d23f4c49c2e48e90493b8b78b9f7372682d0d27ac5e3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:35 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 559 x-xss-protection 1; mode=block expires Wed, 14 Jul 2021 20:36:35 GMT
GET H2	200	h.js Show response cdn.unblockia.com/	68 KB 15 KB	49ms 17ms	Script application/x-javascript	2606:4700:20::681a:686 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.unblockia.com/h.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:686 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09a06c641e92e4b8b57d85166b6a6661c664333a387cafbeff435072ef7904d2 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:35 GMT content-encoding br cf-cache-status HIT last-modified Wed, 14 Jul 2021 14:50:11 GMT server cloudflare age 6381 etag W/"3ede2aed05946e6c0e24ec83d17d17e0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1B5M8Ymou4%2BcZrzkp18L0XBCrSQSjNDiHbQvK%2FlU2GN4RgZS8pi35f8huHbLdnjdXjcZbE1HzkoPHMHvZQ17rxeYhauF1gnD92SrRH7q4hz5S0Emp7mF3ed9FMU0P%2B4DutOYJxrwMs0gEw9VLqsy"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript nel {"report_to":"cf-nel","max_age":604800} cf-ray 66ed8b4bbcbfbf23-FRA x-amz-request-id WKAHEMTKHX6PM18N x-amz-id-2 Tl+4ACw0FUro/AVtzbXLbVWvdhpHmcANklOgXQ8Wwt5dEs30+GfGE+AV69RlZDn6KsMFpbB+3GA=
GET H2	403	224ad4a14b4b15c1726ff705ec672ea6.js distinctleftmargaret.com/22/4a/d4/	0 0	318ms 104ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://distinctleftmargaret.com/22/4a/d4/224ad4a14b4b15c1726ff705ec672ea6.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Wed, 14 Jul 2021 20:36:35 GMT server nginx/1.17.6 content-type application/javascript content-length 0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	200 OK	download_utils.js Show response static.depositfiles.com/js/	13 KB 13 KB	178ms 61ms	Script application/javascript	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Full URL https://static.depositfiles.com/js/download_utils.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash 16f1515b9938fc7de086c504fe214484d97e237647a5d7fa2cb742a93f00c1ea Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Mon, 05 Nov 2018 20:56:05 GMT Server nginx ETag "5be0ae65-3447" Content-Type application/javascript Cache-Control max-age=300 Connection keep-alive Accept-Ranges bytes Content-Length 13383 Expires Wed, 14 Jul 2021 20:41:35 GMT
GET H/1.1	200 OK	gold_offer.js Show response static.depositfiles.com/js/	10 KB 10 KB	176ms 59ms	Script application/javascript	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Full URL https://static.depositfiles.com/js/gold_offer.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash a86d8d81e5c254822628c578c40d2d62956ab3060632d1884b5080093365b97b Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Fri, 10 Nov 2017 14:14:43 GMT Server nginx ETag "5a05b453-269f" Content-Type application/javascript Cache-Control max-age=300 Connection keep-alive Accept-Ranges bytes Content-Length 9887 Expires Wed, 14 Jul 2021 20:41:35 GMT
GET H/1.1	200 OK	speed_small_gold.gif static.depositfiles.com/images/	14 KB 14 KB	36ms 36ms	Image image/gif	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/speed_small_gold.gif Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash 13678b229b6c4224bcb9578a2f29bc3686958f4bea73af7645eb39af4246e6a9 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Fri, 10 Nov 2017 14:14:44 GMT Server nginx ETag "5a05b454-389c" Content-Type image/gif Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 14492 Expires Mon, 19 Jul 2021 20:36:35 GMT
GET H/1.1	200 OK	speed_small.gif static.depositfiles.com/images/	23 KB 24 KB	42ms 41ms	Image image/gif	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/speed_small.gif Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash 01edcbb65e514def555b1e999d3a72f118f67e572f628293b91893b3758c6991 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Fri, 10 Nov 2017 14:14:42 GMT Server nginx ETag "5a05b452-5dac" Content-Type image/gif Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 23980 Expires Mon, 19 Jul 2021 20:36:35 GMT
GET H/1.1	200 OK	no.png static.depositfiles.com/images/	3 KB 3 KB	36ms 35ms	Image image/png	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/no.png Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash 9b95b8f24b2b0808d611f4fd9bf5f3c548b352ae6100ab7b298b99a86905db79 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Fri, 10 Nov 2017 14:14:44 GMT Server nginx ETag "5a05b454-c4a" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3146
GET H/1.1	200 OK	yes.png static.depositfiles.com/images/	3 KB 3 KB	36ms 36ms	Image image/png	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/yes.png Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash b325d6cb153b02050e59230e2abfb01e05f4bda708ad54bd8f6d9693fa9c2dac Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Fri, 10 Nov 2017 14:14:43 GMT Server nginx ETag "5a05b453-ccb" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3275
GET H2	200	main.js Show response pw.wpu.sh/script/	75 KB 25 KB	89ms 27ms	Script application/javascript	213.174.135.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://pw.wpu.sh/script/main.js?promo=22321&tcid=411&src=1926257466 Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.16.1 / Resource Hash 054bde4e1d273cd088678aeff7956ce65f606431632cfc2196020b1160fb9998 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:35 GMT content-encoding gzip server nginx/1.16.1 content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Wed, 14 Jul 2021 21:36:35 GMT cache-control max-age=3600 x-proxy-cache HIT
GET H/1.1	200 OK	logo.png static.depositfiles.com/images/	4 KB 4 KB	39ms 39ms	Image image/png	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/logo.png Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash 7f89eb8ab03684f4db282ca30eb231b1e254bca10c7b511950df5e0eab0a68a0 Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Fri, 10 Nov 2017 14:14:44 GMT Server nginx ETag "5a05b454-e27" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3623
GET H/1.1	200 OK	sprite.png static.depositfiles.com/images/	36 KB 36 KB	59ms 59ms	Image image/png	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/sprite.png Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash b287134a60667ce8e2c3fa1603e3a8f2ffa59c64e746d026d1a13ef19f3f38a0 Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Fri, 10 Nov 2017 14:14:43 GMT Server nginx ETag "5a05b453-8fc2" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 36802
GET H/1.1	200 OK	member_menu_bg.gif static.depositfiles.com/images/	78 B 378 B	54ms 35ms	Image image/gif	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/member_menu_bg.gif Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash 6f57f29224d8e9e51ed0839e329055426fba7dcd97ef31e93ed495f93a6063df Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Fri, 10 Nov 2017 14:14:43 GMT Server nginx ETag "5a05b453-4e" Content-Type image/gif Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 78 Expires Mon, 19 Jul 2021 20:36:35 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/	341 KB 133 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://dfiles.eu Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 17:14:29 GMT content-encoding gzip x-content-type-options nosniff age 12126 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 135961 x-xss-protection 0 last-modified Mon, 28 Jun 2021 04:05:04 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 14 Jul 2022 17:14:29 GMT
GET H/1.1	200 OK	sprite64.png static.depositfiles.com/images/	28 KB 28 KB	40ms 39ms	Image image/png	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/sprite64.png Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash a9ed59ab3bbcfdf66224664aeb14fa0f0e8f034d8472a58dadcf65cfff17685d Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Fri, 10 Nov 2017 14:14:43 GMT Server nginx ETag "5a05b453-704b" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 28747
GET H/1.1	200 OK	upload_btn_bg.gif static.depositfiles.com/images/	9 KB 9 KB	39ms 39ms	Image image/gif	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/upload_btn_bg.gif Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash c667d75c7f916bf8b140b0e1f7ab0c996f76d4642faed85bd9fef3c738f0912b Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Fri, 10 Nov 2017 14:14:44 GMT Server nginx ETag "5a05b454-2332" Content-Type image/gif Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 9010 Expires Mon, 19 Jul 2021 20:36:35 GMT
GET H/1.1	200 OK	lang24.png static.depositfiles.com/images/flags/	9 KB 9 KB	40ms 38ms	Image image/png	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/flags/lang24.png Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash ce23be242e34c5b420f8ba0390aef20fa50ffc69f700091029616eff524e8f9b Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Thu, 14 May 2020 09:52:24 GMT Server nginx ETag "5ebd14d8-23d4" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 9172
GET H/1.1	200 OK	sprite16.png static.depositfiles.com/images/	28 KB 28 KB	39ms 38ms	Image image/png	94.242.236.114 ROOT
General Check archive.org Show headers Download Go to Show image Full URL https://static.depositfiles.com/images/sprite16.png Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.236.114 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS ip-static-94-242-236-114.server.lu Software nginx / Resource Hash 604187f8828381a47ae70249f55f21c78c53ab1401d20a5f2230a0d6c9ae50d1 Request headers Referer https://static.depositfiles.com/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Jul 2021 20:36:35 GMT Last-Modified Fri, 10 Nov 2017 14:14:43 GMT Server nginx ETag "5a05b453-6f55" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 28501
GET H/1.1	200 OK	ad27352941d759d0.htm Show response adsbb.dfiles.eu/upload/2005/ Frame 6C52 Redirect Chain https://adsbb.dfiles.eu//ad.php?z=56&c=FR https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	1 KB 905 B	128ms 58ms	Document text/html	94.242.227.163 ROOT
General Check archive.org Show headers Download Go to Full URL https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/js/base2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.163 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS Software nginx / Resource Hash fdff89ea3ea81b2daf48dac9dac4e4d7be175b526a0072c6a4a333a8f0aa923e Request headers Host adsbb.dfiles.eu Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://dfiles.eu/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie uprand=a839defe77b9b9cbec93f597a6c57f82; last_file=xsvb507vm; lang_current=en; _nf56=1; _nf58=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer about:blank Response headers Server nginx Date Wed, 14 Jul 2021 20:36:36 GMT Content-Type text/html Transfer-Encoding chunked Connection close Last-Modified Wed, 14 Jul 2021 20:35:01 GMT Content-Encoding gzip Redirect headers Server nginx Date Wed, 14 Jul 2021 20:36:36 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close X-Powered-By PHP/5.6.30-0+deb8u1 Set-Cookie _nf56=1; expires=Thu, 15-Jul-2021 20:36:35 GMT; Max-Age=86400 Location /upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
GET H/1.1	200 OK	ad274029466c5257.htm Show response adsbb.dfiles.eu/upload/2006/ Frame DB84 Redirect Chain https://adsbb.dfiles.eu//ad.php?z=58&c=FR&g=gateway https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752	2 KB 1 KB	138ms 61ms	Document text/html	94.242.227.163 ROOT
General Check archive.org Show headers Download Go to Full URL https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Requested by Host: static.depositfiles.com URL: https://static.depositfiles.com/js/base2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.163 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS Software nginx / Resource Hash 02564222a1da7dde8a1d4b06f0642caa44a56d2e4d168371c9bc5056a4037a0a Request headers Host adsbb.dfiles.eu Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://dfiles.eu/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie uprand=a839defe77b9b9cbec93f597a6c57f82; last_file=xsvb507vm; lang_current=en; _nf56=1; _nf58=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer about:blank Response headers Server nginx Date Wed, 14 Jul 2021 20:36:36 GMT Content-Type text/html Transfer-Encoding chunked Connection close Last-Modified Wed, 14 Jul 2021 20:35:01 GMT Content-Encoding gzip Redirect headers Server nginx Date Wed, 14 Jul 2021 20:36:36 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close X-Powered-By PHP/5.6.30-0+deb8u1 Set-Cookie _nf58=1; expires=Thu, 15-Jul-2021 20:36:35 GMT; Max-Age=86400 Location /upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752
GET H2	200	npush.js Show response js.wpushsdk.com/npc/sdk/wpu/	90 KB 30 KB	88ms 27ms	Script application/javascript	213.174.135.25 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpushsdk.com/npc/sdk/wpu/npush.js Requested by Host: pw.wpu.sh URL: https://pw.wpu.sh/script/main.js?promo=22321&tcid=411&src=1926257466 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.16.1 / PHP/7.1.28 Resource Hash 8887e838598e600baf136d7fec6c850c0447553a68fa5678abcc11d2685832ae Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:35 GMT content-encoding gzip server nginx/1.16.1 x-powered-by PHP/7.1.28 content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Wed, 14 Jul 2021 21:36:35 GMT cache-control max-age=3600 x-proxy-cache HIT
GET H2	200	411.php Show response vasgenerete.site/npc/anpc/	4 B 198 B	88ms 29ms	XHR text/html	213.174.135.25 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://vasgenerete.site/npc/anpc/411.php Requested by Host: js.wpushsdk.com URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.16.1 / PHP/7.1.28 Resource Hash d7793d4cf596bc12fd217b5ab3e8a9e7d0266c65c7a1154bd22cebf405ffb582 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT server nginx/1.16.1 x-powered-by PHP/7.1.28 content-type text/html; charset=UTF-8 access-control-allow-origin * expires Wed, 14 Jul 2021 21:36:36 GMT cache-control max-age=3600 content-length 4 x-proxy-cache HIT
GET H2	200	csub.js Show response js.wpushsdk.com/npc/sdk/wpu/	6 KB 3 KB	28ms 28ms	Script application/javascript	213.174.135.25 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpushsdk.com/npc/sdk/wpu/csub.js Requested by Host: js.wpushsdk.com URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.16.1 / PHP/7.1.28 Resource Hash 11995232de4f3d1a0e964186801525fb5d85f20e4e47bc98338648d14520e5e4 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding gzip server nginx/1.16.1 x-powered-by PHP/7.1.28 content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Wed, 14 Jul 2021 21:36:36 GMT cache-control max-age=3600 x-proxy-cache HIT
GET H2	200	dfiles.ru.828725.js Show response jsc.adskeeper.co.uk/d/f/ Frame 6C52	277 KB 74 KB	93ms 46ms	Script text/javascript	104.19.132.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.adskeeper.co.uk/d/f/dfiles.ru.828725.js Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f99af8f4dbf3f0b896f7c399c5572af757cec7a9ce790b7f4efc79b8cf16abfe Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT age 1875 cf-polished origSize=283167 last-modified Wed, 14 Jul 2021 11:47:16 GMT alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-amz-request-id G7HY2C0FH52E3TQ5 x-amz-id-2 rkbXHY03y6TsFIyjo2CSyyjaRAsMdLPUUt2jjnm2peUF0ctHzwlmH9jXygua5+1WZGz4Oc0TNCg= cf-bgj minify server cloudflare etag W/"739886ab9b8abf4f0294eaee93349a94" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=14400 cf-ray 66ed8b4e690468f4-CDG expires Thu, 15 Jul 2021 00:36:36 GMT
GET H/1.1	200 OK	jquery-1.5.1.min.js Show response adsbb.dfiles.eu/static/js/ Frame 6C52	83 KB 84 KB	133ms 59ms	Script application/javascript	94.242.227.163 ROOT
General Check archive.org Show headers Download Go to Full URL https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.163 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS Software nginx / Resource Hash 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b Request headers Referer https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 14 Jul 2021 20:36:36 GMT Server nginx Content-Type application/javascript Cache-Control no-cache, private, no-cache, no-store, must-revalidate Connection close Accept-Ranges bytes Content-Length 85260 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	jquery-1.5.1.min.js Show response adsbb.dfiles.eu/static/js/ Frame DB84	83 KB 84 KB	129ms 58ms	Script application/javascript	94.242.227.163 ROOT
General Check archive.org Show headers Download Go to Full URL https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.163 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS Software nginx / Resource Hash 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b Request headers Referer https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 14 Jul 2021 20:36:36 GMT Server nginx Content-Type application/javascript Cache-Control no-cache, private, no-cache, no-store, must-revalidate Connection close Accept-Ranges bytes Content-Length 85260 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	t.js Show response adpatrof.com/ Frame DB84	17 KB 17 KB	138ms 63ms	Script application/javascript	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash c25283b3e331910421272d5f08e358be1fdc00cc32f96e5a44dd90d2f5555f3f Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id 6BNEkKtmxXtqsKc3khRVjOpkUoapsb1amjqNpNGCil7C_RsHFNUTJg== x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8
GET H/1.1	200 OK	view.gif Show response adsbb.dfiles.eu/ Frame DB84	43 B 344 B	133ms 59ms	XHR image/gif	94.242.227.163 ROOT
General Check archive.org Show headers Download Go to Full URL https://adsbb.dfiles.eu/view.gif?c=2946&z=58&b=2740&u=60ef4a7556a9319222281348328996 Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.163 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS Software nginx / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Accept */* Referer https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 14 Jul 2021 20:36:36 GMT Server nginx Content-Type image/gif Cache-Control no-cache, private, no-cache, no-store, must-revalidate Connection close Accept-Ranges bytes Content-Length 43 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	view.gif Show response adsbb.dfiles.eu/ Frame 6C52	43 B 344 B	139ms 61ms	XHR image/gif	94.242.227.163 ROOT
General Check archive.org Show headers Download Go to Full URL https://adsbb.dfiles.eu/view.gif?c=2941&z=56&b=2735&u=60ef4a75ec3a49458916853792965 Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/static/js/jquery-1.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.242.227.163 , Luxembourg, ASN5577 (ROOT, LU), Reverse DNS Software nginx / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Accept */* Referer https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 14 Jul 2021 20:36:36 GMT Server nginx Content-Type image/gif Cache-Control no-cache, private, no-cache, no-store, must-revalidate Connection close Accept-Ranges bytes Content-Length 43 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	/ Show response c.adskeeper.co.uk/pv/ Frame 6C52	0 132 B	157ms 149ms	Script text/plain	104.19.132.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adskeeper.co.uk/pv/?pv=5&cbuster=162629499644499928301&uniqId=04084&childs=828731&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fxsvb507vm&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fxsvb507vm&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fxsvb507vm&pageView=1&pvid=17aa6bc4dddb5af6464&site=544656&implVersion=11&dpr=1 Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/d/f/dfiles.ru.828725.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 14 Jul 2021 20:36:36 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 66ed8b4fd9b768f4-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET DATA	200 OK	truncated / Frame 6C52	138 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a5351cc5fcd84ca5f24714cbc76e6b8f4fbf9a73fb9f7491bec0b523d073987e Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	1 Show response servicer.adskeeper.co.uk/828725/ Frame 6C52	2 KB 1 KB	96ms 95ms	Script application/x-javascript	104.19.132.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.adskeeper.co.uk/828725/1?pv=5&cbuster=1626294996498621178076&uniqId=04084&childs=828731&niet=4g&nisd=false&w=240&h=738&cols=1&iframe=1&ref=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fxsvb507vm&cxurl=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fxsvb507vm&lu=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fxsvb507vm&pageView=1&pvid=17aa6bc4dddb5af6464&implVersion=11&dpr=1 Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/d/f/dfiles.ru.828725.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c22427a15049b29bf02feca13633f2ecf87f1623e4e95026ee861efadf303f1e Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/x-javascript; charset=utf-8 cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 66ed8b5029ce68f4-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	sync Show response adpatrof.com/ Frame 8612	9 KB 9 KB	83ms 82ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=3529dc43310647a6be1f44cbc6bfadeb8&cb=7902591626294996549 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash eb6d45b0177744fe6831b6acfbba4bc6c65e7906a35a29bde1c16d58a5520f2e Request headers :method GET :authority adpatrof.com :scheme https :path /sync?i=luc8kp3c2wcmn47n3xzj&a=3529dc43310647a6be1f44cbc6bfadeb8&cb=7902591626294996549 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://adsbb.dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://adsbb.dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Wed, 14 Jul 2021 20:36:36 GMT x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id F3GhIK2NzBefTlUIAu6EcBU9_SuKJhzvMnTSRkg3KNu5-jVADkN3Jg==
GET H2	200	async_usersync Show response adpatrof.com/ Frame 5173	9 KB 9 KB	63ms 63ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/async_usersync?i=luc8kp3c2wcmn47n3xzj&a=785004b5f802e037d6f7b54b2cdb12613&cb=1825051626294996552 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash 0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08 Request headers :method GET :authority adpatrof.com :scheme https :path /async_usersync?i=luc8kp3c2wcmn47n3xzj&a=785004b5f802e037d6f7b54b2cdb12613&cb=1825051626294996552 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Wed, 14 Jul 2021 20:36:36 GMT x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id tT-FAviKm3vDZUYNc9v_HaVX7Hmu5HLungj5C2hYy0JtUmJEI8IbqA==
GET H2	200	send Show response adpatrof.com/ Frame 86A9	9 KB 9 KB	68ms 67ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/send?i=luc8kp3c2wcmn47n3xzj&a=a9c7a529e5b650b5788136bfa844a5287&cb=3767691626294996554 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash 0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08 Request headers :method GET :authority adpatrof.com :scheme https :path /send?i=luc8kp3c2wcmn47n3xzj&a=a9c7a529e5b650b5788136bfa844a5287&cb=3767691626294996554 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Wed, 14 Jul 2021 20:36:36 GMT x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id IWXzl4hayi521UUFitf7Ua7f7LhDxu_E-lkaGBTQrZKahxuAXBx2LA==
GET H2	200	async_usersync Show response adpatrof.com/ Frame DE3B	9 KB 9 KB	87ms 87ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/async_usersync?i=luc8kp3c2wcmn47n3xzj&a=a0263fa3a4f61542225ac0b6b8c02d8d1&cb=0502501626294996556 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash 0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08 Request headers :method GET :authority adpatrof.com :scheme https :path /async_usersync?i=luc8kp3c2wcmn47n3xzj&a=a0263fa3a4f61542225ac0b6b8c02d8d1&cb=0502501626294996556 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Wed, 14 Jul 2021 20:36:36 GMT x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id 2tYLkS62rwO64ykayVdKiqB_5s5JlF_ypYIkw7CgEv52oQjhE3M_tg==
GET H2	200	sync Show response adpatrof.com/ Frame 14C6	9 KB 9 KB	77ms 77ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=beed3467d583ef6b23a17b2869140b137&cb=8402501626294996560 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash 0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08 Request headers :method GET :authority adpatrof.com :scheme https :path /sync?i=luc8kp3c2wcmn47n3xzj&a=beed3467d583ef6b23a17b2869140b137&cb=8402501626294996560 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Wed, 14 Jul 2021 20:36:36 GMT x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id GBUNomvB6P2snIyzShmDD_gV_ULQk6Z6tFcIWv3-tkj5xtIWpYRurg==
GET H2	200	syncro Show response adpatrof.com/ Frame D617	2 KB 1 KB	95ms 95ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/syncro?i=luc8kp3c2wcmn47n3xzj&a=9504a780d2baa291f1a508d5a482466a3&cb=1332551626294996562 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash 65f3773dccbaa109200b9b555a5d00258e972afdefd913943748a096500bdb32 Request headers :method GET :authority adpatrof.com :scheme https :path /syncro?i=luc8kp3c2wcmn47n3xzj&a=9504a780d2baa291f1a508d5a482466a3&cb=1332551626294996562 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 vary Accept-Encoding date Wed, 14 Jul 2021 20:36:36 GMT content-encoding gzip x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id vIH1nsNEuWI8C83n5T-X2Py5wSReyumMUlGMJnStB3sk0vy-Y-PjYQ==
GET H2	200	user Show response adpatrof.com/ Frame AE1F	9 KB 9 KB	77ms 77ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/user?i=luc8kp3c2wcmn47n3xzj&a=300d3726af8e3134777cec4649cae0143&cb=3599471626294996563 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash 0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08 Request headers :method GET :authority adpatrof.com :scheme https :path /user?i=luc8kp3c2wcmn47n3xzj&a=300d3726af8e3134777cec4649cae0143&cb=3599471626294996563 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Wed, 14 Jul 2021 20:36:36 GMT x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id AZGyy1sBWc9wwuVJhUbJaQdX3Tmpf-Qj4DajVdSmXiAh2a-3ahOniA==
GET H2	200	stat Show response adpatrof.com/ Frame 6D96	9 KB 9 KB	91ms 91ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=8419aa6ca0e8c1ada0519243360c8c451&cb=6729161626294996564 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash 0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08 Request headers :method GET :authority adpatrof.com :scheme https :path /stat?i=luc8kp3c2wcmn47n3xzj&a=8419aa6ca0e8c1ada0519243360c8c451&cb=6729161626294996564 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Wed, 14 Jul 2021 20:36:36 GMT x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id ygFzjZ-Pn9ILww_zcFZ6iteZmFElwOjge8zWjK0ywlgr8QCyvOvQ5Q==
GET H2	200	user Show response adpatrof.com/ Frame 2242	9 KB 9 KB	83ms 83ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/user?i=luc8kp3c2wcmn47n3xzj&a=57bc4dedf314665eb4f012448f0515687&cb=5452811626294996565 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash 0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08 Request headers :method GET :authority adpatrof.com :scheme https :path /user?i=luc8kp3c2wcmn47n3xzj&a=57bc4dedf314665eb4f012448f0515687&cb=5452811626294996565 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Wed, 14 Jul 2021 20:36:36 GMT x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id EM3Mn4iOrFTZwAZsqXfWASrf-fvesi1eQhYXixVmtIwiFY8SfUZZug==
GET H2	200	usersync Show response adpatrof.com/ Frame 87AE	2 KB 2 KB	83ms 83ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39435&cb=3524011626294996567 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash 0b1bee87d6dcefc534bd612d150fe9d9c2edcc8b93b93904ceba8f670286a8ca Request headers :method GET :authority adpatrof.com :scheme https :path /usersync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39435&cb=3524011626294996567 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 content-length 1663 date Wed, 14 Jul 2021 20:36:36 GMT x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id PeH-b9tNnA5NvAbojZTg_br8go8tQwIxlM2di9LpDq7eBjVI499N1Q==
GET H2	200	sync Show response adpatrof.com/ Frame 2545	9 KB 9 KB	97ms 97ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=aa1af7ce534252d7664743004bee3ec33&cb=8800571626294996569 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash 0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08 Request headers :method GET :authority adpatrof.com :scheme https :path /sync?i=luc8kp3c2wcmn47n3xzj&a=aa1af7ce534252d7664743004bee3ec33&cb=8800571626294996569 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Wed, 14 Jul 2021 20:36:36 GMT x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id 2GfiV_9b19r52UNYtxTWOse_rfnFJPy536xCb-u3UEpa7QxhO48hAA==
GET H2	200	send Show response adpatrof.com/ Frame C0FB	9 KB 9 KB	97ms 97ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/send?i=luc8kp3c2wcmn47n3xzj&a=49b153cef8ead8890d0c6e1e11c9cc871&cb=7504931626294996570 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash 0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08 Request headers :method GET :authority adpatrof.com :scheme https :path /send?i=luc8kp3c2wcmn47n3xzj&a=49b153cef8ead8890d0c6e1e11c9cc871&cb=7504931626294996570 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Wed, 14 Jul 2021 20:36:36 GMT x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id tPo1dIMREtE1y18pfisfkvzLs7t2QXomb-oZKW9ldEjoLk-GKz31pw==
GET H2	200	sync Show response adpatrof.com/ Frame DC2D	9 KB 9 KB	83ms 83ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=6395d78a5896547b07e53a1126b560013&cb=4233721626294996571 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash 0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08 Request headers :method GET :authority adpatrof.com :scheme https :path /sync?i=luc8kp3c2wcmn47n3xzj&a=6395d78a5896547b07e53a1126b560013&cb=4233721626294996571 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Wed, 14 Jul 2021 20:36:36 GMT x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id vDEqaXSgCk7j5hSBgG6szURP8eKqSSHlG-TE-NZGGgFkfRFx56YeRQ==
GET H2	200	stat Show response adpatrof.com/ Frame 271D	9 KB 9 KB	95ms 95ms	Document text/html	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=e3f04e69b934b789e64d7c2ee082f8483&cb=1024201626294996573 Requested by Host: adpatrof.com URL: https://adpatrof.com/t.js?i=luc8kp3c2wcmn47n3xzj&cb=8331391626294996406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash 0a113a6064dd1feeb264a8d907351f7da9b8f325cb5ae7b1d469355597be3b08 Request headers :method GET :authority adpatrof.com :scheme https :path /stat?i=luc8kp3c2wcmn47n3xzj&a=e3f04e69b934b789e64d7c2ee082f8483&cb=1024201626294996573 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dfiles.eu/ accept-encoding gzip, deflate, br accept-language en-US cookie SSID=a3c7d1bd45d7d850059017aba0bef8b2858d4882 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dfiles.eu/ Response headers content-type text/html; charset=UTF-8 date Wed, 14 Jul 2021 20:36:36 GMT x-cache Miss from cloudfront via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id euBFgP6GwwGQrxf0620094RI5NTmMok1qTP5HfqQI8ua3J1oj6X3TQ==
GET H2	200	k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2 fonts.gstatic.com/s/opensans/v10/ Frame 6C52	16 KB 16 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2 Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://adsbb.dfiles.eu Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 12 Jul 2021 21:27:21 GMT x-content-type-options nosniff age 169755 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16224 x-xss-protection 0 last-modified Thu, 21 Aug 2014 18:08:16 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Jul 2022 21:27:21 GMT
GET H2	200	i.js Show response cm.adskeeper.co.uk/ Frame 6C52	113 B 177 B	224ms 223ms	Script application/javascript	104.19.132.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.adskeeper.co.uk/i.js?&cbuster=1626294996616523348569 Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/d/f/dfiles.ru.828725.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e31f9e55b1ecf41c9cc728ac8373709d8edeaea29fd439d9bb92c127b0992c8 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status MISS x-mg-request-uuid b545d9f5-a7b7-4384-a68b-4ec6e6ffa80a expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/javascript cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 66ed8b50ea1c68f4-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 server cloudflare
GET H2	200	i-noref.js Show response cm.adskeeper.co.uk/ Frame 7222	19 B 128 B	209ms 208ms	Script application/javascript	104.19.132.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.adskeeper.co.uk/i-noref.js?cbuster=1626294996620345996054 Requested by Host: jsc.adskeeper.co.uk URL: https://jsc.adskeeper.co.uk/d/f/dfiles.ru.828725.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status MISS x-mg-request-uuid 9541b588-8fc8-4c16-ba25-27b221650c6a expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type application/javascript cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 66ed8b50ea1e68f4-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp s-img.adskeeper.co.uk/g/8164912/328x328/181x0x744x744/ Frame 6C52	9 KB 10 KB	61ms 59ms	Image image/webp	104.19.132.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.adskeeper.co.uk/g/8164912/328x328/181x0x744x744/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1626294996-lVeFxPE5IHA8RQZPPJCxDjNFJjPw1IUhwYhNJJjjbrY Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d59d021664d5ed1b12affa7a3b96d567b4a42c8f325e9233fdb5d26d1298a67 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT cf-cache-status HIT last-modified Mon, 08 Feb 2021 10:20:19 GMT x-mg-request-uuid 9b7c2f98-4fc4-4d2c-af6a-78c35d080306 age 7141244 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 66ed8b50ea2368f4-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 9718 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMTQvMTAxOTI0LzcwYzliNzA5ODI5ZWMxMmYwZDNmYzY2NzRlMWU3ZTE4LmpwZz90PTE0ODk1Mjc0NDIwOTk.webp s-img.adskeeper.co.uk/g/8193527/328x328/82x0x328x328/ Frame 6C52	7 KB 8 KB	51ms 49ms	Image image/webp	104.19.132.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.adskeeper.co.uk/g/8193527/328x328/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMTQvMTAxOTI0LzcwYzliNzA5ODI5ZWMxMmYwZDNmYzY2NzRlMWU3ZTE4LmpwZz90PTE0ODk1Mjc0NDIwOTk.webp?v=1626294996-khncU_CCUEj8ZK6LCg5CQ77_sjBnHNp835qLQmSDMwc Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e05fffd893386d92a29d024f6f944b8294c3d5f648534b669e61ff6e0dc6380 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT cf-cache-status HIT last-modified Wed, 10 Feb 2021 07:16:44 GMT x-mg-request-uuid ea6e6df8-b3b7-4ddd-8cdf-a88571a748f1 age 7140264 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 66ed8b50fa2668f4-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 7572 server cloudflare
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp s-img.adskeeper.co.uk/g/8193537/328x328/0x90x510x510/ Frame 6C52	33 KB 33 KB	47ms 46ms	Image image/webp	104.19.132.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.adskeeper.co.uk/g/8193537/328x328/0x90x510x510/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp?v=1626294996-HdBu3ToEikSYXm_PUf06XiPX0BE6uVyoe21HkBCD7JE Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2df8e6695572ee4b38a0f5e2e4b6d2cd02fa29a0aebdeb6faf8cf252bd094e15 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT cf-cache-status HIT last-modified Wed, 10 Feb 2021 07:16:06 GMT x-mg-request-uuid ea42a7f1-5ad0-42e5-8dbf-3535ca658ad0 age 7140484 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 66ed8b50ea1f68f4-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 33802 server cloudflare
GET H2	200	int_exchange_wages_ad.svg cdn.adskeeper.co.uk/images/adskeeper/ Frame 6C52	1 KB 775 B	60ms 57ms	Image image/svg+xml	104.19.132.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adskeeper.co.uk/images/adskeeper/int_exchange_wages_ad.svg Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 096a4bb9d7f8588a8520d57f103bdf0dae273af88fc0265371124c048bff7b05 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT age 5765 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-amz-request-id DXBBERYX6ZZN006T x-amz-id-2 szIviYYhk/CBrDIabAediiv+PRUAK8AhiMVgUMOccoPTGQ5Cbvm1UwD1B0EpiOSRAW+Xr2BJ/gc= last-modified Mon, 04 May 2020 12:16:42 GMT server cloudflare etag W/"37346cd2daeeec771e8ffe3a34ef43ea" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 66ed8b50fa2768f4-CDG expires Thu, 15 Jul 2021 00:36:36 GMT
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 5173	302 KB 88 KB	55ms 27ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/async_usersync?i=luc8kp3c2wcmn47n3xzj&a=785004b5f802e037d6f7b54b2cdb12613&cb=1825051626294996552 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1402 x-amz-request-id 8X8Z2AAXWD3RZ6XD x-amz-id-2 bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Z%2F0iz8O2sx8C85eniUlpCcVK2kIwItRhXw08JK5t1ZZMV28Q5DxWt9nI%2FUCkHXe0R0kBXQnnwTBrth%2FI5ljCvTwcFo3IuurjHJK6IZ6NqeHGEO5A%2FBbvG1RK0Djdzp3qlAoPfj7%2B"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cf-ray 66ed8b5118662bdd-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 86A9	302 KB 88 KB	57ms 34ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/send?i=luc8kp3c2wcmn47n3xzj&a=a9c7a529e5b650b5788136bfa844a5287&cb=3767691626294996554 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1402 x-amz-request-id 8X8Z2AAXWD3RZ6XD x-amz-id-2 bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=khP00P8fj0uNavB3i%2B0GkHKDjtl2O4ndlt%2BVMD4N5gmUmf5ajcWbpOlkDGEd7gauCXfRg5XFN5iI%2B39kB%2FgYL4m8qE9oa90TvTejUfXF62Vuvy8XUVlbSb8WNxWFGzwIugl%2BydiN"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cf-ray 66ed8b5118692bdd-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 8612	302 KB 88 KB	54ms 39ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=3529dc43310647a6be1f44cbc6bfadeb8&cb=7902591626294996549 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1402 x-amz-request-id 8X8Z2AAXWD3RZ6XD x-amz-id-2 bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8mvOU45kK0lV6B%2BET0dmwwfE0dHziA%2FKeb277dPNb3DiTc8ZwcB5n2Igg9RCaK%2BTICfRUc2ZWzyMluvgFcogIQ0cjEuL%2BVD6WyyPLwIBT9oYLYBz9sZw4UqelzUnLhHBh6J5WXRB"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cf-ray 66ed8b51186c2bdd-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 14C6	302 KB 88 KB	41ms 34ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=beed3467d583ef6b23a17b2869140b137&cb=8402501626294996560 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1402 x-amz-request-id 8X8Z2AAXWD3RZ6XD x-amz-id-2 bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hdueCn%2FZaeA7581vx6LpchMI1bI2iEld1u0StQB8XC%2Bd9pbSfL8a6LaGHF8lPgD6zH8FjkRlaj89b7dkZRMO%2FhYnUH9zkfovhI7Q5KlbFxjjGQRNyClUwbB4sVLFt5JUmLilZrQN"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cf-ray 66ed8b51186a2bdd-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame AE1F	302 KB 88 KB	29ms 29ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/user?i=luc8kp3c2wcmn47n3xzj&a=300d3726af8e3134777cec4649cae0143&cb=3599471626294996563 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1402 x-amz-request-id 8X8Z2AAXWD3RZ6XD x-amz-id-2 bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xSqSHRHBJIh%2FOIcgh0GU%2FyRjtHMhuotrE2PxJXFKXSy3iyQIOBjyDc9XN3kHOWTnPOL6D8LVOClFOMXbrOXe1NfykMb2HpjOmOTXM2%2B9SvdlTTi8ZnY38%2BR0OpR2A6KVHT2RkEc4"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cf-ray 66ed8b5128852bdd-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame DE3B	302 KB 88 KB	35ms 34ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/async_usersync?i=luc8kp3c2wcmn47n3xzj&a=a0263fa3a4f61542225ac0b6b8c02d8d1&cb=0502501626294996556 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1402 x-amz-request-id 8X8Z2AAXWD3RZ6XD x-amz-id-2 bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FuoqET7jlTI3ZCMGVTHGLi20yIaod9l4nVq6kY9jNUf2aWVyOcRnvLsTM2j61NKXXvj2i20l%2BeXYQ98qZlBYLE684dxtFZiZwUKbosKpcZaQ5kts3obyDkpnK3Vsz%2FRCyl9wGkn2"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cf-ray 66ed8b5138902bdd-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 2242	302 KB 88 KB	33ms 33ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/user?i=luc8kp3c2wcmn47n3xzj&a=57bc4dedf314665eb4f012448f0515687&cb=5452811626294996565 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1402 x-amz-request-id 8X8Z2AAXWD3RZ6XD x-amz-id-2 bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fKKid3lC%2B09C4sYVjqJUm98ryeCyZze6fT2uwGJD5%2FiAGY94n7gKEjYhy2BmU%2FlYC1PKKAY7wlEldPXws621M%2BRR49PfKUdQ59TkwIII95YYKYGGp7ZQ3V01XbKapvXgYqPmcR4F"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cf-ray 66ed8b5138a12bdd-FRA
GET H2	200	pxl.jpg adpatrof.com/ Frame DB84	597 B 832 B	53ms 52ms	Image image/jpeg	143.204.98.21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adpatrof.com/pxl.jpg?i=luc8kp3c2wcmn47n3xzj&s=782&p=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fxsvb507vm&rstk=https%3A%2F%2Fdfiles.eu%2Ffiles%2Fxsvb507vm%24https%3A%2F%2Fadsbb.dfiles.eu%2Fupload%2F2006%2Fad274029466c5257.htm%3Fcanp%3Dadv_73b411c406ca38ecadcf742fe6ade752&h=8525641626294996686 Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2006/ad274029466c5257.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-21.fra50.r.cloudfront.net Software / Resource Hash af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 content-length 597 x-amz-cf-id gegDnh-lkKDpSKg7cVSxq9XitGU7XuTrMmfQB3UL7PlP7pvNvd8Nzw== x-cache Miss from cloudfront content-type image/jpeg; charset=UTF-8
GET H2	200	/ Show response ads.projectagoraservices.com/ Frame 87AE	14 KB 4 KB	105ms 70ms	Script application/javascript	2a02:26f0:6c00::210:ba2a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.projectagoraservices.com/?id=10823&uref=https%3A%2F%2Fdfiles.eu%2F Requested by Host: adpatrof.com URL: https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39435&cb=3524011626294996567 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash b8254e1f77a5850e147ce538643c8460a950a677ba2e2973f6562a22cd022050 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 14 Jul 2021 20:36:36 GMT content-encoding gzip vary Accept-Encoding content-type application/javascript cache-control private, no-cache, no-store, must-revalidate content-length 3694 expires Wed, 14 Jul 2021 20:36:36 GMT
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame DC2D	302 KB 88 KB	24ms 24ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=6395d78a5896547b07e53a1126b560013&cb=4233721626294996571 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1402 x-amz-request-id 8X8Z2AAXWD3RZ6XD x-amz-id-2 bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QhB%2ByOzj9gGec98srlhbwAGnR3M7hNo1NH%2Fven%2BX%2FbPuBDvD%2FAbg2oMT2VFpOOXbHxkelz8ts3JhIzCsX7xANpMCMMCmNaok%2Bqu1B7ueSaFnlxpxsTbpGIRBij%2Bc6wTDEFDEWo6H"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cf-ray 66ed8b5158db2bdd-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 6D96	302 KB 88 KB	37ms 30ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=8419aa6ca0e8c1ada0519243360c8c451&cb=6729161626294996564 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1402 x-amz-request-id 8X8Z2AAXWD3RZ6XD x-amz-id-2 bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fqAWyQHYyITCin0pzk52IZoFOGqBG9gs4Duyv8dBtfDsT5U2AUmN8JM1iajEzV996Lv%2BrrxjlwHgONuY0cOw9N52x8xlzzD44DRvmivzmvELM%2F9539Bfc%2FSvTQv%2BdTzHQt42wG8i"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cf-ray 66ed8b51791b2bdd-FRA
GET H2	200	async.js Show response cdn.adtrue.com/rtb/ Frame D617	7 KB 3 KB	46ms 14ms	Script application/x-javascript	2606:4700:10::ac43:607 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/rtb/async.js Requested by Host: adpatrof.com URL: https://adpatrof.com/syncro?i=luc8kp3c2wcmn47n3xzj&a=9504a780d2baa291f1a508d5a482466a3&cb=1332551626294996562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 16 Nov 2020 01:20:45 GMT server cloudflare age 9848110 etag W/"5fb1d3ed-1c9f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=31104000 cf-ray 66ed8b51acdb4e1a-FRA expires Thu, 17 Mar 2022 21:01:26 GMT
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 2545	302 KB 88 KB	30ms 28ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/sync?i=luc8kp3c2wcmn47n3xzj&a=aa1af7ce534252d7664743004bee3ec33&cb=8800571626294996569 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1402 x-amz-request-id 8X8Z2AAXWD3RZ6XD x-amz-id-2 bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9%2Bua2FY0nHFyZGaVQLMRsgOTmHAhM7sB66DPAKi%2BVRECg%2FPE9%2FYWvjOxCMJO4acnD%2FWVpTnM7vyZcN9uP5lUt59aQHKubt8uDtRbh6XGrLzJEVlel6xBuZmsgl5oOLdfHwNxt3F7"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cf-ray 66ed8b5189452bdd-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame C0FB	302 KB 88 KB	29ms 28ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/send?i=luc8kp3c2wcmn47n3xzj&a=49b153cef8ead8890d0c6e1e11c9cc871&cb=7504931626294996570 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1402 x-amz-request-id 8X8Z2AAXWD3RZ6XD x-amz-id-2 bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5V0mVHWY5OhTcNKvMp%2FSlDGfcdxqncONgp1ugHSlcIrvBBlDMRu2cOttVtBpe3yVEffo7qzUUqmo7qyrVjAB0YgLJ6EJTX32uVpTNc0A%2FlYPvXSBcX5P4w3UdIrECxfldDPPc3SH"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cf-ray 66ed8b51894f2bdd-FRA
GET H2	200	prebid_v4_21.js Show response hb.adpone.com/ Frame 271D	302 KB 88 KB	27ms 27ms	Script application/javascript	2606:4700:20::681a:a19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hb.adpone.com/prebid_v4_21.js Requested by Host: adpatrof.com URL: https://adpatrof.com/stat?i=luc8kp3c2wcmn47n3xzj&a=e3f04e69b934b789e64d7c2ee082f8483&cb=1024201626294996573 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1402 x-amz-request-id 8X8Z2AAXWD3RZ6XD x-amz-id-2 bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw= last-modified Mon, 08 Feb 2021 16:04:15 GMT server cloudflare etag W/"7c64ec269c372f63980a99b0d62ff80e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OkemeXIp2PEBIjwotXx5%2BfWJMLs%2Bx61bL9C234cq3fgQJvYYQLLJpWzLLvEFtPOHFODe%2Fz6n9W6QBwjPqIQFHyZq2wqbX24ybBetRWokYP7erQHOwXTV%2FJWWxZEG6Kk6eus%2BMaSm"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 x-amz-version-id 4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX cf-ray 66ed8b5189532bdd-FRA
HEAD H2	200	adsbygoogle.js pagead2.googlesyndication.com/pagead/js/	0 0	21ms 21ms	Fetch text/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true Requested by Host: cdn.unblockia.com URL: https://cdn.unblockia.com/h.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Wed, 14 Jul 2021 20:36:36 GMT content-encoding gzip x-content-type-options nosniff server cafe etag 17065370731229648185 vary Accept-Encoding, Origin p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private, max-age=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Wed, 14 Jul 2021 20:36:36 GMT
GET H2	200	prebid.3-25.js Show response projectagora.net/libs/prebidv3/ Frame 87AE	360 KB 103 KB	54ms 28ms	Script application/javascript	2606:4700:3032::ac43:9028 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://projectagora.net/libs/prebidv3/prebid.3-25.js Requested by Host: ads.projectagoraservices.com URL: https://ads.projectagoraservices.com/?id=10823&uref=https%3A%2F%2Fdfiles.eu%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:9028 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03736b108efeca49e24b0f35ff8b9ac3fb4468b6c64de144b1b441cba12f46e2 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1401 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-amz-request-id 7STB6VJT6WDA3MWJ x-amz-id-2 /ys6rJm0v963RwJLIz1Vw+5I2kXtWUdGVY1NXs1SPMPvxGECyDtJJ9CarnGLKSFrT9GII9o7it0= last-modified Wed, 05 May 2021 10:36:16 GMT server cloudflare etag W/"fa7fdd65f39d0e16a18830e016d93050" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Oe3Wh0Wv%2F4Nstm2pWzg1dJy9ZTa9YP1VXlxv5TXOlLFoXUxSLGnH0qAeIOGudtjF1JHQwjI5y7JcPs39A7qeFD5PHS6wE7o%2BJMIodN6S%2BlqssM0gm5GjvEb5UVwvbyxRg722JhppThlgpg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 66ed8b52986d062d-FRA
GET H2	200	impress Show response exchange.adtrue.com/delivery/ Frame 1677	3 KB 3 KB	547ms 177ms	Script application/javascript	52.34.145.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://exchange.adtrue.com/delivery/impress?pzoneid=19139&ref=https%3A%2F%2Fdfiles.eu%2F&cb=3832237961&timeZone=2&adWidth=728&adHeight=90&loc=https://dfiles.eu/ Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 1a38e98e4bc21cbd747256e06f501a1049d69c481d5a1f852b49111e0801ec37 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:37 GMT server nginx x-adtrue-instance java1 content-length 3329 content-type application/javascript
GET H2	200	/ cm.steepto.com/setmuidn/ Frame 6C52	0 173 B	187ms 144ms	Image image/gif	104.19.136.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.steepto.com/setmuidn/?muidf=l6eAE0rxoFAd Requested by Host: adsbb.dfiles.eu URL: https://adsbb.dfiles.eu/upload/2005/ad27352941d759d0.htm?canp=adv_73b411c406ca38ecadcf742fe6ade752 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:37 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 66ed8b530b2d047a-CDG content-length 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/gif
GET H2	200	arj Show response projectagora-d.openx.net/w/1.0/ Frame 87AE	172 B 556 B	79ms 32ms	XHR application/json	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://projectagora-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fdfiles.eu%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=undefined&be=1&bc=hb_pb_3.0.2&dddid=c3d2c12a-2edd-4990-b764-9485b6a073d6&nocache=1626294996961&gdpr=0&x_gdpr_f=1&schain=1.0%2C0!projectagora.com%2C100489%2C1%2C%2C%2C&aus=728x90&divIds=19604584_dfiles.eu_ros_728x90&auid=541155472 Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software OXGW/16.210.0 / Resource Hash 80a1d2683c73886f8107e336027e32dc20f0caa031c85c26cc9353198d46a5ec Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 14 Jul 2021 20:36:37 GMT content-encoding gzip server OXGW/16.210.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://adpatrof.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 163 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/ Frame 87AE	0 320 B	102ms 34ms	XHR application/json	185.86.138.121 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 14 Jul 2021 20:36:36 GMT p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://adpatrof.com cache-control no-cache,no-store access-control-allow-credentials true content-type application/json; charset=UTF-8 content-length 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 87AE	19 B 694 B	131ms 73ms	XHR application/json	185.33.221.11 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 14 Jul 2021 20:36:37 GMT X-Proxy-Origin 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 13976ac0-0f86-4b2b-af99-887f6b1f0856 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://adpatrof.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	translator Show response hbopenbid.pubmatic.com/ Frame 87AE	0 113 B	121ms 54ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: projectagora.net URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://adpatrof.com date Wed, 14 Jul 2021 20:36:37 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
GET H2	200	pa_backupads_lib.js Show response projectagoralibs.com/libs/ Frame D93A	4 KB 2 KB	48ms 22ms	Script application/javascript	2606:4700:3032::6815:356b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://projectagoralibs.com/libs/pa_backupads_lib.js Requested by Host: ads.projectagoraservices.com URL: https://ads.projectagoraservices.com/?id=10823&uref=https%3A%2F%2Fdfiles.eu%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:356b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32da83762f5b3767f23a6760d121590fc7eb9f3ec8027ea7dd00d21d2f1fe7b0 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:37 GMT content-encoding gzip cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1411 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-amz-request-id E85D4AR405YRYNHW x-amz-id-2 XHxZwyqhQPYPTHQYS8FhgHhRbcasTknsFRBhZEodwoErOtzaHM4gOTnJ4hh9Chv+q6QyX2gt6ns= last-modified Tue, 27 Oct 2020 14:01:47 GMT server cloudflare etag W/"388809d00c3186d72408292dde1dfc83" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AbDkuYxBejk2ltvVJGhXlNIHS7yjSnuHGvbNwA46iFZ7WePSGR9gHDzQFIZ%2BeSzgawy9yf3ngMs3ZUrSD6a%2BQOQ2L%2B2QHwZe43%2F87i%2B0oEdXc2ETBEtlM277EBK7p6xUOknEl%2FP5pBipPJeirZ0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 66ed8b54087905f5-FRA
GET H/1.1	204 No Content	/ projectagora-483829-hdb.adomik.com/ Frame 87AE	0 103 B	206ms 47ms	Image text/plain	34.240.196.205 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiMzhhYmU4MGQtYzc0Yi00OGQ4LWFmYjAtNjZjMGU1MzdlMDFkIiwiaG9zdG5hbWUiOiJhZHBhdHJvZi5jb20iLCJldmVudHNCeVBsYWNlbWVudENvZGUiOlt7InNpemVzIjpbXSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbeyJiaWRkZXIiOiJPUEVOWCJ9LHsiYmlkZGVyIjoiT1BFTlgifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9XSwicmVzcG9uc2VzIjpbXSwid2lubmVycyI6W119fV19&id=38abe80d-c74b-48d8-afb0-66c0e537e01d&part=0&on=0 Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.240.196.205 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Connection keep-alive Date Wed, 14 Jul 2021 20:36:37 GMT Server nginx
GET H2	200	loader.js Show response cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/ Frame D93A	73 KB 20 KB	86ms 28ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js Requested by Host: adpatrof.com URL: https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39435&cb=3524011626294996567 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 95d737e3524deae8daee1c99b7522a800c7d35eafffbca91e2d220da7f304c30 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id VMF7YeODyRjpuM6txqBAG5862bLBYMk3 content-encoding gzip etag "74afdad6b0b8a0d9ddb74a2d7e9de645" age 176 x-cache HIT content-length 19643 x-amz-id-2 gwyrv32WVj228P3QakD9/mdoQMMJsoxVqVTOEd9nD3dOyhS44WWS883P6t7Zyyo0iRE8ettZxRw= x-served-by cache-fra19163-FRA last-modified Wed, 14 Jul 2021 10:11:00 GMT server AmazonS3 x-timer S1626294997.218575,VS0,VE1 date Wed, 14 Jul 2021 20:36:37 GMT vary Accept-Encoding x-amz-request-id KV5H99Z59KRKWA4R via 1.1 varnish cache-control private,max-age=14401 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 50 x-cache-hits 1
GET H2	200	impl.20210714-8-RELEASE.js Show response cdn.taboola.com/libtrc/ Frame D93A	530 KB 118 KB	29ms 28ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20210714-8-RELEASE.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3-br / Resource Hash 5559e0bc6f82e615d9a4a6c8748180334eb8efa2171a6e8d7d00d027117e491f Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 6Bo7EsH3yVc0J8Bprhc1ZQ5h3._l4HpJ content-encoding br etag "ffe57679a275479151e02bce56a16b0c" age 9822 x-cache HIT content-length 120412 x-amz-id-2 Ehp1Sg5oAIfBslQg1ZygJg64IBDkm6L1DGR6TRnhFRw3JtVBlPiW+HSx/dYxHqUv2J73JsG/szM= x-served-by cache-fra19163-FRA last-modified Wed, 14 Jul 2021 09:52:28 GMT server AmazonS3-br x-timer S1626294997.273410,VS0,VE0 date Wed, 14 Jul 2021 20:36:37 GMT vary Accept-Encoding x-amz-request-id EFNV9XG9MFAMR748 via 1.1 varnish cache-control private,max-age=31536000 accept-ranges bytes content-type application/javascript abp 25 x-cache-hits 44304
GET H2	200	prebid.js Show response cdn.adtrue.com/pb/ Frame 1677	257 KB 82 KB	21ms 21ms	Script application/x-javascript	2606:4700:10::ac43:607 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/pb/prebid.js Requested by Host: exchange.adtrue.com URL: https://exchange.adtrue.com/delivery/impress?pzoneid=19139&ref=https%3A%2F%2Fdfiles.eu%2F&cb=3832237961&timeZone=2&adWidth=728&adHeight=90&loc=https://dfiles.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:37 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 21 Aug 2020 05:31:13 GMT server cloudflare age 9848101 etag W/"5f3f5c21-405dd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=31104000 cf-ray 66ed8b55eedc4e1a-FRA expires Thu, 17 Mar 2022 21:01:36 GMT
GET H2	200	ga.js Show response cdn-adtrue.com/track/ Frame 1677	751 B 989 B	48ms 20ms	Script application/x-javascript	2606:4700:3038::6815:ead7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-adtrue.com/track/ga.js Requested by Host: exchange.adtrue.com URL: https://exchange.adtrue.com/delivery/impress?pzoneid=19139&ref=https%3A%2F%2Fdfiles.eu%2F&cb=3832237961&timeZone=2&adWidth=728&adHeight=90&loc=https://dfiles.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:37 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 9045806 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Thu, 01 Apr 2021 03:35:26 GMT server cloudflare etag W/"60653f7e-2ef" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYrHRRTeqLIuEfMMMOPjXV9nfCX0KLycdggrBWX%2FYd6DcoPDQa23pbhJbHId7%2FXLUnwXTD00Q%2BKzpBxcmH8PWpQHKzoGvIEeGuOjvS9BUs%2FhqELoz85V5qBVObTPV0j07nOKDApQ415Ip7r4Aw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=31104000 cf-ray 66ed8b561a3c2488-FRA expires Sun, 27 Mar 2022 03:53:11 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 1677	19 B 694 B	51ms 50ms	XHR application/json	185.33.221.11 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 14 Jul 2021 20:36:37 GMT X-Proxy-Origin 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid c52360e3-2ff2-46b5-b02f-20b0d13bca1e Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://adpatrof.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	passback.js Show response cdn.adtrue.com/rtb/ Frame 4E38	753 B 552 B	15ms 15ms	Script application/x-javascript	2606:4700:10::ac43:607 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adtrue.com/rtb/passback.js Requested by Host: dfiles.eu URL: https://dfiles.eu/files/xsvb507vm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:607 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:37 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 28 Oct 2020 03:26:52 GMT server cloudflare age 9847779 etag W/"5f98e4fc-2f1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=31104000 cf-ray 66ed8b5699224e1a-FRA expires Thu, 17 Mar 2022 21:06:57 GMT
GET H2	200	passback Show response exchange.adtrue.com/tag/ Frame 4E38	251 B 442 B	177ms 177ms	Script application/javascript	52.34.145.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=19139&divid=2009664857&ref=undefined Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/rtb/passback.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 81c6252fcdefa91de8fe4774beb814434f984e06563ffe512fc9ee24b75c4afc Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:37 GMT server nginx content-length 251 content-type application/javascript
GET H3-29	200	world-health-day.gif cdn-adtrue.com/statics/images/psa/ Frame 4E38	26 KB 27 KB	43ms 32ms	Image image/gif	2606:4700:3038::6815:ead7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-adtrue.com/statics/images/psa/world-health-day.gif Requested by Host: adpatrof.com URL: https://adpatrof.com/syncro?i=luc8kp3c2wcmn47n3xzj&a=9504a780d2baa291f1a508d5a482466a3&cb=1332551626294996562 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53bfa8917121f9afec4c3c0a3ff270c81a8d90116c720adc7dcbfc9c7fc497ae Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:37 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 8353982 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 26616 last-modified Thu, 25 Jun 2020 02:50:22 GMT server cloudflare etag "5ef410ee-67f8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G93aKS173Aumlg1RwpWV%2Flxl3V8Mw1oj5%2BgHY9u%2FuX%2Fu8SMAm5Ou%2F0Mtx68wl2vAmWPmcyMiCBi64PI3L0UohYQKMXFIuDlX%2BrGscmjO9Bi3VvNVjHNeMj5kJYzw1A21SC5weAxVRbA%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=31104000 accept-ranges bytes cf-ray 66ed8b57e8bc05f9-FRA expires Mon, 04 Apr 2022 04:03:35 GMT
GET H3-29	200	c c.adskeeper.co.uk/ Frame 6C52	43 B 470 B	112ms 85ms	Image image/gif	104.19.132.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.adskeeper.co.uk/c?f=1&pv=3&v=240|240|12|L2vBHFfMU2KNiqLT8YHrVf1jrocPal-JKOnpbhzqlbWLz4ebaibjimnq4c5otR-P&fw=1&extjs=66044&v=240|240|12|L2vBHFfMU2KNiqLT8YHrVYuFJSbECavt7KJothq1mgqwKd30XWlSgMSl1RQdirXb&v=240|240|12|L2vBHFfMU2KNiqLT8YHrVUgvkr7KUFjmTgE9tKV5B26RNjOtxCU0A_GwdpdexWRn&cid=828725&h2=osGc9IG8QbaWdv591HpRpckl6xss-HxUrE_Mk3Bewx0*&rid=2f328af9-e4e3-11eb-8c9e-2cea7f875b01&tt=Direct&iv=11&pageImp=1&pvid=17aa6bc4dddb5af6464&cbuster=1626294997795930157567&tpl=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.19.132.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://adsbb.dfiles.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 14 Jul 2021 20:36:37 GMT cf-cache-status DYNAMIC x-mg-request-uuid d3aec3a5-2d64-4f86-aafb-01e85a8480ee expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 66ed8b586a0ccd97-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 server cloudflare
GET H2	200	json Show response trc.taboola.com/dfiles728x90gr-r19604584/trc/3/ Frame D93A	10 KB 4 KB	107ms 106ms	XHR application/javascript	2a04:4e42:62::300 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/dfiles728x90gr-r19604584/trc/3/json?tim=22%3A36%3A37.859&lti=deflated&data=%7B%22id%22%3A182%2C%22ii%22%3A%22%2Fusersync%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1626257452792%2C%22vi%22%3A1626294997857%2C%22cv%22%3A%2220210714-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fadpatrof.com%2Fusersync%3Fi%3Dluc8kp3c2wcmn47n3xzj%26a%3D715abbf33c9d0e6ddb68a766cd2d39435%26cb%3D3524011626294996567%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22qs%22%3A%22%3Fi%3Dluc8kp3c2wcmn47n3xzj%26a%3D715abbf33c9d0e6ddb68a766cd2d39435%26cb%3D3524011626294996567%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2219604584%22%2C%22orig_uip%22%3A%2219604584%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20210714-8-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:62::300 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash c8125100ff009fcaeab1e6e8e6887a9e27460d729a196c1ad257672fde4a98c9 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers x-vcl-time-ms 100 date Wed, 14 Jul 2021 20:36:37 GMT content-encoding gzip server nginx x-timer S1626294998.862576,VS0,VE100 x-served-by cache-hhn11541-HHN vary Accept-Encoding x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://adpatrof.com access-control-allow-credentials true accept-ranges bytes content-type application/javascript; charset=utf-8 via 1.1 varnish x-cache-hits 0
GET H2	200	cta-branding.js Show response cdn.taboola.com/demand-formats/cta-branding/ Frame D93A	19 KB 6 KB	34ms 34ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20210714-8-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O content-encoding gzip etag "7a6ef5412d45e94af6813e18c060355d" age 23627 x-cache HIT x-amz-replication-status PENDING content-length 5990 x-amz-id-2 5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY= x-served-by cache-fra19163-FRA last-modified Tue, 06 Jul 2021 14:02:32 GMT server AmazonS3 x-timer S1626294998.983554,VS0,VE0 date Wed, 14 Jul 2021 20:36:37 GMT vary Accept-Encoding x-amz-request-id KQE2YD0951MP799B via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/javascript abp 25 x-cache-hits 189642
GET H2	200	cta-branding.css cdn.taboola.com/demand-formats/cta-branding/ Frame D93A	2 KB 1 KB	35ms 34ms	Stylesheet text/css	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20210714-8-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j content-encoding gzip etag "10c372ee2c83a7fd12df18aebc5320c6" age 15690 x-cache HIT x-amz-replication-status COMPLETED content-length 719 x-amz-id-2 A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w= x-served-by cache-fra19163-FRA last-modified Tue, 06 Apr 2021 14:48:01 GMT server AmazonS3 x-timer S1626294998.983627,VS0,VE0 date Wed, 14 Jul 2021 20:36:37 GMT vary Accept-Encoding x-amz-request-id H26RXF80K5Y33KYT via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type text/css abp 25 x-cache-hits 86485
GET H2	200	tfa-eid.20210714-8-RELEASE.es6.js Show response cdn.taboola.com/libtrc/ Frame D93A	14 KB 5 KB	33ms 33ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/tfa-eid.20210714-8-RELEASE.es6.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash c24172fd83f97bdcb04bef88f70959847372d1617e82ea83cea56d5e318d29df Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id mbqMpZiH6EdqdCAOawN0LGhQta5wnQJl content-encoding gzip etag "51460b147c4c20b72e93acc969c35228" age 58 x-cache HIT x-amz-replication-status PENDING content-length 5063 x-amz-id-2 7F/5hvx1azaCUgtuxEW3KfqkatxcpM6dt7LMYLtACRKjxd4G9VBxYcDHrED+NZTcQTuPubOT1uA= x-served-by cache-fra19163-FRA last-modified Wed, 14 Jul 2021 10:03:22 GMT server AmazonS3 x-timer S1626294998.985283,VS0,VE0 date Wed, 14 Jul 2021 20:36:37 GMT vary Accept-Encoding x-amz-request-id DR27YN2VWP93CYM8 via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 25 x-cache-hits 246
GET H2	200	sha256.20210714-8-RELEASE.es6.js Show response cdn.taboola.com/libtrc/ Frame D93A	6 KB 3 KB	34ms 33ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/sha256.20210714-8-RELEASE.es6.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 4dde8fd3990f5ee9f283bda8a5077928962a23dfb6864f489f00362a37efce60 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 83KkjxgCbKXpwPDXglxhI.MLHyTgJZx7 content-encoding gzip etag "c4e59fd50253260e352ecf40ce42da79" age 49 x-cache HIT x-amz-replication-status PENDING content-length 2590 x-amz-id-2 5J2+cT1IfOhkZJ99HQN1AEEmyn4cdhVM8wB3W3/tmWEYQ6O4eGPQdwqrIoCju2Jq+3rNOYnlhI4= x-served-by cache-fra19163-FRA last-modified Wed, 14 Jul 2021 10:03:35 GMT server AmazonS3 x-timer S1626294998.985346,VS0,VE0 date Wed, 14 Jul 2021 20:36:37 GMT vary Accept-Encoding x-amz-request-id AGVVC5DZ1FMZP8HT via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 25 x-cache-hits 200
GET H2	200	userx.20210714-8-RELEASE.es6.js Show response cdn.taboola.com/libtrc/ Frame D93A	23 KB 8 KB	28ms 28ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/userx.20210714-8-RELEASE.es6.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/dfiles728x90gr-r19604584/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 98264d6df6bab6c258416c1b6c1205e0858f90375bd1df880534216bacedf1f6 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id RqIVaDejTqzOoLIFeVctE2BzlxymHQrB content-encoding gzip etag "72754e294cbf10a0389ae760d5c2747d" age 63 x-cache HIT x-amz-replication-status PENDING content-length 7954 x-amz-id-2 i6dow6XBPZvuPC/mtXAM2iUfYkcpAChIVH6hh4oYmfqpYgxJLi1Q5+n46Hitpb/yf6mt4EUEtqDHgzhoTbpOWg== x-served-by cache-fra19163-FRA last-modified Wed, 14 Jul 2021 10:03:17 GMT server AmazonS3 x-timer S1626294998.999005,VS0,VE0 date Wed, 14 Jul 2021 20:36:37 GMT vary Accept-Encoding x-amz-request-id TER46GJCZE24N7BF via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 25 x-cache-hits 35
GET H2	200	fa994c0cfd1794dff5e0e03814adb5a8.png images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D93A	2 KB 3 KB	31ms 28ms	Image image/webp	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa994c0cfd1794dff5e0e03814adb5a8.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 59e600ef4a0d1713e80ebdb5c6cc0eab8034d0bd41b7b877488e7c4fd3c28818 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 0 date Wed, 14 Jul 2021 20:36:38 GMT via 1.1 varnish, 1.1 varnish age 2977499 edge-cache-tag 493534354062144842559118297370977842116,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70 x-ratelimit-remaining 100 x-envoy-upstream-service-time 15 expiration expiry-date="Sun, 20 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days" x-cache HIT, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa994c0cfd1794dff5e0e03814adb5a8.png content-length 2012 x-backend-name US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102 last-modified Thu, 20 May 2021 09:19:37 GMT server nginx x-timer S1626294998.021937,VS0,VE0 etag "73722dd3ee913e8845c17cecf0d93cb5" x-served-by cache-wdc5547-WDC, cache-dca17757-DCA, cache-fra19163-FRA vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 1, 1, 2
GET H2	200	a58c673d545e0b6642e244477e4216be.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D93A	4 KB 5 KB	31ms 29ms	Image image/webp	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a58c673d545e0b6642e244477e4216be.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 77e87482a0ae5250d42f38fab6e4b760fa03b889f89a05df8c8552b710801852 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 1 date Wed, 14 Jul 2021 20:36:38 GMT via 1.1 varnish, 1.1 varnish age 3075480 edge-cache-tag 512604651956073928652368717513344611718,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70 x-ratelimit-remaining 100 x-envoy-upstream-service-time 30 expiration expiry-date="Thu, 01 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days" x-cache HIT, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a58c673d545e0b6642e244477e4216be.jpg content-length 4048 x-backend-name CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801 last-modified Mon, 31 May 2021 14:07:19 GMT server nginx x-timer S1626294998.021984,VS0,VE1 etag "f57751abedc172912a9f8dcdc66c42dd" x-served-by cache-wdc5562-WDC, cache-dca17776-DCA, cache-fra19163-FRA vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 1, 1, 1
GET H2	200	1211237226__F23rpjWk.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame D93A	3 KB 4 KB	31ms 29ms	Image image/webp	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1211237226__F23rpjWk.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash de371e78bf8a9422c05b665f8b8109490c1ee316c0bb133e5ae6420117b9c3c6 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 1 date Wed, 14 Jul 2021 20:36:38 GMT via 1.1 varnish, 1.1 varnish age 3364773 edge-cache-tag 560333759055207090685620605423318594666,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-ratelimit-remaining 100 x-envoy-upstream-service-time 14 x-cache HIT, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1211237226__F23rpjWk.jpg content-length 3502 x-request-id 3a9b4cb9d3228440b0e98bfe93d6ba53 x-backend-name US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103 last-modified Thu, 20 May 2021 19:48:09 GMT server nginx x-timer S1626294998.021870,VS0,VE1 etag "b6613a43a319238f8671f7f1a187a1cf" x-served-by cache-wdc5572-WDC, cache-dca17756-DCA, cache-fra19163-FRA vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 1, 1, 1
GET H2	200	fa994c0cfd1794dff5e0e03814adb5a8.png images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D93A	2 KB 2 KB	32ms 30ms	Image image/webp	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa994c0cfd1794dff5e0e03814adb5a8.png Requested by Host: adpatrof.com URL: https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39435&cb=3524011626294996567 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 59e600ef4a0d1713e80ebdb5c6cc0eab8034d0bd41b7b877488e7c4fd3c28818 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 0 date Wed, 14 Jul 2021 20:36:38 GMT via 1.1 varnish, 1.1 varnish age 2977499 edge-cache-tag 493534354062144842559118297370977842116,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70 x-ratelimit-remaining 100 x-envoy-upstream-service-time 15 expiration expiry-date="Sun, 20 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days" x-cache HIT, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa994c0cfd1794dff5e0e03814adb5a8.png content-length 2012 x-backend-name US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102 last-modified Thu, 20 May 2021 09:19:37 GMT server nginx x-timer S1626294998.078031,VS0,VE0 etag "73722dd3ee913e8845c17cecf0d93cb5" x-served-by cache-wdc5547-WDC, cache-dca17757-DCA, cache-fra19163-FRA vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 1, 1, 3
GET H2	200	a58c673d545e0b6642e244477e4216be.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D93A	4 KB 5 KB	35ms 31ms	Image image/webp	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a58c673d545e0b6642e244477e4216be.jpg Requested by Host: adpatrof.com URL: https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39435&cb=3524011626294996567 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 77e87482a0ae5250d42f38fab6e4b760fa03b889f89a05df8c8552b710801852 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 0 date Wed, 14 Jul 2021 20:36:38 GMT via 1.1 varnish, 1.1 varnish age 3075480 edge-cache-tag 512604651956073928652368717513344611718,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70 x-ratelimit-remaining 100 x-envoy-upstream-service-time 30 expiration expiry-date="Thu, 01 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days" x-cache HIT, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a58c673d545e0b6642e244477e4216be.jpg content-length 4048 x-backend-name CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801 last-modified Mon, 31 May 2021 14:07:19 GMT server nginx x-timer S1626294998.081341,VS0,VE0 etag "f57751abedc172912a9f8dcdc66c42dd" x-served-by cache-wdc5562-WDC, cache-dca17776-DCA, cache-fra19163-FRA vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 1, 1, 2
GET H2	200	1211237226__F23rpjWk.jpg images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame D93A	3 KB 4 KB	35ms 31ms	Image image/webp	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1211237226__F23rpjWk.jpg Requested by Host: adpatrof.com URL: https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39435&cb=3524011626294996567 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash de371e78bf8a9422c05b665f8b8109490c1ee316c0bb133e5ae6420117b9c3c6 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 0 date Wed, 14 Jul 2021 20:36:38 GMT via 1.1 varnish, 1.1 varnish age 3364773 edge-cache-tag 560333759055207090685620605423318594666,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-ratelimit-remaining 100 x-envoy-upstream-service-time 14 x-cache HIT, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1211237226__F23rpjWk.jpg content-length 3502 x-request-id 3a9b4cb9d3228440b0e98bfe93d6ba53 x-backend-name US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103 last-modified Thu, 20 May 2021 19:48:09 GMT server nginx x-timer S1626294998.081717,VS0,VE0 etag "b6613a43a319238f8671f7f1a187a1cf" x-served-by cache-wdc5572-WDC, cache-dca17756-DCA, cache-fra19163-FRA vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 1, 1, 2
POST H2	204	bulk Show response trc.taboola.com/dfiles728x90gr-r19604584/log/3/ Frame D93A	0 84 B	19ms 18ms	XHR image/gif	2a04:4e42:62::300 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/dfiles728x90gr-r19604584/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1 Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20210714-8-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:62::300 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-vcl-time-ms 11 pragma no-cache date Wed, 14 Jul 2021 20:36:39 GMT via 1.1 varnish server nginx x-timer S1626294999.005627,VS0,VE11 x-served-by cache-hhn11541-HHN x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://adpatrof.com cache-control no-cache access-control-allow-credentials true accept-ranges bytes content-type image/gif x-cache-hits 0
POST H2	204	visible Show response trc.taboola.com/dfiles728x90gr-r19604584/log/3/ Frame D93A	0 57 B	17ms 17ms	XHR image/gif	2a04:4e42:62::300 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/dfiles728x90gr-r19604584/log/3/visible?route=AM%3AAM%3AV&lti=deflated Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20210714-8-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:62::300 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-vcl-time-ms 11 pragma no-cache date Wed, 14 Jul 2021 20:36:39 GMT via 1.1 varnish server nginx x-timer S1626294999.007494,VS0,VE11 x-served-by cache-hhn11541-HHN x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin https://adpatrof.com cache-control no-cache access-control-allow-credentials true accept-ranges bytes content-type image/gif x-cache-hits 0
GET H2	200	f539211219b796ffbb49949997c764f0.png cdn.taboola.com/libtrc/static/thumbnails/ Frame D93A	254 B 754 B	30ms 29ms	Image image/png	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png Requested by Host: adpatrof.com URL: https://adpatrof.com/usersync?i=luc8kp3c2wcmn47n3xzj&a=715abbf33c9d0e6ddb68a766cd2d39435&cb=3524011626294996567 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC via 1.1 varnish etag "dfa7b52c86e56bd67fa4002f6ed19854" age 17955 x-cache HIT x-amz-replication-status COMPLETED content-length 254 x-amz-id-2 mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30= x-served-by cache-fra19163-FRA last-modified Wed, 24 Jun 2015 07:14:11 GMT server AmazonS3 x-amz-meta-s3cmd-attrs uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567 x-timer S1626294999.037354,VS0,VE0 date Wed, 14 Jul 2021 20:36:39 GMT x-amz-request-id 6P8Y14FA9N2SAAH6 cache-control private,max-age=31536000 accept-ranges bytes content-type image/png abp 25 x-cache-hits 10993
GET H/1.1	204 No Content	sync.php pixel.rubiconproject.com/exchange/ Frame 994A	0 239 B	129ms 31ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=16698 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 Content-Type image/gif
GET H2	204	/ sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 994A Redirect Chain https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9ZWbRjZXwF7k&ev=1&orig=trc&pid=562107	0 247 B	32ms 32ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9ZWbRjZXwF7k&ev=1&orig=trc&pid=562107 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers tbl-x-upstream 10.41.22.181:10213 date Wed, 14 Jul 2021 20:36:40 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 12669 Redirect headers strict-transport-security max-age=15768000 server Jetty(9.4.14.v20181114) p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" content-language en-US location https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=9ZWbRjZXwF7k&ev=1&orig=trc&pid=562107 cache-control private, max-age=0, no-cache, no-store cw-server bh-deployment-589cbd599f-9qfwx expires -1
GET H/1.1	200 OK	getuidnb ib.adnxs.com/ Frame 994A	43 B 677 B	32ms 31ms	Image image/gif	185.33.221.11 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 14 Jul 2021 20:36:39 GMT X-Proxy-Origin 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 1b4389a1-5818-43a0-980a-372d2c7afa9e Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ trc.taboola.com/sg/google-network/1/rtb-h/ Frame 994A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENWTc2jUPXidFwosbmHGJ58&google_cver=1	0 201 B	14ms 14ms	Image text/plain	2a04:4e42:62::300 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENWTc2jUPXidFwosbmHGJ58&google_cver=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:62::300 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 9 date Wed, 14 Jul 2021 20:36:40 GMT via 1.1 varnish server nginx x-timer S1626295000.163145,VS0,VE9 x-cache MISS x-cache-hits 0 accept-ranges bytes content-length 0 x-served-by cache-hhn11541-HHN Redirect headers pragma no-cache date Wed, 14 Jul 2021 20:36:40 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESENWTc2jUPXidFwosbmHGJ58&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 304 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 994A	42 B 545 B	82ms 27ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055:$UID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:40 GMT cache-control no-store, no-cache, private x-lat lhrpug010:0:278 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 994A Redirect Chain https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=2d83a1b0-6659-4142-a3d0-7eee5f93f89b-tuct7e8d058 https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=2d83a1b0-6659-4142-a3d0-7eee5f93f89b-tuct7e8d058&google_tc=	170 B 188 B	40ms 39ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=2d83a1b0-6659-4142-a3d0-7eee5f93f89b-tuct7e8d058&google_tc= Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 14 Jul 2021 20:36:40 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 14 Jul 2021 20:36:40 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=2d83a1b0-6659-4142-a3d0-7eee5f93f89b-tuct7e8d058&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 376 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 994A Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1ec5f14b-fbe8-4c3f-92b4-fa76ae3b082f	0 60 B	14ms 14ms	Image text/plain	2a04:4e42:62::300 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1ec5f14b-fbe8-4c3f-92b4-fa76ae3b082f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:62::300 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 9 date Wed, 14 Jul 2021 20:36:40 GMT via 1.1 varnish server nginx x-timer S1626295000.180978,VS0,VE9 x-cache MISS x-cache-hits 0 accept-ranges bytes content-length 0 x-served-by cache-hhn11541-HHN Redirect headers pragma no-cache date Wed, 14 Jul 2021 20:36:40 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1ec5f14b-fbe8-4c3f-92b4-fa76ae3b082f cache-control private,no-cache, must-revalidate content-type text/html content-length 239
GET H/1.1	204 No Content	merge ce.lijit.com/ Frame 994A Redirect Chain https://ce.lijit.com/merge?pid=42&3pid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&us_privacy=&gdpr=0&gdpr_consent= https://ce.lijit.com/merge?pid=42&3pid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&us_privacy=&gdpr=0&gdpr_consent=&dnr=1	0 433 B	43ms 43ms	Image text/plain	216.52.2.30 AS-INAPCDN-OCY
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=42&3pid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&us_privacy=&gdpr=0&gdpr_consent=&dnr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US), Reverse DNS Software nginx / raptor Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 14 Jul 2021 20:36:40 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap6ams1 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 14 Jul 2021 20:36:40 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Location https://ce.lijit.com/merge?pid=42&3pid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&us_privacy=&gdpr=0&gdpr_consent=&dnr=1 Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap6ams1 Content-Length 0 Expires Fri, 20 Mar 2009 00:00:00 GMT
GET H2	200	rtset bh.contextweb.com/bh/ Frame 994A	49 B 406 B	304ms 105ms	Image image/gif	198.148.27.140 PULSEPOINT
General Check archive.org Show headers Download Go to Show image Full URL https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US), Reverse DNS Software Jetty(9.4.14.v20181114) / Resource Hash d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15768000 server Jetty(9.4.14.v20181114) content-language en-US p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" cache-control private, max-age=0, no-cache, no-store content-type image/gif;charset=iso-8859-1 cw-server bh-deployment-589cbd599f-8b56n expires -1
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame 994A	43 B 697 B	99ms 31ms	Image image/gif	185.86.139.115 SMARTADSERVER
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 14 Jul 2021 20:36:39 GMT cache-control no-cache,no-store content-type image/gif transfer-encoding chunked p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET H2	204	put e1.emxdgt.com/ Frame 994A	0 59 B	143ms 28ms	Image text/html	18.195.155.181 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://e1.emxdgt.com/put?d=d41&uid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:39 GMT content-length 0 content-type text/html
GET H2	200	/ sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 994A Redirect Chain https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=d5ebf754-3291-4803-b86a-6acf7a1083a7	0 256 B	34ms 32ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=d5ebf754-3291-4803-b86a-6acf7a1083a7 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers tbl-x-upstream 10.41.10.104:10213 date Wed, 14 Jul 2021 20:36:40 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 12669 Redirect headers pragma no-cache x-errorlevel 0 server Microsoft-IIS/10.0 date Wed, 14 Jul 2021 20:36:39 GMT p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" location https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=d5ebf754-3291-4803-b86a-6acf7a1083a7 cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1862 content-type text/html; charset=utf-8 content-length 222 expires Wed, 14 Jul 2021 00:00:00 GMT
GET		gdpr_consent= sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/ Frame 994A Redirect Chain https://id5-sync.com/s/464/9.gif?puid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D... https://id5-sync.com/c/464/464/7/1.gif?puid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&gdpr=1&gdpr_consent= https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con... https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F6%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd... https://id5-sync.com/c/464/108/6/2.gif?puid=037e6341-909c-48a4-8934-e44f3d48d1c9&gdpr=1&gdpr_consent= https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMObOkOFTcTi3V5Sj_PFBD2pgpbVJJGtOvsItCvqQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fpuid%3D... https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMObOkOFTcTi3V5Sj_PFBD2pgpbVJJGtOvsItCvqQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F5%2F3.gif%3Fp... https://id5-sync.com/cq/464/124/5/3.gif?puid=7ad4b61b-4d47-4a10-bbe7-9c213b60aa6f&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= https://id5-sync.com/c/464/441/4/4.gif?puid=e_21b20e9a-fe96-4273-8edf-98a09e4ec2af&gdpr=1&gdpr_consent= https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F3%2F5.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1 https://id5-sync.com/c/464/9/3/5.gif?puid=GwfWTBwIMfL_i9wFLtGOFHfut8Yvvw-g5anXg0CHWBk&gdpr=1&gdpr_consent= https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi... https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103... https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEHRPWIDYmXUnW-qpczYJnOE&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0Rv... https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4583384604084776194&opid=apx&ops=&utidl=tech:goo:CAESEHRPWIDYmXUnW-qpczYJnOE&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0a... https://id5-sync.com/qp/18.gif?puid=vec%3A18973895730&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NiZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=	0 0
GET H2	204	rtb-h sync.taboola.com/sg/appierrtb-network/1/ Frame 994A Redirect Chain https://s.c.appier.net/taboola https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=p51MG1CuCvKP9nhq2ErvYA	0 246 B	32ms 32ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=p51MG1CuCvKP9nhq2ErvYA Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers tbl-x-upstream 10.40.0.195:10213 date Wed, 14 Jul 2021 20:36:40 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 17870 Redirect headers location https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=p51MG1CuCvKP9nhq2ErvYA date Wed, 14 Jul 2021 20:36:40 GMT cache-control no-store server nginx content-type text/html; charset=utf-8 content-length 110 p3p CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
GET H/1.1	200 OK	cookiesync bttrack.com/pixel/ Frame 994A	35 B 380 B	404ms 102ms	Image image/gif	192.132.33.46 BIDTELLECT
General Check archive.org Show headers Download Go to Show image Full URL https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US), Reverse DNS 46.bidtellect.com Software Microsoft-IIS/8.5 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-ServerName Track003-dc3 Pragma no-cache Date Wed, 14 Jul 2021 20:36:24 GMT X-AspNetMvc-Version 5.2 Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 P3P CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC" Cache-Control private,no-cache Content-Type image/gif Content-Length 35 Expires -1
GET H2	200	rtb-h sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 994A Redirect Chain https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=30959869-9efa-4d7f-8675-a1707bd86fc4&ssp=taboola https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ccb6e9cd-d7ea-4811-b2d4-50d939bdd8ee	0 255 B	32ms 32ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ccb6e9cd-d7ea-4811-b2d4-50d939bdd8ee Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers tbl-x-upstream 10.41.22.84:10213 date Wed, 14 Jul 2021 20:36:40 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 12674 Redirect headers location //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=ccb6e9cd-d7ea-4811-b2d4-50d939bdd8ee date Wed, 14 Jul 2021 20:36:40 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	rtb-h match.taboola.com/sg/mediaforcebidder-network/1/ Frame 994A Redirect Chain https://rtb.mfadsrvr.com/sync?ssp=taboola https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a467fc42-6d1f-4c29-9d39-8f72277cf2b5 https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a467fc42-6d1f-4c29-9d39-8f72277cf2b5&tbid=2d83a1b0-6659-4142-a3d0-7eee5f93f89b-tuct7e8d058&query=taboola_hm%3Da467fc42-6d1f-...	0 148 B	97ms 37ms	Image text/plain	199.232.137.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a467fc42-6d1f-4c29-9d39-8f72277cf2b5&tbid=2d83a1b0-6659-4142-a3d0-7eee5f93f89b-tuct7e8d058&query=taboola_hm%3Da467fc42-6d1f-4c29-9d39-8f72277cf2b5&isDirect=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:40 GMT via 1.1 varnish server nginx x-timer S1626295000.434389,VS0,VE9 x-cache MISS x-cache-hits 0 accept-ranges bytes content-length 0 x-served-by cache-hhn11545-HHN Redirect headers location https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a467fc42-6d1f-4c29-9d39-8f72277cf2b5&tbid=2d83a1b0-6659-4142-a3d0-7eee5f93f89b-tuct7e8d058&query=taboola_hm%3Da467fc42-6d1f-4c29-9d39-8f72277cf2b5&isDirect=0 tbl-x-upstream 10.41.22.84:10213 date Wed, 14 Jul 2021 20:36:40 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 12669
GET H2	200	sd u.openx.net/w/1.0/ Frame 994A	43 B 122 B	26ms 25ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://u.openx.net/w/1.0/sd?id=543998486&val=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software OXGW/16.210.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 14 Jul 2021 20:36:40 GMT via 1.1 google server OXGW/16.210.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	rtb-h sync.taboola.com/sg/betweenxrtb-network/1/ Frame 994A Redirect Chain https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=660785ab-7940-52c3-896b-9a03e984d0db	0 256 B	32ms 32ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=660785ab-7940-52c3-896b-9a03e984d0db Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers tbl-x-upstream 10.41.14.127:10213 date Wed, 14 Jul 2021 20:36:40 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 12669 Redirect headers location https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=660785ab-7940-52c3-896b-9a03e984d0db cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H2	200	101956 jadserve.postrelease.com/suid/ Frame 994A	43 B 428 B	309ms 99ms	Image image/gif	52.207.161.225 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.207.161.225 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx/1.12.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 14 Jul 2021 20:36:40 GMT server nginx/1.12.1 p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-type image/gif content-length 43 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H2	204	/ sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame 994A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=set-RK7ORG2HMq-c35NheQ&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_... https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&ui=set-RK7ORG2HMq-c35NheQ	0 115 B	32ms 31ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&ui=set-RK7ORG2HMq-c35NheQ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers tbl-x-upstream 10.41.14.127:10213 date Wed, 14 Jul 2021 20:36:40 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 12667 Redirect headers pragma no-cache date Wed, 14 Jul 2021 20:36:40 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&ui=set-RK7ORG2HMq-c35NheQ cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 340 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	xuid eb2.3lift.com/ Frame 994A Redirect Chain https://eb2.3lift.com/xuid?mid=7772&xuid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&dongle=tbla https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=	37 B 352 B	40ms 40ms	Image image/gif	13.248.245.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&dongle=tbla&gdpr=1&cmp_cs=&us_privacy= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.245.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:40 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location /xuid?ld=1&mid=7772&xuid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&dongle=tbla&gdpr=1&cmp_cs=&us_privacy= date Wed, 14 Jul 2021 20:36:40 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	cds-pips.js Show response cdn.taboola.com/scripts/ Frame D93A	2 KB 1 KB	28ms 28ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/scripts/cds-pips.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20210714-8-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id iYtYacMlAb7PnD4NbVgysKvLj2fov4iK content-encoding gzip etag "3aa74dbf5cd656dbb65deda2d238ddbd" age 277 x-cache HIT x-amz-replication-status COMPLETED content-length 911 x-amz-id-2 qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM= x-served-by cache-fra19163-FRA last-modified Wed, 14 Jul 2021 05:06:01 GMT server AmazonS3 x-timer S1626295000.991227,VS0,VE0 date Wed, 14 Jul 2021 20:36:39 GMT vary Accept-Encoding x-amz-request-id X0T5G34XC8D2QGE8 via 1.1 varnish cache-control private, max-age=3600 accept-ranges bytes content-type application/javascript abp 25 x-cache-hits 2048
GET H2	200	/ Show response pips.taboola.com/ Frame D93A	64 B 237 B	21ms 6ms	XHR text/plain	2a04:4e42:3::300 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pips.taboola.com/ Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/scripts/cds-pips.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash 163c5edc91f9c49c92cc2c0316236267126527c386bd63ecf6fae68988ca2b92 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:40 GMT via 1.1 varnish server Varnish x-served-by cache-fra19158-FRA access-control-allow-methods GET access-control-allow-origin https://adpatrof.com cache-control no-store x-cache HIT accept-ranges bytes content-length 64 retry-after 0 x-cache-hits 0
GET H/1.1	204 No Content	/ Show response cds.taboola.com/ Frame D93A	0 155 B	303ms 100ms	XHR text/plain	141.226.224.32 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://cds.taboola.com/?uid=d458aed1-87f0-4424-aebc-e821979b25ba-tuct7e8d055&uad=2fdc9dff64e35c1da87224be72196d266a5a59834b754e4e186adb6e48c6938f Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/scripts/cds-pips.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 14 Jul 2021 20:36:40 GMT Cache-Control no-store Server nginx Connection close
GET H2	204	ImgSync image8.pubmatic.com/AdServer/ Frame 87AE Redirect Chain https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUY1NjNGRjctNzlCMC00MTZELUIwN0UtRjNBREVFNEYyNjE5&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=	0 159 B	33ms 33ms	Image text/plain	185.64.189.216 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 20:36:40 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= date Wed, 14 Jul 2021 20:36:40 GMT cache-control no-store, no-cache, private x-lat lhrpug001:0:2947 server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 87AE Redirect Chain https://eu-u.openx.net/w/1.0/pd?plm=6&ph=aab12007-56b9-4b7e-b570-1ed0b579538e&gdpr=0 https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBP9l_W1mBWZpgGqPy7wbPo&google_cver=1	43 B 106 B	29ms 27ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBP9l_W1mBWZpgGqPy7wbPo&google_cver=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software OXGW/16.210.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://adpatrof.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 14 Jul 2021 20:36:40 GMT via 1.1 google server OXGW/16.210.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Wed, 14 Jul 2021 20:36:40 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBP9l_W1mBWZpgGqPy7wbPo&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 7269	52 KB 17 KB	89ms 28ms	Document text/html	151.101.13.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: cdn.adtrue.com URL: https://cdn.adtrue.com/pb/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://adpatrof.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://adpatrof.com/ Response headers Connection keep-alive Content-Length 17053 Server nginx/1.13.10 Content-Type text/html Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag W/"5fc7ff8f-cf34" Expires Tue, 13 Jul 2021 04:42:40 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Wed, 14 Jul 2021 20:36:40 GMT Age 57238 X-Served-By cache-lga21970-LGA, cache-fra19149-FRA X-Cache HIT, HIT X-Cache-Hits 1, 461261 X-Timer S1626295001.610682,VS0,VE0 Vary Accept-Encoding
GET H/1.1	200 OK	bounce Show response ib.adnxs.com/ Frame 7269 Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 803 B	41ms 41ms	Script text/html	185.33.221.11 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 14 Jul 2021 20:36:40 GMT X-Proxy-Origin 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 6a59fd0c-7b64-4a5b-baba-75ef0c4b28ee Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Wed, 14 Jul 2021 20:36:40 GMT X-Proxy-Origin 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 5c8fde25-779b-4c22-8753-4e565b47d6a5 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 7269	0 731 B	39ms 39ms	Script text/html	185.33.221.11 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 14 Jul 2021 20:36:41 GMT X-Proxy-Origin 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid d565a57e-1068-4d6f-9596-f3c836d69880 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

sync.crwdcntrl.net

URL

https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/1/7.gif?puid=${profile_id}&gdpr=1&gdpr_consent=